Report - eyol.link/r?url=//Assurant%E3%80%82energycomercio%E3%80%82com%E3%80%82br/omluabie/omowunmis/Assurant/YW5keS5zY2hhdXRAYXNzdXJhbnQuY29t

Report Overview

Submitted URL
eyol.link/r?url=//Assurant%E3%80%82energycomercio%E3%80%82com%E3%80%82br/omluabie/omowunmis/Assurant/YW5keS5zY2hhdXRAYXNzdXJhbnQuY29t
IP
172.67.210.42
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-03 20:58:02
Access
public
Website Title
assurant.energycomercio.com.br/omluabie/omowunmis/Assurant/YW5keS5zY2hhdXRAYXNzdXJhbnQuY29t
Final URL
assurant.energycomercio.com.br/omluabie/omowunmis/Assurant/YW5keS5zY2hhdXRAYXNzdXJhbnQuY29t
Tags
phishing microsoft outlook
urlquery detections
Phishing - Microsoft Outlook

Detections

urlquery
3
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
eyol.link	unknown	2020-09-24	2020-10-13	2024-04-11	2.5 kB	85 kB	172.67.210.42
challenges.cloudflare.com	unknown	2009-02-17	2021-10-20	2024-05-03	3.7 kB	127 kB	104.17.2.184
emersomnasonry.com	unknown	2024-02-08	2024-03-18	2024-04-11	513 B	0 B	0.0.0.0
assurant.energycomercio.com.br	unknown	unknown	No data	No data	567 B	231 B	192.185.214.195

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (23)

		Size	First Seen	Last Seen
	#1 Eval - fb168c6f0a9a8ea4e04f5796adfc47c6	28 B	2024-05-03	2024-05-03
Pretty Observations First Seen2024-05-03 22:58:09 Last Seen2024-05-03 22:58:09 Times Seen1 Hash fb168c6f0a9a8ea4e04f5796adfc47c6 96530d790f54e5ca76a54420a2ce7aa16e668d94 6b4718b9f56df6bc267757814be4c1fb15dc69441ddf3e82c2cda120641d410d Loading...

	#2 Eval - 30f12573399539771da17f2efb5069f0	28 B	2024-05-03	2024-05-03
Pretty Observations First Seen2024-05-03 22:58:09 Last Seen2024-05-03 22:58:09 Times Seen1 Hash 30f12573399539771da17f2efb5069f0 b488d2e04f28c5162fa1093fedccce3328db05a9 c53d0b4776ee50889d8393b622f443958d5c54d294a0d394015f47fee247f8de Loading...

	#3 Eval - 468edb5d3ce5ceb0616e9fce26831e8c	28 B	2024-05-03	2024-05-03
Pretty Observations First Seen2024-05-03 22:58:09 Last Seen2024-05-03 22:58:09 Times Seen1 Hash 468edb5d3ce5ceb0616e9fce26831e8c c9aa8c6dbae6f9f36fdb103c7ead2b5baa2c0cc0 a9c4b3a724cb31a8bf74325c6c9cd373eb597ede86c0e4c7e5af494f8b1be3e8 Loading...

	#4 Eval - 3242cfd5d58a63cb0fedb7f8fb2f076c	28 B	2024-05-03	2024-05-03
Pretty Observations First Seen2024-05-03 22:58:09 Last Seen2024-05-03 22:58:09 Times Seen1 Hash 3242cfd5d58a63cb0fedb7f8fb2f076c 0e962b2c892a662c5fbdc57e4ab987f9228b5749 c21b4eafe3605318654967414bef6b59a5ac4bf9abfec564604381239b18fc62 Loading...

	#5 Eval - 9e925e9341b490bfd3b4c4ca3b0c1ef2	4 B	2023-03-07	2024-05-18
Pretty Observations First Seen2023-03-07 01:03:43 Last Seen2024-05-18 02:37:45 Times Seen353014 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	#6 Eval - 4e8622cc6a311390aa44501e3d4543ec	28 B	2024-05-03	2024-05-03
Pretty Observations First Seen2024-05-03 22:58:09 Last Seen2024-05-03 22:58:09 Times Seen1 Hash 4e8622cc6a311390aa44501e3d4543ec edbb067310be1d4e0050eda349cba1364ce28a10 62dfe5b8a3db07a6931db9eaab0c447f55b47c5ff34596988eb323a81a869f82 Loading...

	#7 Eval - aaec00f15a0a9e8b2f55522a78fd691b	28 B	2024-05-03	2024-05-03
Pretty Observations First Seen2024-05-03 22:58:09 Last Seen2024-05-03 22:58:09 Times Seen1 Hash aaec00f15a0a9e8b2f55522a78fd691b 4e2ddf3bc0add51907a81ca295b228dca8af1e6c 20fa1b4bd393774421dade381a3d29ed13f9e335322d0b0bd09d50014ac05af1 Loading...

	#8 Eval - ec17f1199b3f078eb0f0b225f207265a	28 B	2024-05-03	2024-05-03
Pretty Observations First Seen2024-05-03 22:58:09 Last Seen2024-05-03 22:58:09 Times Seen1 Hash ec17f1199b3f078eb0f0b225f207265a 23aa6d9d40136cae10c21068ccd02fae2a6e315d 08ba05e212f4e131a524dab5732d01e507a06e49abaf826cf27154f710b2fa3a Loading...

	#9 Eval - 9c4cbc7ac8ec8c8899e2483324896516	28 B	2024-05-03	2024-05-03
Pretty Observations First Seen2024-05-03 22:58:09 Last Seen2024-05-03 22:58:09 Times Seen1 Hash 9c4cbc7ac8ec8c8899e2483324896516 944eabb0e98401bccddf1de5433026fc0449975e f2def402f817c7b0e7dfc7e8652d972a63fcee9b82c2c5e78fbc6c75073f2645 Loading...

	#10 Eval - 2d7471eb5bf8e7065b940c860221e7bf	28 B	2024-05-03	2024-05-03
Pretty Observations First Seen2024-05-03 22:58:09 Last Seen2024-05-03 22:58:09 Times Seen1 Hash 2d7471eb5bf8e7065b940c860221e7bf 8f8ca2b224c043a816743293b7effa2cfc6ca244 4e795e0d02f1e42cef6ec24b4dabcb8eb44d66cede837133ae4b71964c2ab98e Loading...

	#11 Eval - bd5a042cd8a5421c14de6f8af80aefd7	28 B	2024-05-03	2024-05-03
Pretty Observations First Seen2024-05-03 22:58:09 Last Seen2024-05-03 22:58:09 Times Seen1 Hash bd5a042cd8a5421c14de6f8af80aefd7 827e75c1b3a2bd3c42c9357853ac46650ec4dd90 c8bc3a2d8213c0e1c33421c3df483033641e2f7a5503a9829d9f935840a0e138 Loading...

	#12 Eval - c4e12880926628d43b51e882dab775b7	28 B	2024-05-03	2024-05-03
Pretty Observations First Seen2024-05-03 22:58:09 Last Seen2024-05-03 22:58:09 Times Seen1 Hash c4e12880926628d43b51e882dab775b7 e48cf2436aef186b5f72443e674079b50dcd639d e7107117edd1dbc42f52f76b0d16e1b3ee371d5596e030613420a688ad650c6e Loading...

	#13 Eval - 70f2b25f63ffab77a90a3bcf037466c9	28 B	2024-05-03	2024-05-03
Pretty Observations First Seen2024-05-03 22:58:09 Last Seen2024-05-03 22:58:09 Times Seen1 Hash 70f2b25f63ffab77a90a3bcf037466c9 d2c933eebe8c3be293feb3b02109a5486fb7af4a 3c198a9ae8e36e525f5a61cb38cfeb493a184d91ef3d45b1f7a4a320c6e3baac Loading...

	#14 Eval - e25daf5947ec35460fe567cb790a950e	28 B	2024-05-03	2024-05-03
Pretty Observations First Seen2024-05-03 22:58:09 Last Seen2024-05-03 22:58:09 Times Seen1 Hash e25daf5947ec35460fe567cb790a950e 9f06452efe1018cee9c582cd1a1f78b44cf9850b c2446ba3773dda709cc62285869478965bd99e8f50f1052a0ced58cd9259cfc8 Loading...

	#15 Eval - cf9b8bf339a4d146098f4314c089a648	28 B	2024-05-03	2024-05-03
Pretty Observations First Seen2024-05-03 22:58:09 Last Seen2024-05-03 22:58:09 Times Seen1 Hash cf9b8bf339a4d146098f4314c089a648 fbdaea2183a6ea1ddb8054acb007c855ce20c510 a11bc3464bcf5c94c449ff3691e9304c8cbe288f4bdca836e7716895af79c971 Loading...

	#16 Eval - 01bb1691784ddaa54837b98e221bef24	28 B	2024-05-03	2024-05-03
Pretty Observations First Seen2024-05-03 22:58:09 Last Seen2024-05-03 22:58:09 Times Seen1 Hash 01bb1691784ddaa54837b98e221bef24 cf34f3fbd98dbb6c78ca151d4ee9eb195072942b 66d381cebfc19ef2583a0d46544c163263fa01a0fb86d20e03895cc3315635c7 Loading...

	#17 Eval - 78bc2fd5956930c189f5bbe9200e61eb	2.8 kB	2024-05-03	2024-05-03
Pretty Observations First Seen2024-05-03 22:58:09 Last Seen2024-05-03 22:58:09 Times Seen1 Hash 78bc2fd5956930c189f5bbe9200e61eb 26b8b347d186329486efc23b1933be95f2846556 18c860941a2b1e27bec4b039000deb3a5dbb85aaa7e1e5fc7e9fa6fa28be2b5d Loading...

	#18 Eval - 732533e3646cf8e4fe17c069df5402af	28 B	2024-05-03	2024-05-03
Pretty Observations First Seen2024-05-03 22:58:09 Last Seen2024-05-03 22:58:09 Times Seen1 Hash 732533e3646cf8e4fe17c069df5402af 2da54fcfc36223d3b4b754879217ea008f9b6104 d5136a49e9d957ec12e524fdfaa2483dea1bea7c4ffd00b3f26e636937f3a68a Loading...

	#19 Eval - 301661fe3f1c73b2fcf4a511b148c1be	28 B	2024-05-03	2024-05-03
Pretty Observations First Seen2024-05-03 22:58:09 Last Seen2024-05-03 22:58:09 Times Seen1 Hash 301661fe3f1c73b2fcf4a511b148c1be c264278c7573cc3e1afd2b2d9c311c564cf6bd60 d6e2a5ac8b075fb511dcc394e2fcf4384a181879b235da3f5a880c1f9f534dd8 Loading...

	#20 Eval - 289e4504bfbcb46698a92f5da63e0a2d	62 B	2024-04-25	2024-05-06
Pretty Observations First Seen2024-04-25 19:17:05 Last Seen2024-05-06 16:16:09 Times Seen1078 Hash 289e4504bfbcb46698a92f5da63e0a2d a6dcf5b386a04b545d7e94c553c5947d8e95ec2b 3c82ba90261822f61f18c06c5f5efe8f16d31b2486e7dcf16e8c5be62809b917 Loading...

	#21 Eval - a49aed44bcbf64151356160885ffd4c4	28 B	2024-05-03	2024-05-03
Pretty Observations First Seen2024-05-03 22:58:09 Last Seen2024-05-03 22:58:09 Times Seen1 Hash a49aed44bcbf64151356160885ffd4c4 6429bd01cc01dcb67515e1cbfc85f0558ea859e9 86d058462d264cbcb6e50e328c6325ad712180e4115e85c153d5ed1ad8460e9c Loading...

	#22 Eval - 1ae6c4930486d03f400254a9c4603bd6	28 B	2024-05-03	2024-05-03
Pretty Observations First Seen2024-05-03 22:58:09 Last Seen2024-05-03 22:58:09 Times Seen1 Hash 1ae6c4930486d03f400254a9c4603bd6 5cf323f84a776ceeef6835b18f7f42063e820e2f 15c38f523b5727b9715c305200a04eecdb9fb7aaaf5ff1fbdf149f7bfd3d88eb Loading...

	#23 Eval - da4a8087a234443636b388c9de0b2d82	28 B	2024-05-03	2024-05-03
Pretty Observations First Seen2024-05-03 22:58:09 Last Seen2024-05-03 22:58:09 Times Seen1 Hash da4a8087a234443636b388c9de0b2d82 4a2bc7e724f37b13b3603e92630be2eb856ea8c7 e7d0c3c9356191f681e0638c70bc09c7676f7f73c33492c346c7244e39357658 Loading...

HTTP Transactions (11)

URL IP Response Size

eyol.link/r?url=//Assurant%E3%80%82energycomercio%E3%80%82com%E3%80%82br/omluabie/omowunmis/Assurant/YW5keS5zY2hhdXRAYXNzdXJhbnQuY29t

172.67.210.42

301 Moved Permanently

8.1 kB

URL User Request GET HTTP/1.1
eyol.link/r?url=//Assurant%E3%80%82energycomercio%E3%80%82com%E3%80%82br/omluabie/omowunmis/Assurant/YW5keS5zY2hhdXRAYXNzdXJhbnQuY29t
IP
172.67.210.42:80
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (17086), with no line terminators
Size
8.1 kB (8076 bytes)
Hash
0a0adac55b4b3cb25e11380247dc9d09
4d684bbb2a1e126120b3ebd547bbeba5bea4e173
af3758f6088912a514a7e98903353ca4ba7b2003af09a6761117520c336eb8f9

HTTP Headers

GET /r?url=//Assurant%E3%80%82energycomercio%E3%80%82com%E3%80%82br/omluabie/omowunmis/Assurant/YW5keS5zY2hhdXRAYXNzdXJhbnQuY29t HTTP/1.1
Host: eyol.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 403 Forbidden
date: Fri, 03 May 2024 20:57:37 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: i/rnJYoT/ZPwW01feFqvCuRjFX/kb+83/d5weWLiSADRw3wxXBJl5biZt2E+lYPoXm0fnzaGyrp5jZiDCZCFJDigR3MFG4TLpAINoKtSzZRf8QA459LxA0Q8Z4B1pz3ufInpL+F4bfsPKX7fhxUpLg==$sZ1B5QIUhkBrEPjFv0nlzQ==
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZCiD0K5Ap9A1ak%2BiZUn9y%2FgUPc%2FlECCqnhr2ZooB5oQyTlmPPUVm97EodOHs23x1yk47dtJBtiwWhvAc4UC3bMhWXSx9r7Q9KuCpHWy9ABNhsrUIf1YWKIJrXxk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e32a18682a0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

eyol.link/r?url=//Assurant%E3%80%82energycomercio%E3%80%82com%E3%80%82br/omluabie/omowunmis/Assurant/YW5keS5zY2hhdXRAYXNzdXJhbnQuY29t

172.67.210.42

301 Moved Permanently

167 B

URL User Request GET HTTP/1.1
eyol.link/r?url=//Assurant%E3%80%82energycomercio%E3%80%82com%E3%80%82br/omluabie/omowunmis/Assurant/YW5keS5zY2hhdXRAYXNzdXJhbnQuY29t
IP
172.67.210.42:80
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
0104c301c5e02bd6148b8703d19b3a73
7436e0b4b1f8c222c38069890b75fa2baf9ca620
446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f

HTTP Headers

GET /r?url=//Assurant%E3%80%82energycomercio%E3%80%82com%E3%80%82br/omluabie/omowunmis/Assurant/YW5keS5zY2hhdXRAYXNzdXJhbnQuY29t HTTP/1.1
Host: eyol.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Fri, 03 May 2024 20:57:37 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 03 May 2024 21:57:37 GMT
Location: https://eyol.link/r?url=//Assurant%E3%80%82energycomercio%E3%80%82com%E3%80%82br/omluabie/omowunmis/Assurant/YW5keS5zY2hhdXRAYXNzdXJhbnQuY29t
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BoIRLJSczgjc%2B9IhNuxnUIQL0DUsdfJmY%2Fz4C7i7e7VdTIwIGDTvQw6srvKhnFMOXp4zu5zyGlPp0TWypsJ6Zt5qj4VK7XRPpyYXu%2FSauLDPfAMDMHZfpwCVrY0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87e32a191d0d0b45-OSL
alt-svc: h2=":443"; ma=60

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D

104.17.2.184

61 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
9246cca8fc3c00f50035f28e9f6b7f7d
3aa538440f70873b574f40cd793060f53ec17a5d
c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/xh5ug/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 03 May 2024 20:57:38 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 87e32a1e5f5eb511-OSL
alt-svc: h3=":443"; ma=86400

eyol.link/cdn-cgi/challenge-platform/h/g/flow/ov1/1210437367:1714768238:d7irk28E-YcrroVk2lJ9O-_7VLfRj3j_D6x_HkIv4j0/87e32a192fcdb51b/353bb6b64df179a

172.67.210.42

46 kB

URL
eyol.link/cdn-cgi/challenge-platform/h/g/flow/ov1/1210437367:1714768238:d7irk28E-YcrroVk2lJ9O-_7VLfRj3j_D6x_HkIv4j0/87e32a192fcdb51b/353bb6b64df179a
IP
172.67.210.42:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (16364), with no line terminators
Size
46 kB (45791 bytes)
Hash
4ecbcd5cf01642d75849955287026d23
cfc98bf77c95701b5c454ed7bf0e05344ae009b9
99c3d2f94a5ef019a9ebbb0a0e9bb64f6f9db80e19f3ea9a2a82b371a102f06b

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1210437367:1714768238:d7irk28E-YcrroVk2lJ9O-_7VLfRj3j_D6x_HkIv4j0/87e32a192fcdb51b/353bb6b64df179a HTTP/1.1
Host: eyol.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eyol.link/r?url=//Assurant%E3%80%82energycomercio%E3%80%82com%E3%80%82br/omluabie/omowunmis/Assurant/YW5keS5zY2hhdXRAYXNzdXJhbnQuY29t
Content-type: application/x-www-form-urlencoded
CF-Challenge: 353bb6b64df179a
Content-Length: 2079
Origin: https://eyol.link
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 03 May 2024 20:57:38 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: /+ngAfIe8+kKurRwF+vHHzzBnydn0M8YlVNlQd138Jim4MTrKQyJqcTMc9QnxmMx$KWoIvdf4pB2ld4j9PiQ7Rw==
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G9xj7KLYtXi%2BhiJQcWpH2lO%2FmU9UEbwQzc6m%2FnVAwWkMHan%2BIAkcGErYZxfA0KPJDE%2FrbZgTi5VDtB0UWyYl5vd9XAA%2Bs7wo2Au3YDNJZwa0niMd6ZvGBZmmAFw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e32a1cbb40b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

eyol.link/favicon.ico

172.67.210.42

26 kB

URL
eyol.link/favicon.ico
IP
172.67.210.42:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (15922), with no line terminators
Size
26 kB (25710 bytes)
Hash
e09fe358a20df116f4cc9092f0a1aa19
b5b16e2c7b81e14b2865b4a3f4280f3d98d3d7bc
46901ac76345876b987eb6832222ecb4795d8bf662634cac89d47c29a964da53

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: eyol.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eyol.link/r?url=//Assurant%E3%80%82energycomercio%E3%80%82com%E3%80%82br/omluabie/omowunmis/Assurant/YW5keS5zY2hhdXRAYXNzdXJhbnQuY29t&__cf_chl_rt_tk=wv5MVkw3nkk3cazl0JbPoRAQkADvMOcLL5uj4TZIYXk-1714769857-0.0.1.1-1877
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 403 Forbidden
date: Fri, 03 May 2024 20:57:37 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: Pgh/Y9s9AdhL0BH7fPXxTqJyknDB711ibGWbxtD/EM1+COOrcJRV2lcbwkbUtRwhpn1X5aQayGSn4iWi3a7kvWJT/8bdBIz16zoDYNhLe2uFFysrSJPMTreGgQLypVIqCSHwBkZmcxy469NwSM33xw==$tyi2eUL2uH8MKy5Vi7Z14g==
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qn94RZ6XT54CKuXcW2XHi5SHZgxfjU8JVAkQRl5AYGhCTD3P2%2B1dunRbLamG2EHgfPoLPHhFHT3aJTNrL%2FUNMJT%2BP4Q%2BMErv8tx59TauCDZKx3NFgPN7KDxA%2FKk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e32a1b49e8b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/2031277818:1714768353:uiRE4tknviKFXvplN11fhWKWNJvUkHR_KWu3UxRWCuE/87e32a1dce9fb511/c9a0c88b38a02fd

104.17.2.184

100 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/2031277818:1714768353:uiRE4tknviKFXvplN11fhWKWNJvUkHR_KWu3UxRWCuE/87e32a1dce9fb511/c9a0c88b38a02fd
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
100 kB (99635 bytes)
Hash
8688b147dfc7a287da497e39d6b19f61
96c5b4487d2cecfebef283fd9edf776810883a16
3bbd8bec593b83e79a4be18452c4db438b2e90923cd18b8a40cfbbcf67af16ad

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/2031277818:1714768353:uiRE4tknviKFXvplN11fhWKWNJvUkHR_KWu3UxRWCuE/87e32a1dce9fb511/c9a0c88b38a02fd HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/xh5ug/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: c9a0c88b38a02fd
Content-Length: 3739
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 03 May 2024 20:57:38 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: R284oHFTGqJZMCnJcHA9JtzB13CXsIMMd+CvpO0n55HZcmfhN9vxTqy9t9Ykgry/o6hOAGszlTD6GTJVtIs3xBbyc7ks5BHmyvlE98+JZX/gDBB2X34Vz60fEcWY1dJV8vcWdE4WWNM/YjhXSFCZ/i+NvVN/P2lc3PpBpVfaJ65cWqkXvEP2ab0eqxki2/j22S0tY6RHrt/8y+q2E3nFylYwZVPEXNt/nuVqGUpemarNfrpFuJj59jUJu1Q7k3dIwU4KLW3aJRpAF3RVuiYE6PQ/mFS0ojsx9O2ivcq6+MseO3As6G2ObaMGwNNZxkhSH/CQqYAylY1O7vmCdpwtYBE/TVq+179v7ql3s+oD+NSeyAJ+XmT1zIBozYlScQzQAPZOie7JchL26P8pFPZx262DmChBywJSqVmKkpmHGeU=$r8f6i5F+ZcxHwXCOF6eKHg==
vary: accept-encoding
server: cloudflare
cf-ray: 87e32a20495fb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/87e32a1dce9fb511/1714769858620/5SYBlui4TL0u1Rn

104.17.2.184

61 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/87e32a1dce9fb511/1714769858620/5SYBlui4TL0u1Rn
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 53 x 12, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
974db331ca3079d854bb794234bc3d9c
9be7bd7743c8f056d0f1d5a5ef314858665b0883
25dd461d899ee75f5f6bf9892bd9af4301e665c5a1b450e17915078439f14ecb

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/i/87e32a1dce9fb511/1714769858620/5SYBlui4TL0u1Rn HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/xh5ug/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 03 May 2024 20:57:39 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 87e32a235c18b511-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/2031277818:1714768353:uiRE4tknviKFXvplN11fhWKWNJvUkHR_KWu3UxRWCuE/87e32a1dce9fb511/c9a0c88b38a02fd

104.17.2.184

3.8 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/2031277818:1714768353:uiRE4tknviKFXvplN11fhWKWNJvUkHR_KWu3UxRWCuE/87e32a1dce9fb511/c9a0c88b38a02fd
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (3488), with no line terminators
Size
3.8 kB (3838 bytes)
Hash
87749f43fed86dfea26e96bf72166a3d
9bfb7e6e604038587bca506ae31e2153e58977de
dd508df298acbc07a85fe2cedcb590288fbe0493f022469643ac2529e6a1f4d8

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/2031277818:1714768353:uiRE4tknviKFXvplN11fhWKWNJvUkHR_KWu3UxRWCuE/87e32a1dce9fb511/c9a0c88b38a02fd HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/xh5ug/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: c9a0c88b38a02fd
Content-Length: 38427
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 03 May 2024 20:57:43 GMT
content-type: text/html; charset=UTF-8
cf-chl-out: IfOYqZCbqR0QU/LdR+4dqTPEtn4iJ/mxT/R58z5Bq2JXawL6ARc7hgGm/zLU/qMMngaWCV6enJehO010ycj9pNpuMcatNBbOCRWBZAHyu1Dk2hq8lIfWphrQha4iEyKa$RyBPb1u7Cwccn+emA90qYQ==
cf-chl-out-s: GWWvJsqv4p+pan5oiLH9pg==$3hu631GWXN7ON8nSx79HUw==
vary: accept-encoding
server: cloudflare
cf-ray: 87e32a3dcebbb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/2031277818:1714768353:uiRE4tknviKFXvplN11fhWKWNJvUkHR_KWu3UxRWCuE/87e32a1dce9fb511/c9a0c88b38a02fd

104.17.2.184

22 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/2031277818:1714768353:uiRE4tknviKFXvplN11fhWKWNJvUkHR_KWu3UxRWCuE/87e32a1dce9fb511/c9a0c88b38a02fd
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (22320), with no line terminators
Size
22 kB (21969 bytes)
Hash
8319d71580d85d80c3b9ea4d5dca9ccb
7c5a2ec158e4c17f809ef8562a41a3adb155ca18
65d58dc4208f35230d436ab8d53cf5c97eba304035d79cc97a4790f218dad488

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/2031277818:1714768353:uiRE4tknviKFXvplN11fhWKWNJvUkHR_KWu3UxRWCuE/87e32a1dce9fb511/c9a0c88b38a02fd HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/xh5ug/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: c9a0c88b38a02fd
Content-Length: 28582
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 03 May 2024 20:57:40 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: oRA3HKaplW/fqMad3Jqy6mlytghklI1K3ptbHhF4n3z5Tizp1o7zrrTPMpjVWpXY$yMB6IikrtMl2nMhuxTwikw==
vary: accept-encoding
server: cloudflare
cf-ray: 87e32a2b6bf6b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

emersomnasonry.com/?bzdsvkju&qrc=andy.schaut@assurant.com

0.0.0.0

0 B

URL User Request GET
emersomnasonry.com/?bzdsvkju&qrc=andy.schaut@assurant.com
IP
0.0.0.0:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft Outlook

HTTP Headers

GET /?bzdsvkju&qrc=andy.schaut@assurant.com HTTP/1.1
Host: emersomnasonry.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

assurant.energycomercio.com.br/omluabie/omowunmis/Assurant/YW5keS5zY2hhdXRAYXNzdXJhbnQuY29t

192.185.214.195

200 OK

0 B

URL User Request GET HTTP/2
assurant.energycomercio.com.br/omluabie/omowunmis/Assurant/YW5keS5zY2hhdXRAYXNzdXJhbnQuY29t
IP
192.185.214.195:443
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

Certificate
IssuerLet's Encrypt
Subject*.energycomercio.com.br
Fingerprint15:1A:2B:C7:9E:46:52:99:4E:71:A0:08:D0:DD:86:99:0E:54:8B:7E
ValidityWed, 03 Apr 2024 22:29:37 GMT - Tue, 02 Jul 2024 22:29:36 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft Outlook

HTTP Headers

GET /omluabie/omowunmis/Assurant/YW5keS5zY2hhdXRAYXNzdXJhbnQuY29t HTTP/1.1
Host: assurant.energycomercio.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Sec-Fetch-User: ?1
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
refresh: 0;url=https://emersomnasonry.com/?bzdsvkju&qrc=andy.schaut@assurant.com
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 03 May 2024 20:57:44 GMT
server: Apache
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (23)

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

HTTP Transactions (11)

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers