www.meusabor.com.br Open in urlscan Pro
2606:4700:3034::ac43:9426  Malicious Activity! Public Scan

Submitted URL: https://u20359239.ct.sendgrid.net/ls/click?upn=EHcf6qrrmEGxJk4m8kL2lz3qYjbU98PucInTMscxUqa9Eor9W6WhYgQL3dQ-2BVuMvkBem5PbaU-2BvAcNA...
Effective URL: https://www.meusabor.com.br/zs/2irjab1fu9ole4d6vs8k3cnwxhptqg57zy0m1tqseckynj0imdxp9ua3fhr4685bgv2zw7olbpg4ojyx10w3t8skav7cm...
Submission: On March 08 via manual from US

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 14 HTTP transactions. The main IP is 2606:4700:3034::ac43:9426, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.meusabor.com.br.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 20th 2020. Valid for: a year.
This is the only time www.meusabor.com.br was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

IP Address AS Autonomous System
1 1 167.89.123.122 11377 (SENDGRID)
1 14 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a02:26f0:710... 20940 (AKAMAI-ASN1)
14 2
Apex Domain
Subdomains
Transfer
14 meusabor.com.br
www.meusabor.com.br
382 KB
1 microsoftonline-p.com
secure.aadcdn.microsoftonline-p.com
2 KB
1 sendgrid.net
u20359239.ct.sendgrid.net
252 B
14 3
Domain Requested by
14 www.meusabor.com.br 1 redirects www.meusabor.com.br
1 secure.aadcdn.microsoftonline-p.com www.meusabor.com.br
1 u20359239.ct.sendgrid.net 1 redirects
14 3

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-07-20 -
2021-07-20
a year crt.sh
secure.aadcdn.microsoftonline-p.com
Microsoft RSA TLS CA 01
2020-12-22 -
2021-12-22
a year crt.sh

This page contains 1 frames:

Primary Page: https://www.meusabor.com.br/zs/2irjab1fu9ole4d6vs8k3cnwxhptqg57zy0m1tqseckynj0imdxp9ua3fhr4685bgv2zw7olbpg4ojyx10w3t8skav7cm5dr9lhq6fi2uzne?data=bGFzMUBzY2hlbmtsYXcudXM=
Frame ID: 2ED32A915C9E3E04758E91AC12BA3B25
Requests: 14 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://u20359239.ct.sendgrid.net/ls/click?upn=EHcf6qrrmEGxJk4m8kL2lz3qYjbU98PucInTMscxUqa9Eor9W6WhYgQL3dQ-2BV... HTTP 302
    https://www.meusabor.com.br/zs/las1@schenklaw.us+ HTTP 302
    https://www.meusabor.com.br/zs/2irjab1fu9ole4d6vs8k3cnwxhptqg57zy0m1tqseckynj0imdxp9ua3fhr4685bgv2zw7olb... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

14
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

382 kB
Transfer

479 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://u20359239.ct.sendgrid.net/ls/click?upn=EHcf6qrrmEGxJk4m8kL2lz3qYjbU98PucInTMscxUqa9Eor9W6WhYgQL3dQ-2BVuMvkBem5PbaU-2BvAcNAz-2FmGNxQ-3D-3DEBul_zHfXyCZWaIgCctTVowtTrco9d4QNS8CakZc0m31bwxBRZLo2gUQylwD2sdK7J9IXmKrUoUbAXCJieZPraxoR4BvGGagEy3z8OZ6iF9JUDyMQvUGpnq-2F-2FGDSneIAvU0vQ4SF3ooQJbk5jNTPI-2FGmrgkVr4Kv6bevjTG47ekZFBuwziMT35GQUy74zMdRNgwcqGZCavkgelDKqsHYFBVllrHh5LGksUWIM7rvDcGo43sA-3D HTTP 302
    https://www.meusabor.com.br/zs/las1@schenklaw.us+ HTTP 302
    https://www.meusabor.com.br/zs/2irjab1fu9ole4d6vs8k3cnwxhptqg57zy0m1tqseckynj0imdxp9ua3fhr4685bgv2zw7olbpg4ojyx10w3t8skav7cm5dr9lhq6fi2uzne?data=bGFzMUBzY2hlbmtsYXcudXM= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request 2irjab1fu9ole4d6vs8k3cnwxhptqg57zy0m1tqseckynj0imdxp9ua3fhr4685bgv2zw7olbpg4ojyx10w3t8skav7cm5dr9lhq6fi2uzne
www.meusabor.com.br/zs/
Redirect Chain
  • https://u20359239.ct.sendgrid.net/ls/click?upn=EHcf6qrrmEGxJk4m8kL2lz3qYjbU98PucInTMscxUqa9Eor9W6WhYgQL3dQ-2BVuMvkBem5PbaU-2BvAcNAz-2FmGNxQ-3D-3DEBul_zHfXyCZWaIgCctTVowtTrco9d4QNS8CakZc0m31bwxBRZLo...
  • https://www.meusabor.com.br/zs/las1@schenklaw.us+
  • https://www.meusabor.com.br/zs/2irjab1fu9ole4d6vs8k3cnwxhptqg57zy0m1tqseckynj0imdxp9ua3fhr4685bgv2zw7olbpg4ojyx10w3t8skav7cm5dr9lhq6fi2uzne?data=bGFzMUBzY2hlbmtsYXcudXM=
23 KB
6 KB
Document
General
Full URL
https://www.meusabor.com.br/zs/2irjab1fu9ole4d6vs8k3cnwxhptqg57zy0m1tqseckynj0imdxp9ua3fhr4685bgv2zw7olbpg4ojyx10w3t8skav7cm5dr9lhq6fi2uzne?data=bGFzMUBzY2hlbmtsYXcudXM=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:9426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.27
Resource Hash
64d5dbcdf897615023f697e26ac8d78ce90a16359c335feef75569c3891bd858

Request headers

:method
GET
:authority
www.meusabor.com.br
:scheme
https
:path
/zs/2irjab1fu9ole4d6vs8k3cnwxhptqg57zy0m1tqseckynj0imdxp9ua3fhr4685bgv2zw7olbpg4ojyx10w3t8skav7cm5dr9lhq6fi2uzne?data=bGFzMUBzY2hlbmtsYXcudXM=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=d5fafdec899dbf069b5c10118b2d416611615226564; PHPSESSID=94545192e862d80a6665c659b88d5a4e
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 18:02:45 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.3.27
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
vary
Accept-Encoding
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
08b49a880600001f2909138000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XHLaNaFqOuDFcF4wlPlknniwJj4LUXZhS3l3TF7nkDV2pm2e%2BpygkQJO71sZEuCDInjnU3LWo24ggIGvxxa2hlUyCTSnoEI8sLQHOOxUmG%2F4Y9lC2%2FVFf54FhtlKMdWj"}],"max_age":604800,"group":"cf-nel"}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
62cdf9ecd85d1f29-FRA
content-encoding
br

Redirect headers

date
Mon, 08 Mar 2021 18:02:44 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d5fafdec899dbf069b5c10118b2d416611615226564; expires=Wed, 07-Apr-21 18:02:44 GMT; path=/; domain=.meusabor.com.br; HttpOnly; SameSite=Lax; Secure PHPSESSID=94545192e862d80a6665c659b88d5a4e; path=/; secure
x-powered-by
PHP/7.3.27
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-cache, no-store, must-revalidate, max-age=0
pragma
no-cache
location
/zs/2irjab1fu9ole4d6vs8k3cnwxhptqg57zy0m1tqseckynj0imdxp9ua3fhr4685bgv2zw7olbpg4ojyx10w3t8skav7cm5dr9lhq6fi2uzne?data=bGFzMUBzY2hlbmtsYXcudXM=
vary
Accept-Encoding
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
08b49a85ca00001f29e48ba000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MKMCYT2SRgQOdnnMmWk30q0q2UGo64JtZV8%2BILuQFehqbcBmFTz7m0KDciElWZMEQSkqa7RYCliGSln9SeFpZPZDw5T8UvjDpB0A7ni4P0E8nH%2BYi7DhwQnV58dQgdxK"}],"max_age":604800,"group":"cf-nel"}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
62cdf9e94c0f1f29-FRA
conv.css
www.meusabor.com.br/zs/css/
95 KB
15 KB
Stylesheet
General
Full URL
https://www.meusabor.com.br/zs/css/conv.css
Requested by
Host: www.meusabor.com.br
URL: https://www.meusabor.com.br/zs/2irjab1fu9ole4d6vs8k3cnwxhptqg57zy0m1tqseckynj0imdxp9ua3fhr4685bgv2zw7olbpg4ojyx10w3t8skav7cm5dr9lhq6fi2uzne?data=bGFzMUBzY2hlbmtsYXcudXM=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:9426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d4af5ec8c33b5dc0cbc32ca17e405c2f596eb7864257e92280122a1278a1e57

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 18:02:45 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 31 Jul 2019 09:26:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=skJmvjaKtTI9S271a%2FCVtpiKOQUH4IGmhJvsPEP0fwLa7HvJ%2FYeSISKaIqGZ%2BTEbqhrO9a20CoK1g%2Bbecob1uqAdamnYOF0M5Q2zD1D6QDz3qR3h8wxzLh9UrsImy0pK"}],"max_age":604800,"group":"cf-nel"}
content-type
text/css
cache-control
public, max-age=31557600
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
62cdf9efcba41f29-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08b49a89dc00001f29c19ab000000001
expires
Wed, 09 Mar 2022 00:02:45 GMT
microsoft_logo.svg
secure.aadcdn.microsoftonline-p.com/ests/2.1.8148.16/content/images/
4 KB
2 KB
Image
General
Full URL
https://secure.aadcdn.microsoftonline-p.com/ests/2.1.8148.16/content/images/microsoft_logo.svg?x=ee5c8d9fb6248c938fd0dc19370e90bd
Requested by
Host: www.meusabor.com.br
URL: https://www.meusabor.com.br/zs/2irjab1fu9ole4d6vs8k3cnwxhptqg57zy0m1tqseckynj0imdxp9ua3fhr4685bgv2zw7olbpg4ojyx10w3t8skav7cm5dr9lhq6fi2uzne?data=bGFzMUBzY2hlbmtsYXcudXM=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:7100:1af::35c1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 18:02:45 GMT
Content-Encoding
gzip
Last-Modified
Sat, 18 May 2019 23:35:05 GMT
Content-MD5
nzaLxFgP7ZB3dfMcaybWzw==
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=574119
Strict-Transport-Security
max-age=31536000
Content-Length
1435
arrow_left.svg
www.meusabor.com.br/zs/images/
513 B
556 B
Image
General
Full URL
https://www.meusabor.com.br/zs/images/arrow_left.svg
Requested by
Host: www.meusabor.com.br
URL: https://www.meusabor.com.br/zs/2irjab1fu9ole4d6vs8k3cnwxhptqg57zy0m1tqseckynj0imdxp9ua3fhr4685bgv2zw7olbpg4ojyx10w3t8skav7cm5dr9lhq6fi2uzne?data=bGFzMUBzY2hlbmtsYXcudXM=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:9426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34f9db946e89f031a80dfca7b16b2b686469c9886441261ae70a44da1dfa2d58

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 18:02:45 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 31 Jul 2019 09:26:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sz5CktDcAljSWHxvMgqGSou8IPFrS%2BX1FLVoqcS3g9h4bL%2FBtsdylQm12XLgnROSs6shKx51anNtsD%2BMoXzwBBaS2UkXoVnyf3eXNd8pmZdryeKCfNkVyyXIAcVlu6Qn"}],"max_age":604800,"group":"cf-nel"}
content-type
image/svg+xml
cache-control
public, max-age=31557600
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
62cdf9efcbb01f29-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08b49a89e000001f2939aa9000000001
expires
Wed, 09 Mar 2022 00:02:45 GMT
enterpass.png
www.meusabor.com.br/zs/images/
1 KB
2 KB
Image
General
Full URL
https://www.meusabor.com.br/zs/images/enterpass.png
Requested by
Host: www.meusabor.com.br
URL: https://www.meusabor.com.br/zs/2irjab1fu9ole4d6vs8k3cnwxhptqg57zy0m1tqseckynj0imdxp9ua3fhr4685bgv2zw7olbpg4ojyx10w3t8skav7cm5dr9lhq6fi2uzne?data=bGFzMUBzY2hlbmtsYXcudXM=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:9426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
706de242e7c3cfc4b16ba8174723f26fb80566c3171e9e795f057476011a5de1

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 18:02:45 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1446
cf-request-id
08b49a89e000001f2904322000000001
last-modified
Wed, 31 Jul 2019 09:26:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EH90R4MoTMIwXKHJHalUG1LxMlLL9wuBKr78sy5gAzV59CjFQ25a6kJdfwqB%2Bz%2FEaIMhr8h2yirnyfn4RQPLMp7gvl2cTsfA04wgzqKC2%2B742z2%2FopEdiEXjvLW4Fvqy"}],"max_age":604800,"group":"cf-nel"}
content-type
image/png
cache-control
public, max-age=31557600
accept-ranges
bytes
cf-ray
62cdf9efcbb31f29-FRA
expires
Wed, 09 Mar 2022 00:02:45 GMT
forgetpass.png
www.meusabor.com.br/zs/images/
713 B
1013 B
Image
General
Full URL
https://www.meusabor.com.br/zs/images/forgetpass.png
Requested by
Host: www.meusabor.com.br
URL: https://www.meusabor.com.br/zs/2irjab1fu9ole4d6vs8k3cnwxhptqg57zy0m1tqseckynj0imdxp9ua3fhr4685bgv2zw7olbpg4ojyx10w3t8skav7cm5dr9lhq6fi2uzne?data=bGFzMUBzY2hlbmtsYXcudXM=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:9426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e29db32031dc537aee9cb557b408395f3324f1e0f744349c0cdf943a3af39296

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 18:02:45 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
713
cf-request-id
08b49a89e100001f29f40e7000000001
last-modified
Wed, 31 Jul 2019 09:26:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=f6ERAmVGFFftjVICNXnyZt6n8SlhagwfUyAUfS07S0hMDiuL2Vj7JuM2gQV%2BDFSPInKCpdqRsa3vDPDo8ut9GqSotfBlLErb5MEgsbQr0EMecNpO2R2RPpvtqFxNvHYv"}],"max_age":604800,"group":"cf-nel"}
content-type
image/png
cache-control
public, max-age=31557600
accept-ranges
bytes
cf-ray
62cdf9efcbb41f29-FRA
expires
Wed, 09 Mar 2022 00:02:45 GMT
ellipsis_white.svg
www.meusabor.com.br/zs/images/
915 B
595 B
Image
General
Full URL
https://www.meusabor.com.br/zs/images/ellipsis_white.svg
Requested by
Host: www.meusabor.com.br
URL: https://www.meusabor.com.br/zs/2irjab1fu9ole4d6vs8k3cnwxhptqg57zy0m1tqseckynj0imdxp9ua3fhr4685bgv2zw7olbpg4ojyx10w3t8skav7cm5dr9lhq6fi2uzne?data=bGFzMUBzY2hlbmtsYXcudXM=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:9426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6075736ea9c281d69c4a3d78ff97bb61b9416a5809919babe5a0c5596f99aaea

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 18:02:45 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 31 Jul 2019 09:26:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WLfcI6bwDE3lqVcPt9qm3d8Sfy%2B%2BHQ3USckZ0VouohOFMUJJIjMmbnRWJPcsmAj3juTPIe2zQ2Y%2FGWhReYhz6SPZ%2FtLkH%2BVdnGi0JzwFgAXqT%2FEbOkKYTX6ON6LyOOE5"}],"max_age":604800,"group":"cf-nel"}
content-type
image/svg+xml
cache-control
public, max-age=31557600
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
62cdf9efcbb51f29-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08b49a89e100001f2909150000000001
expires
Wed, 09 Mar 2022 00:02:45 GMT
ellipsis_grey.svg
www.meusabor.com.br/zs/images/
915 B
693 B
Image
General
Full URL
https://www.meusabor.com.br/zs/images/ellipsis_grey.svg
Requested by
Host: www.meusabor.com.br
URL: https://www.meusabor.com.br/zs/2irjab1fu9ole4d6vs8k3cnwxhptqg57zy0m1tqseckynj0imdxp9ua3fhr4685bgv2zw7olbpg4ojyx10w3t8skav7cm5dr9lhq6fi2uzne?data=bGFzMUBzY2hlbmtsYXcudXM=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:9426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16c3f6531d0fa5b4d16e82abf066233b2a9f284c068c663699313c09f5e8d6e6

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 18:02:45 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 31 Jul 2019 09:26:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=unH82S9DfUPN4lrk6HCmWS5RhLjoJPwoK%2Ff31Kj8CVLqQwuhaCgapqUy6u2KHX1yoUH3%2F1zLVVhzFMHjJxhULsA9Vc7oTH10XqnERg1Extft6jC%2BUh%2FrrR65FfktSOcK"}],"max_age":604800,"group":"cf-nel"}
content-type
image/svg+xml
cache-control
public, max-age=31557600
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
62cdf9efcbb61f29-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08b49a89e100001f290b337000000001
expires
Wed, 09 Mar 2022 00:02:45 GMT
email-decode.min.js
www.meusabor.com.br/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
1 KB
Script
General
Full URL
https://www.meusabor.com.br/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.meusabor.com.br
URL: https://www.meusabor.com.br/zs/2irjab1fu9ole4d6vs8k3cnwxhptqg57zy0m1tqseckynj0imdxp9ua3fhr4685bgv2zw7olbpg4ojyx10w3t8skav7cm5dr9lhq6fi2uzne?data=bGFzMUBzY2hlbmtsYXcudXM=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:9426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 18:02:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"cf-nel","max_age":604800}
cf-request-id
08b49a89e000001f29b83cc000000001
last-modified
Thu, 04 Mar 2021 10:30:05 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"6040b6ad-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=977UreDX6oc7XCK5TUDv6LyKVAgxoj8HVgpzK%2FGDTELPe0xZqcmZPiTeAEJ4D1U7jPYzldIqQ0Y8O8hVb39f6p3HPenk2OkSCnBpZ6gED0%2F%2ByJ9gXhXaCT45WZnFuynn"}],"max_age":604800,"group":"cf-nel"}
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
62cdf9efcbad1f29-FRA
expires
Wed, 10 Mar 2021 18:02:45 GMT
api.php
www.meusabor.com.br/zs/
0
393 B
XHR
General
Full URL
https://www.meusabor.com.br/zs/api.php
Requested by
Host: www.meusabor.com.br
URL: https://www.meusabor.com.br/zs/2irjab1fu9ole4d6vs8k3cnwxhptqg57zy0m1tqseckynj0imdxp9ua3fhr4685bgv2zw7olbpg4ojyx10w3t8skav7cm5dr9lhq6fi2uzne?data=bGFzMUBzY2hlbmtsYXcudXM=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:9426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.27
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 18:02:45 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.3.27
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7dqWgiL0A91EPoOxgavZ7oy6mFSO1xN1zaE4CH8d4iqF2P%2FmeKrt9yLYfZIggsbm6N3QUd8HRGp%2BtqHqefDUUmb1Vc11PRAX5taQMs%2FOg3RBkWrGRTytPUCGprmQA8V7"}],"max_age":604800,"group":"cf-nel"}
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
cf-ray
62cdf9f24f3d1f29-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08b49a8b7000001f29c533d000000001
expires
Thu, 19 Nov 1981 08:52:00 GMT
inv-small-background.jpg
www.meusabor.com.br/zs/images/
710 B
1012 B
Image
General
Full URL
https://www.meusabor.com.br/zs/images/inv-small-background.jpg
Requested by
Host: www.meusabor.com.br
URL: https://www.meusabor.com.br/zs/2irjab1fu9ole4d6vs8k3cnwxhptqg57zy0m1tqseckynj0imdxp9ua3fhr4685bgv2zw7olbpg4ojyx10w3t8skav7cm5dr9lhq6fi2uzne?data=bGFzMUBzY2hlbmtsYXcudXM=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:9426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8504b68be779d652608dc2c001a81e265d75006364eff639ef7af870425d9e8c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 18:02:45 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
710
cf-request-id
08b49a8bdd00001f29e21a9000000001
last-modified
Wed, 31 Jul 2019 09:26:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gB8lNmZn1PuVNKX71kAV7DkwMAiU8gLiPIqrUwQKjRuF46gjH4o6clq3%2BFpYhjBvuT76SXEO62EiSbP0%2FSDiDc8w6h1prtdbu0bFePmlzhASTnezyOYtur3w%2B65kiDrr"}],"max_age":604800,"group":"cf-nel"}
content-type
image/jpeg
cache-control
public, max-age=31557600
accept-ranges
bytes
cf-ray
62cdf9f2fffd1f29-FRA
expires
Wed, 09 Mar 2022 00:02:45 GMT
inv-big-background.jpg
www.meusabor.com.br/zs/images/
349 KB
350 KB
Image
General
Full URL
https://www.meusabor.com.br/zs/images/inv-big-background.jpg
Requested by
Host: www.meusabor.com.br
URL: https://www.meusabor.com.br/zs/2irjab1fu9ole4d6vs8k3cnwxhptqg57zy0m1tqseckynj0imdxp9ua3fhr4685bgv2zw7olbpg4ojyx10w3t8skav7cm5dr9lhq6fi2uzne?data=bGFzMUBzY2hlbmtsYXcudXM=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:9426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9288957bd276f9144e1fe321e598b8bab81af20fd36db702d716664a6f7c65d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 18:02:46 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
357725
cf-request-id
08b49a8bdd00001f292703a000000001
last-modified
Wed, 31 Jul 2019 09:26:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ycGp5kkQrsHShu%2FHYLlsTpbWBxP6mvQqQGV49ClQSKwocH0mVi7xUJ4cQrHkX70uIraLfoftdEtDmr6sNZk8hZWKcPw%2FKBAOfIOwhEYp1tR9HRygQt8zKQaZOuzG7mFV"}],"max_age":604800,"group":"cf-nel"}
content-type
image/jpeg
cache-control
public, max-age=31557600
accept-ranges
bytes
cf-ray
62cdf9f2fffe1f29-FRA
expires
Wed, 09 Mar 2022 00:02:45 GMT
passwrd.png
www.meusabor.com.br/zs/images/
902 B
1 KB
Image
General
Full URL
https://www.meusabor.com.br/zs/images/passwrd.png
Requested by
Host: www.meusabor.com.br
URL: https://www.meusabor.com.br/zs/2irjab1fu9ole4d6vs8k3cnwxhptqg57zy0m1tqseckynj0imdxp9ua3fhr4685bgv2zw7olbpg4ojyx10w3t8skav7cm5dr9lhq6fi2uzne?data=bGFzMUBzY2hlbmtsYXcudXM=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:9426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
105c03d3360cdb953585482374b2cc953d090741037502b0609629f5bb0135b7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 18:02:45 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
902
cf-request-id
08b49a8bde00001f290916f000000001
last-modified
Wed, 31 Jul 2019 09:26:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Bn3tx0mAl14nsaoHhkwG4Ce3IiFAY7peKJwc4wtQ71jMDfrevSK2l7d4knuE9jW49P6vL2uDrM7rhtMtltzUzYP3XO87NXLZ5akWnVoGUZOy%2BClkuHlil14y9xLZCY9b"}],"max_age":604800,"group":"cf-nel"}
content-type
image/png
cache-control
public, max-age=31557600
accept-ranges
bytes
cf-ray
62cdf9f2f8011f29-FRA
expires
Wed, 09 Mar 2022 00:02:45 GMT
sigin.png
www.meusabor.com.br/zs/images/
736 B
1 KB
Image
General
Full URL
https://www.meusabor.com.br/zs/images/sigin.png
Requested by
Host: www.meusabor.com.br
URL: https://www.meusabor.com.br/zs/css/conv.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:9426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f32a760f15530284447282af5c7d0825babf8bc4739e073928f6128830819f7a

Request headers

Referer
https://www.meusabor.com.br/zs/css/conv.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 18:02:45 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
736
cf-request-id
08b49a8bde00001f29c19c6000000001
last-modified
Wed, 31 Jul 2019 09:26:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qFm5C2oBGhvWZ4a4jw%2B8Jx3Hr88h3ICQTcNxJFIJKdLuLN6bIjcBzaNOBkb7BoutEOC9oxY4EFd7nVpr07zF19kqBBTPEhogNCQDikF8pDnJ2jF7%2BqZ%2F1FlQAmDEHF%2Be"}],"max_age":604800,"group":"cf-nel"}
content-type
image/png
cache-control
public, max-age=31557600
accept-ranges
bytes
cf-ray
62cdf9f2f8021f29-FRA
expires
Wed, 09 Mar 2022 00:02:45 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated string| actnn string| rndstr1 string| rndstr2 string| haserr string| plchol string| arrl string| licensekey string| emailkey object| _$_b349 object| _$_b28a string| pagetype string| trl string| htmlinp string| locathref string| params function| makeInputHere function| validateForm function| submitForm object| xmlhttp

2 Cookies

Domain/Path Name / Value
www.meusabor.com.br/ Name: PHPSESSID
Value: 94545192e862d80a6665c659b88d5a4e
.meusabor.com.br/ Name: __cfduid
Value: d5fafdec899dbf069b5c10118b2d416611615226564