ferreiragascuritiba.com.br/accesing349870ujcsiwverify/owa/
216.172.172.178200 OK 21 kB URL User Request GET HTTP/2 ferreiragascuritiba.com.br/accesing349870ujcsiwverify/owa/
IP 216.172.172.178:443
ASN #19871 NETWORK-SOLUTIONS-HOSTING
Certificate IssuerLet's Encrypt
Subjectferreiragascuritiba.com.br
FingerprintA1:AE:29:91:93:64:F6:3A:C4:EB:5F:CF:27:3C:28:44:55:E0:CB:81
ValidityThu, 22 Feb 2024 18:44:30 GMT - Wed, 22 May 2024 18:44:29 GMT
File type gzip compressed data, from Unix
Hash 31c31046f7d214285b6834196a5e208a
5ae257be12382a5f8223149dafe1c9915b743ae1
ec9fe288c8d44266a43d841bcd4a4929618d02ca8d293a2a4eb8f54f74b15219
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
urlquery suspicious Suspicious - Anti-debugging code
OpenPhish phishing Outlook
GET /accesing349870ujcsiwverify/owa/ HTTP/1.1
Host: ferreiragascuritiba.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Fri, 23 Feb 2024 20:56:28 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
date: Sat, 20 Apr 2024 05:42:25 GMT
server: Apache
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
142.250.74.170200 OK 31 kB URL GET HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
IP 142.250.74.170:443
Requested by https://ferreiragascuritiba.com.br/accesing349870ujcsiwverify/owa/
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2
ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File type JavaScript source, ASCII text, with very long lines (65451)
Hash 220afd743d9e9643852e31a135a9f3ae
88523924351bac0b5d560fe0c5781e2556e7693d
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ferreiragascuritiba.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:35:08 GMT
expires: Fri, 18 Apr 2025 02:35:08 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 184038
last-modified: Mon, 13 May 2019 14:37:17 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
webmail.addaxpetroleum.com/owa/auth/15.0.1497/themes/resources/segoeui-semilight.ttf
52.136.245.70200 OK 42 kB URL GET HTTP/1.1 webmail.addaxpetroleum.com/owa/auth/15.0.1497/themes/resources/segoeui-semilight.ttf
IP 52.136.245.70:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://ferreiragascuritiba.com.br/accesing349870ujcsiwverify/owa/
Certificate IssuerDigiCert Inc
Subjectsmtp.addaxpetroleum.com
Fingerprint63:F4:03:E9:26:C2:9F:F0:C4:7B:F2:A3:D4:26:75:B1:F8:B2:F1:89
ValidityWed, 31 May 2023 00:00:00 GMT - Sun, 30 Jun 2024 23:59:59 GMT
File type TrueType Font data, 16 tables, 1st "OS/2", 11 names, Microsoft, language 0x409, � 2010 Microsoft Corporation. All Rights Reserved.RegularSegoe UI SemilightVersion 1.00 build 16
Hash 6c26c24aabe31040657665b1e0d9505c
b3bdc48643752665e3e5798a192b27432a87d234
2d508a6e8979bba74b6fdf804c01a09a620c781e0fea73a8eefda904f5bcab25
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
GET /owa/auth/15.0.1497/themes/resources/segoeui-semilight.ttf HTTP/1.1
Host: webmail.addaxpetroleum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ferreiragascuritiba.com.br
DNT: 1
Connection: keep-alive
Referer: https://ferreiragascuritiba.com.br/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: public,max-age=2592000
Content-Type: application/octet-stream
Last-Modified: Wed, 29 May 2019 00:02:58 GMT
Accept-Ranges: bytes
ETag: "0e579dfb115d51:0"
Server: Microsoft-IIS/10.0
request-id: a87880f8-08c0-448d-9e79-4d8da3f28b9f
Set-Cookie: ClientId=AERUCU0KK9AQWGUW; expires=Sun, 20-Apr-2025 05:42:26 GMT; path=/; HttpOnly
X-Powered-By: ASP.NET
Date: Sat, 20 Apr 2024 05:42:26 GMT
Content-Length: 41560
webmail.addaxpetroleum.com/owa/auth/15.0.1497/themes/resources/favicon.ico
52.136.245.70200 OK 7.9 kB URL GET HTTP/1.1 webmail.addaxpetroleum.com/owa/auth/15.0.1497/themes/resources/favicon.ico
IP 52.136.245.70:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://ferreiragascuritiba.com.br/accesing349870ujcsiwverify/owa/
Certificate IssuerDigiCert Inc
Subjectsmtp.addaxpetroleum.com
Fingerprint63:F4:03:E9:26:C2:9F:F0:C4:7B:F2:A3:D4:26:75:B1:F8:B2:F1:89
ValidityWed, 31 May 2023 00:00:00 GMT - Sun, 30 Jun 2024 23:59:59 GMT
File type MS Windows icon resource - 3 icons, 32x32, 32 bits/pixel, 24x24, 32 bits/pixel
Hash 759fade9033aa298629e4b000dcd6dde
34a1adf5c7326d7bde5b5735471b5d81e611c189
cf0808a61ec571e0c4975663903b288009d55502ac0445d9948983b339a5cf6e
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
GET /owa/auth/15.0.1497/themes/resources/favicon.ico HTTP/1.1
Host: webmail.addaxpetroleum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ferreiragascuritiba.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: public,max-age=2592000
Content-Type: image/x-icon
Last-Modified: Wed, 29 May 2019 00:02:58 GMT
Accept-Ranges: bytes
ETag: "0e579dfb115d51:0"
Server: Microsoft-IIS/10.0
request-id: 794a8a4a-fc23-47dc-858f-ef99795134e8
Set-Cookie: ClientId=0YZCXOOKK0PDGOOUZEW; expires=Sun, 20-Apr-2025 05:42:26 GMT; path=/; HttpOnly
X-Powered-By: ASP.NET
Date: Sat, 20 Apr 2024 05:42:26 GMT
Content-Length: 7886
webmail.addaxpetroleum.com/owa/auth/15.0.1497/themes/resources/segoeui-regular.ttf
52.136.245.70200 OK 32 kB URL GET HTTP/1.1 webmail.addaxpetroleum.com/owa/auth/15.0.1497/themes/resources/segoeui-regular.ttf
IP 52.136.245.70:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://ferreiragascuritiba.com.br/accesing349870ujcsiwverify/owa/
Certificate IssuerDigiCert Inc
Subjectsmtp.addaxpetroleum.com
Fingerprint63:F4:03:E9:26:C2:9F:F0:C4:7B:F2:A3:D4:26:75:B1:F8:B2:F1:89
ValidityWed, 31 May 2023 00:00:00 GMT - Sun, 30 Jun 2024 23:59:59 GMT
File type TrueType Font data, 18 tables, 1st "LTSH"
Hash b283fdb962cdc003c673a493e6634687
25ebef9370af3c57e32097409bdfc85a5e2900a9
aa6eb9f410a38bf2fda68b5da4837cdd9ee6e2869c3009425511c83c746a8a02
GET /owa/auth/15.0.1497/themes/resources/segoeui-regular.ttf HTTP/1.1
Host: webmail.addaxpetroleum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ferreiragascuritiba.com.br
DNT: 1
Connection: keep-alive
Referer: https://ferreiragascuritiba.com.br/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: public,max-age=2592000
Content-Type: application/octet-stream
Last-Modified: Wed, 29 May 2019 00:02:58 GMT
Accept-Ranges: bytes
ETag: "0e579dfb115d51:0"
Server: Microsoft-IIS/10.0
request-id: 979e4800-f8ff-4677-bdda-25971bb5efed
Set-Cookie: ClientId=TIDRGKRVDEFKBNPRJOA; expires=Sun, 20-Apr-2025 05:42:26 GMT; path=/; HttpOnly
X-Powered-By: ASP.NET
Date: Sat, 20 Apr 2024 05:42:26 GMT
Content-Length: 56760