Submitted URL: https://secure-web.cisco.com/1GwwOpBLkLTERDoXR2YqKJWOxGlWcCEhXwFBtQY_ArC5UIi22YgkuUQTfjeFDzhuerAmgoLczXfnCivVKzQFct7kGVEngb1aX_En70uadPgLT9IugYXC_D0aet5WBQA35xkd17U6ZT6H6Xn2TuNn8fS_nOJUZrp34NZgYr0IimmG398nGMPbM-3h8HKvzQJiK2vAca8AsDbVzZXK2vMMalV4qd5YRCsDVyeW7TsEeKB3yoeL-2uIkyBF1x7qXrzqIZ0y5sPyBW6D6bm_BYnIgg4NVUaYX-n6qyQjJsuTXLIOfxDoJA9hXzr7Dxy5uWqtIzu9LiyNXZMrgxR1jbBFjAEq4M1tW7ptEdcaY7tdKKEsEpzV4jNeu0KIe7ebExVVCefeERAKxZJVcwzkGTVzxMMBn2oG-nZZ9PzbN3Il9Ybj2wiDVCsrtwKkdokfJJKp0Ehu_yvTEbPacxLZMwX85aRRCoTqbdIX8zDGdAXNtTJOD4q4UtyAMwZ9XBwwCV3EzYaq5Z65iMLEgavhJ9NzpHg/https%3A%2F%2Fpramarc.com.br%2F17
Effective URL: https://pramarc.com.br/17/
Submission: On May 16 via manual from US

Summary

This website contacted 1 IPs in 2 countries across 3 domains to perform 18 HTTP transactions.
The main IP is 187.191.98.202, located in Brazil and belongs to Mandic S.A., BR. The main domain is pramarc.com.br.
TLS certificate: Issued by cPanel, Inc. Certification Authority on March 23rd 2019. Valid for: 3 months.
This is the first time this domain was scanned on urlscan.io!

Verdict: Malicious (Score: 100/100) Show Details

  • urlscan - Score: 100
    phishing
    Phishing against Outlook (Online)
  • googlesafebrowsing - Score: 100 (1 resources matched) -
    social_engineering

Domain & IP information

IP Address AS Autonomous System
1 1 2620:101:2005... 16417 (IRONPORT-...)
1 19 187.191.98.202 262545 (Mandic S.A.)
18 1
Domain
Subdomains
Transfer
17 safirasom.com.br
67 KB
2 pramarc.com.br
747 B
1 cisco.com
269 B
18 3
Domain Requested by
17 safirasom.com.br safirasom.com.br
2 pramarc.com.br 1 redirects
1 secure-web.cisco.com 1 redirects
18 3

This site contains links to these domains. Also see Links.

Domain
Subject / Issuer Validity Valid
pramarc.com.br
cPanel, Inc. Certification Authority
2019-03-23 -
2019-06-21
3 months
safirasom.com.br
cPanel, Inc. Certification Authority
2019-03-23 -
2019-06-21
3 months

Screenshot


Detected technologies

Web
Overall confidence: 100%
Detected patterns
  • headers server /mod_perl(?:\/([\d\.]+))?/i

Web
Overall confidence: 100%
Detected patterns
  • headers server /Unix/i

Web
Overall confidence: 100%
Detected patterns
  • headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i

Web
Overall confidence: 100%
Detected patterns
  • headers server /mod_perl(?:\/([\d\.]+))?/i

Web
Overall confidence: 100%
Detected patterns
  • headers server /mod_ssl(?:\/([\d.]+))?/i

Web
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
  • headers server /mod_perl(?:\/([\d\.]+))?/i
  • headers server /mod_ssl(?:\/([\d.]+))?/i


Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

18 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
/17
Redirect Chain
  • https://secure-web.cisco.com/1GwwOpBLkLTERDoXR2YqKJWOxGlWcCEhXwFBtQY_ArC5UIi22YgkuUQTfjeFDzhuerAmgoLczXfnCivVKzQFct7kGVEngb1aX_En70uadPgLT9IugYXC_D0aet5WBQA35xkd17U6ZT6H6Xn2TuNn8fS_nOJUZrp34NZgYr0I...
  • https://pramarc.com.br/17
  • https://pramarc.com.br/17/
140 B
429 B
Document
General
Full URL
https://pramarc.com.br/17/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
187.191.98.202 , Brazil, ASN262545 (Mandic S.A., BR),
Reverse DNS
mail01.emidhost4.com.br
Software
Apache/2.2.31 (Unix) mod_ssl/2.2.31 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_qos/11.5 mod_perl/2.0.8 Perl/v5.10.1 / PHP/5.5.30
Resource Hash
09a88be03bab33b43c8e6f0a95a9ef6ae36abd9116080e76b80cd130f043285c

Request headers

Host
pramarc.com.br
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 16 May 2019 01:37:56 GMT
Server
Apache/2.2.31 (Unix) mod_ssl/2.2.31 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_qos/11.5 mod_perl/2.0.8 Perl/v5.10.1
X-Powered-By
PHP/5.5.30
Connection
close
Transfer-Encoding
chunked
Content-Type
text/html

Redirect headers

Date
Thu, 16 May 2019 01:37:56 GMT
Server
Apache/2.2.31 (Unix) mod_ssl/2.2.31 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_qos/11.5 mod_perl/2.0.8 Perl/v5.10.1
Location
https://pramarc.com.br/17/
Content-Length
234
Connection
close
Content-Type
text/html; charset=iso-8859-1
webnet.php?code=2018900
safirasom.com.br/.voice
7 KB
8 KB
Document
General
Full URL
https://safirasom.com.br/.voice/webnet.php?code=2018900
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
187.191.98.202 , Brazil, ASN262545 (Mandic S.A., BR),
Reverse DNS
mail01.emidhost4.com.br
Software
Apache/2.2.31 (Unix) mod_ssl/2.2.31 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_qos/11.5 mod_perl/2.0.8 Perl/v5.10.1 / PHP/5.5.30
Resource Hash
9f955bc697647ed9934566809a0c7cfc2888e5878749f0b947c56709993a4676

Request headers

Host
safirasom.com.br
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://pramarc.com.br/17/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://pramarc.com.br/17/

Response headers

Date
Thu, 16 May 2019 01:37:57 GMT
Server
Apache/2.2.31 (Unix) mod_ssl/2.2.31 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_qos/11.5 mod_perl/2.0.8 Perl/v5.10.1
X-Powered-By
PHP/5.5.30
Content-Length
7607
Connection
close
Content-Type
text/html
style.css
safirasom.com.br/.voice/sys_files
12 KB
12 KB
Stylesheet
General
Full URL
https://safirasom.com.br/.voice/sys_files/style.css
Requested by
Host: safirasom.com.br
URL: https://safirasom.com.br/.voice/webnet.php?code=2018900
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
187.191.98.202 , Brazil, ASN262545 (Mandic S.A., BR),
Reverse DNS
mail01.emidhost4.com.br
Software
Apache/2.2.31 (Unix) mod_ssl/2.2.31 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_qos/11.5 mod_perl/2.0.8 Perl/v5.10.1 /
Resource Hash
357ad57ec2e6b786911147ce90a41f174113788ccab1344363af5e9d8bdd220f

Request headers

Referer
https://safirasom.com.br/.voice/webnet.php?code=2018900
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 16 May 2019 01:37:58 GMT
Last-Modified
Wed, 30 Jan 2019 19:21:02 GMT
Server
Apache/2.2.31 (Unix) mod_ssl/2.2.31 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_qos/11.5 mod_perl/2.0.8 Perl/v5.10.1
ETag
"1140554-3079-580b1cf7a0380"
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
12409
vipbox.css
safirasom.com.br/.voice/sys_files
7 KB
7 KB
Stylesheet
General
Full URL
https://safirasom.com.br/.voice/sys_files/vipbox.css
Requested by
Host: safirasom.com.br
URL: https://safirasom.com.br/.voice/webnet.php?code=2018900
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
187.191.98.202 , Brazil, ASN262545 (Mandic S.A., BR),
Reverse DNS
mail01.emidhost4.com.br
Software
Apache/2.2.31 (Unix) mod_ssl/2.2.31 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_qos/11.5 mod_perl/2.0.8 Perl/v5.10.1 /
Resource Hash
39844e2223b2d66d42606411851e196e945636b50d6733cfff841562504811b9

Request headers

Referer
https://safirasom.com.br/.voice/webnet.php?code=2018900
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 16 May 2019 01:37:58 GMT
Last-Modified
Wed, 30 Jan 2019 09:25:40 GMT
Server
Apache/2.2.31 (Unix) mod_ssl/2.2.31 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_qos/11.5 mod_perl/2.0.8 Perl/v5.10.1
ETag
"1140555-1bab-580a97e478d00"
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
7083
vipbox2.css
safirasom.com.br/.voice/sys_files
16 KB
16 KB
Stylesheet
General
Full URL
https://safirasom.com.br/.voice/sys_files/vipbox2.css
Requested by
Host: safirasom.com.br
URL: https://safirasom.com.br/.voice/webnet.php?code=2018900
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
187.191.98.202 , Brazil, ASN262545 (Mandic S.A., BR),
Reverse DNS
mail01.emidhost4.com.br
Software
Apache/2.2.31 (Unix) mod_ssl/2.2.31 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_qos/11.5 mod_perl/2.0.8 Perl/v5.10.1 /
Resource Hash
2c81d1cc107ecb0f6cc3dd552db0d89ebf1316093f1a10f240448f1353528d40

Request headers

Referer
https://safirasom.com.br/.voice/webnet.php?code=2018900
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 16 May 2019 01:37:58 GMT
Last-Modified
Wed, 30 Jan 2019 19:15:22 GMT
Server
Apache/2.2.31 (Unix) mod_ssl/2.2.31 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_qos/11.5 mod_perl/2.0.8 Perl/v5.10.1
ETag
"1140556-3e56-580b1bb360680"
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
15958
vip_loader.gif
safirasom.com.br/.voice/sys_files
11 KB
11 KB
Image
General
Full URL
https://safirasom.com.br/.voice/sys_files/vip_loader.gif
Requested by
Host: safirasom.com.br
URL: https://safirasom.com.br/.voice/webnet.php?code=2018900
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
187.191.98.202 , Brazil, ASN262545 (Mandic S.A., BR),
Reverse DNS
mail01.emidhost4.com.br
Software
Apache/2.2.31 (Unix) mod_ssl/2.2.31 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_qos/11.5 mod_perl/2.0.8 Perl/v5.10.1 /
Resource Hash
c25d862edf05673682a5b35125f0524fbe869e3483388ffb0cd2874e4111e710

Request headers

Referer
https://safirasom.com.br/.voice/webnet.php?code=2018900
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 16 May 2019 01:37:58 GMT
Last-Modified
Wed, 30 Jan 2019 05:28:16 GMT
Server
Apache/2.2.31 (Unix) mod_ssl/2.2.31 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_qos/11.5 mod_perl/2.0.8 Perl/v5.10.1
ETag
"1140559-2a43-580a62d455c00"
Content-Type
image/gif
Connection
close
Accept-Ranges
bytes
Content-Length
10819
obg.png
safirasom.com.br/.voice/sys_files
8 KB
8 KB
Image
General
Full URL
https://safirasom.com.br/.voice/sys_files/obg.png
Requested by
Host: safirasom.com.br
URL: https://safirasom.com.br/.voice/webnet.php?code=2018900
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
187.191.98.202 , Brazil, ASN262545 (Mandic S.A., BR),
Reverse DNS
mail01.emidhost4.com.br
Software
Apache/2.2.31 (Unix) mod_ssl/2.2.31 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_qos/11.5 mod_perl/2.0.8 Perl/v5.10.1 /
Resource Hash
04536a7050299e4c85228efea665154c36cd7e5b4e7c5a15cadd1c568b5bdbd7

Request headers

Referer
https://safirasom.com.br/.voice/webnet.php?code=2018900
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 16 May 2019 01:37:58 GMT
Last-Modified
Mon, 04 Feb 2019 06:51:36 GMT
Server
Apache/2.2.31 (Unix) mod_ssl/2.2.31 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_qos/11.5 mod_perl/2.0.8 Perl/v5.10.1
ETag
"1140553-1ec1-5810bec802e00"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
7873
o.png
safirasom.com.br/.voice/sys_files
3 KB
4 KB
Image
General
Full URL
https://safirasom.com.br/.voice/sys_files/o.png
Requested by
Host: safirasom.com.br
URL: https://safirasom.com.br/.voice/webnet.php?code=2018900
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
187.191.98.202 , Brazil, ASN262545 (Mandic S.A., BR),
Reverse DNS
mail01.emidhost4.com.br
Software
Apache/2.2.31 (Unix) mod_ssl/2.2.31 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_qos/11.5 mod_perl/2.0.8 Perl/v5.10.1 /
Resource Hash
723e6c54cc2dbefd9721adc01e58f839f678ff66f26e15efe72fc5a27b0b2c4c

Request headers

Referer
https://safirasom.com.br/.voice/webnet.php?code=2018900
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 16 May 2019 01:37:58 GMT
Last-Modified
Wed, 30 Jan 2019 08:32:22 GMT
Server
Apache/2.2.31 (Unix) mod_ssl/2.2.31 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_qos/11.5 mod_perl/2.0.8 Perl/v5.10.1
ETag
"1140552-d53-580a8bfa9f180"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
3411
close-icon.png
safirasom.com.br/.voice/images
345 B
345 B
Image
General
Full URL
https://safirasom.com.br/.voice/images/close-icon.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
187.191.98.202 , Brazil, ASN262545 (Mandic S.A., BR),
Reverse DNS
mail01.emidhost4.com.br
Software
Apache/2.2.31 (Unix) mod_ssl/2.2.31 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_qos/11.5 mod_perl/2.0.8 Perl/v5.10.1 /
Resource Hash
b9749c1abae55c184009bbc78e9b0f06d4698c3912b249323df8315c9d1dacff

Request headers

Referer
https://safirasom.com.br/.voice/sys_files/vipbox2.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 16 May 2019 01:38:00 GMT
Server
Apache/2.2.31 (Unix) mod_ssl/2.2.31 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_qos/11.5 mod_perl/2.0.8 Perl/v5.10.1
Connection
close
Content-Length
345
Content-Type
text/html; charset=iso-8859-1
error-icon-medium.png
safirasom.com.br/.voice/images
352 B
352 B
Image
General
Full URL
https://safirasom.com.br/.voice/images/error-icon-medium.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
187.191.98.202 , Brazil, ASN262545 (Mandic S.A., BR),
Reverse DNS
mail01.emidhost4.com.br
Software
Apache/2.2.31 (Unix) mod_ssl/2.2.31 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_qos/11.5 mod_perl/2.0.8 Perl/v5.10.1 /
Resource Hash
753c4d419ab3249ea0b7235cf78f3159b560ce9d8eaf1d9cd395e44c4fee88db

Request headers

Referer
https://safirasom.com.br/.voice/sys_files/vipbox2.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 16 May 2019 01:38:00 GMT
Server
Apache/2.2.31 (Unix) mod_ssl/2.2.31 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_qos/11.5 mod_perl/2.0.8 Perl/v5.10.1
Connection
close
Content-Length
352
Content-Type
text/html; charset=iso-8859-1
NotoSans-Light.woff2
safirasom.com.br/.voice/fonts
0
0
Font
General
Full URL
https://safirasom.com.br/.voice/fonts/NotoSans-Light.woff2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
187.191.98.202 , Brazil, ASN262545 (Mandic S.A., BR),
Reverse DNS
mail01.emidhost4.com.br
Software
Apache/2.2.31 (Unix) mod_ssl/2.2.31 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_qos/11.5 mod_perl/2.0.8 Perl/v5.10.1 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://safirasom.com.br/.voice/sys_files/vipbox2.css
Origin
https://safirasom.com.br

Response headers

Date
Thu, 16 May 2019 01:38:00 GMT
Server
Apache/2.2.31 (Unix) mod_ssl/2.2.31 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_qos/11.5 mod_perl/2.0.8 Perl/v5.10.1
Connection
close
Content-Length
350
Content-Type
text/html; charset=iso-8859-1
symantec-logo-powerby.png
safirasom.com.br/.voice/images
356 B
356 B
Image
General
Full URL
https://safirasom.com.br/.voice/images/symantec-logo-powerby.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
187.191.98.202 , Brazil, ASN262545 (Mandic S.A., BR),
Reverse DNS
mail01.emidhost4.com.br
Software
Apache/2.2.31 (Unix) mod_ssl/2.2.31 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_qos/11.5 mod_perl/2.0.8 Perl/v5.10.1 /
Resource Hash
74d51fd4e585851120cf1bdb8aa93076e5178269a2d96374915983e88d8f0f16

Request headers

Referer
https://safirasom.com.br/.voice/sys_files/vipbox2.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 16 May 2019 01:38:00 GMT
Server
Apache/2.2.31 (Unix) mod_ssl/2.2.31 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_qos/11.5 mod_perl/2.0.8 Perl/v5.10.1
Connection
close
Content-Length
356
Content-Type
text/html; charset=iso-8859-1
Graphik-Medium-Web.woff2
safirasom.com.br/static/ls/css/font
0
0
Font
General
Full URL
https://safirasom.com.br/static/ls/css/font/Graphik-Medium-Web.woff2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
187.191.98.202 , Brazil, ASN262545 (Mandic S.A., BR),
Reverse DNS
mail01.emidhost4.com.br
Software
Apache/2.2.31 (Unix) mod_ssl/2.2.31 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_qos/11.5 mod_perl/2.0.8 Perl/v5.10.1 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://safirasom.com.br/.voice/sys_files/style.css
Origin
https://safirasom.com.br

Response headers

Date
Thu, 16 May 2019 01:38:00 GMT
Server
Apache/2.2.31 (Unix) mod_ssl/2.2.31 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_qos/11.5 mod_perl/2.0.8 Perl/v5.10.1
Connection
close
Content-Length
360
Content-Type
text/html; charset=iso-8859-1
Graphik-Regular-Web.woff2
safirasom.com.br/static/ls/css/font
0
0
Font
General
Full URL
https://safirasom.com.br/static/ls/css/font/Graphik-Regular-Web.woff2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
187.191.98.202 , Brazil, ASN262545 (Mandic S.A., BR),
Reverse DNS
mail01.emidhost4.com.br
Software
Apache/2.2.31 (Unix) mod_ssl/2.2.31 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_qos/11.5 mod_perl/2.0.8 Perl/v5.10.1 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://safirasom.com.br/.voice/sys_files/style.css
Origin
https://safirasom.com.br

Response headers

Date
Thu, 16 May 2019 01:38:00 GMT
Server
Apache/2.2.31 (Unix) mod_ssl/2.2.31 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_qos/11.5 mod_perl/2.0.8 Perl/v5.10.1
Connection
close
Content-Length
361
Content-Type
text/html; charset=iso-8859-1
NotoSans-Light.woff
safirasom.com.br/.voice/fonts
0
0
Font
General
Full URL
https://safirasom.com.br/.voice/fonts/NotoSans-Light.woff
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
187.191.98.202 , Brazil, ASN262545 (Mandic S.A., BR),
Reverse DNS
mail01.emidhost4.com.br
Software
Apache/2.2.31 (Unix) mod_ssl/2.2.31 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_qos/11.5 mod_perl/2.0.8 Perl/v5.10.1 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://safirasom.com.br/.voice/sys_files/vipbox2.css
Origin
https://safirasom.com.br

Response headers

Date
Thu, 16 May 2019 01:38:00 GMT
Server
Apache/2.2.31 (Unix) mod_ssl/2.2.31 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_qos/11.5 mod_perl/2.0.8 Perl/v5.10.1
Connection
close
Content-Length
349
Content-Type
text/html; charset=iso-8859-1
Graphik-Medium-Web.woff
safirasom.com.br/static/ls/css/font
0
0
Font
General
Full URL
https://safirasom.com.br/static/ls/css/font/Graphik-Medium-Web.woff
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
187.191.98.202 , Brazil, ASN262545 (Mandic S.A., BR),
Reverse DNS
mail01.emidhost4.com.br
Software
Apache/2.2.31 (Unix) mod_ssl/2.2.31 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_qos/11.5 mod_perl/2.0.8 Perl/v5.10.1 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://safirasom.com.br/.voice/sys_files/style.css
Origin
https://safirasom.com.br

Response headers

Date
Thu, 16 May 2019 01:38:00 GMT
Server
Apache/2.2.31 (Unix) mod_ssl/2.2.31 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_qos/11.5 mod_perl/2.0.8 Perl/v5.10.1
Connection
close
Content-Length
359
Content-Type
text/html; charset=iso-8859-1
Graphik-Regular-Web.woff
safirasom.com.br/static/ls/css/font
0
0
Font
General
Full URL
https://safirasom.com.br/static/ls/css/font/Graphik-Regular-Web.woff
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
187.191.98.202 , Brazil, ASN262545 (Mandic S.A., BR),
Reverse DNS
mail01.emidhost4.com.br
Software
Apache/2.2.31 (Unix) mod_ssl/2.2.31 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_qos/11.5 mod_perl/2.0.8 Perl/v5.10.1 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://safirasom.com.br/.voice/sys_files/style.css
Origin
https://safirasom.com.br

Response headers

Date
Thu, 16 May 2019 01:38:00 GMT
Server
Apache/2.2.31 (Unix) mod_ssl/2.2.31 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_qos/11.5 mod_perl/2.0.8 Perl/v5.10.1
Connection
close
Content-Length
360
Content-Type
text/html; charset=iso-8859-1
NotoSans-Light.ttf
safirasom.com.br/.voice/fonts
0
0
Font
General
Full URL
https://safirasom.com.br/.voice/fonts/NotoSans-Light.ttf
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
187.191.98.202 , Brazil, ASN262545 (Mandic S.A., BR),
Reverse DNS
mail01.emidhost4.com.br
Software
Apache/2.2.31 (Unix) mod_ssl/2.2.31 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_qos/11.5 mod_perl/2.0.8 Perl/v5.10.1 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://safirasom.com.br/.voice/sys_files/vipbox2.css
Origin
https://safirasom.com.br

Response headers

Date
Thu, 16 May 2019 01:38:01 GMT
Server
Apache/2.2.31 (Unix) mod_ssl/2.2.31 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_qos/11.5 mod_perl/2.0.8 Perl/v5.10.1
Connection
close
Content-Length
348
Content-Type
text/html; charset=iso-8859-1

Redirect requests

There were HTTP redirects (301, 302) for the following requests:

Request 0
  • https://secure-web.cisco.com/1GwwOpBLkLTERDoXR2YqKJWOxGlWcCEhXwFBtQY_ArC5UIi22YgkuUQTfjeFDzhuerAmgoLczXfnCivVKzQFct7kGVEngb1aX_En70uadPgLT9IugYXC_D0aet5WBQA35xkd17U6ZT6H6Xn2TuNn8fS_nOJUZrp34NZgYr0I...
  • https://pramarc.com.br/17
  • https://pramarc.com.br/17/

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan - Score: 100

Categories:
phishing

Tags:
phishing

Phishing against: Outlook (Online)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask

0 Cookies