urlscan.io logo urlscan.io
SecurityTrails logo

raifix.com.br Open in urlscan Pro
187.63.160.86  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://raifix.com.br/365/index.php
Submission: On November 27 via api from CZ
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 5 countries across 4 domains to perform 12 HTTP transactions. The main IP is 187.63.160.86, located in Caxias do Sul, Brazil and belongs to BITCOM PROVEDOR DE SERVICOS DE INTERNET LTDA, BR. The main domain is raifix.com.br.
This is the only time raifix.com.br was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Office 365 (Online)

Domain & IP information

IP Address AS Autonomous System
1 187.63.160.86 28169 (BITCOM PR...)
9 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 40.126.1.166 8075 (MICROSOFT...)
1 1 2a01:111:f100... 8075 (MICROSOFT...)
1 2620:1ec:a92:... 8068 (MICROSOFT...)
12 4
1    187.63.160.86 (Caxias do Sul, Brazil)

ASN28169 (BITCOM PROVEDOR DE SERVICOS DE INTERNET LTDA, BR)
PTR: plsk-lnx-09.visao.psi.br
raifix.com.br
9    2a02:26f0:6c00:2bf::35c1 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
secure.aadcdn.microsoftonline-p.com
1    40.126.1.166 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
login.microsoftonline.com
1    2a01:111:f100:8000::4134:941b (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
portal.microsoftonline.com
1    2620:1ec:a92::156 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
portal.office.com
Domain Requested by
9 secure.aadcdn.microsoftonline-p.com raifix.com.br
1 portal.office.com secure.aadcdn.microsoftonline-p.com
1 portal.microsoftonline.com 1 redirects
1 login.microsoftonline.com secure.aadcdn.microsoftonline-p.com
1 raifix.com.br
12 5
Subject Issuer Validity Valid
secure.aadcdn.microsoftonline-p.com
Microsoft IT TLS CA 4		 2019-07-17 -
2021-07-17		 2 years crt.sh
stamp2.login.microsoftonline.com
Microsoft IT TLS CA 1		 2018-09-24 -
2020-09-24		 2 years crt.sh
portal.office.com
Microsoft IT TLS CA 5		 2019-09-04 -
2021-09-04		 2 years crt.sh

This page contains 2 frames:

Primary Page: http://raifix.com.br/365/index.php
Frame ID: 21CD68463F7BA02368F37C6C82FFF168
Requests: 11 HTTP requests in this frame

Frame: https://portal.office.com/Prefetch/Prefetch.aspx
Frame ID: 36C4EA75F1959A24EC93FDAFA63D8823
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

12
Requests

92 %
HTTPS

60 %
IPv6

4
Domains

5
Subdomains

4
IPs

5
Countries

337 kB
Transfer

550 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://portal.microsoftonline.com/Prefetch/Prefetch.aspx HTTP 302
  • https://portal.office.com/Prefetch/Prefetch.aspx

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.php
raifix.com.br/365/ 		42 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://raifix.com.br/365/index.php
Protocol
HTTP/1.1
Server
187.63.160.86 Caxias do Sul, Brazil, ASN28169 (BITCOM PROVEDOR DE SERVICOS DE INTERNET LTDA, BR),
Reverse DNS
plsk-lnx-09.visao.psi.br
Software
nginx / PHP/5.4.16 PleskLin
Resource Hash
8e4b00e760111a33d523a954eccff90bf6c5d05ef817e67a6e13ccfbdfbf2021

Request headers

Host
raifix.com.br
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx
Date
Wed, 27 Nov 2019 21:02:57 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/5.4.16 PleskLin
login.min.css
secure.aadcdn.microsoftonline-p.com/ests/2.1.5814.20/content/cdnbundles/ 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.aadcdn.microsoftonline-p.com/ests/2.1.5814.20/content/cdnbundles/login.min.css
Requested by
Host: raifix.com.br
URL: http://raifix.com.br/365/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:2bf::35c1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
b5ea0ffbe39f577651336a1aba7746881cf235b9f7ccc1c51b151162b3da4feb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://raifix.com.br/365/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 27 Nov 2019 21:02:58 GMT
Content-Encoding
gzip
Last-Modified
Sat, 18 May 2019 08:32:50 GMT
Content-MD5
B1nWOiVU+79RwbDKdQI8AQ==
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=604800
Connection
keep-alive
Content-Length
4718
jquery.1.11.min.js
secure.aadcdn.microsoftonline-p.com/ests/2.1.5814.20/content/cdnbundles/ 		108 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.aadcdn.microsoftonline-p.com/ests/2.1.5814.20/content/cdnbundles/jquery.1.11.min.js
Requested by
Host: raifix.com.br
URL: http://raifix.com.br/365/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:2bf::35c1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
1ef58f0d9bf24f284e32dab61049b9dc600e2380a880452ddc1d858e986f3574
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://raifix.com.br/365/index.php
Origin
http://raifix.com.br

Response headers

Date
Wed, 27 Nov 2019 21:02:58 GMT
Content-Encoding
gzip
Last-Modified
Sat, 18 May 2019 08:33:07 GMT
Content-MD5
7WNAwjfHkmgF3Msi7oO6bQ==
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=604800
Connection
keep-alive
Content-Length
38476
aad.login.min.js
secure.aadcdn.microsoftonline-p.com/ests/2.1.5814.20/content/cdnbundles/ 		173 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.aadcdn.microsoftonline-p.com/ests/2.1.5814.20/content/cdnbundles/aad.login.min.js
Requested by
Host: raifix.com.br
URL: http://raifix.com.br/365/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:2bf::35c1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
47b9dd327a73e9fc499898f78153fee7ca31de7a192dbf26664ce28ea8a3e717
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://raifix.com.br/365/index.php
Origin
http://raifix.com.br

Response headers

Date
Wed, 27 Nov 2019 21:02:58 GMT
Content-Encoding
gzip
Last-Modified
Sat, 18 May 2019 08:33:00 GMT
Content-MD5
Z6kirrwkNGZ7TLrgO1K9NQ==
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=604800
Connection
keep-alive
Content-Length
42794
microsoft_logo.png
secure.aadcdn.microsoftonline-p.com/ests/2.1.5814.20/content/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.aadcdn.microsoftonline-p.com/ests/2.1.5814.20/content/images/microsoft_logo.png
Requested by
Host: raifix.com.br
URL: http://raifix.com.br/365/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:2bf::35c1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
988e349f2bf4e87154738c7b2c1fa86618713a8cfa0cef60a046f5add89bd9de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://raifix.com.br/365/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 27 Nov 2019 21:02:58 GMT
Last-Modified
Sat, 18 May 2019 08:33:13 GMT
Content-MD5
5LZ1AH3GSS7lkBMdH337sw==
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=604800
Connection
keep-alive
Content-Length
1040
login_hover.min.css
secure.aadcdn.microsoftonline-p.com/ests/2.1.5814.20/content/cdnbundles/ 		89 B
454 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.aadcdn.microsoftonline-p.com/ests/2.1.5814.20/content/cdnbundles/login_hover.min.css
Requested by
Host: raifix.com.br
URL: http://raifix.com.br/365/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:2bf::35c1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
91c2b74542e11d0278e02715a980b39582eae2e3b519ddd2d4f9ca939e58109c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://raifix.com.br/365/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 27 Nov 2019 21:02:58 GMT
Content-Encoding
gzip
Last-Modified
Sat, 18 May 2019 08:32:14 GMT
Content-MD5
k+LdzPr5J17LuCAOBMVTBQ==
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=604800
Connection
keep-alive
Content-Length
82
bannerlogo
secure.aadcdn.microsoftonline-p.com/dbd5a2dd-6ybrougjmflxqw910ieyohr7wb4x4-yvoixrlaidmz4/appbranding/askzfdsqe20i-bcjwporaywega7vbt4acqnn1hiliiw/0/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.aadcdn.microsoftonline-p.com/dbd5a2dd-6ybrougjmflxqw910ieyohr7wb4x4-yvoixrlaidmz4/appbranding/askzfdsqe20i-bcjwporaywega7vbt4acqnn1hiliiw/0/bannerlogo?ts=635974776182591704
Requested by
Host: raifix.com.br
URL: http://raifix.com.br/365/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:2bf::35c1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
fc5c3d7d2b298a42ec44dad2d8cd227b734db966b4afa68c0254a497e805f603
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://raifix.com.br/365/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 27 Nov 2019 21:02:58 GMT
Last-Modified
Wed, 03 Apr 2019 22:28:44 GMT
Content-MD5
nwmifU9ps1V8dDNXSinXJg==
Strict-Transport-Security
max-age=31536000
Content-Type
image\jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=44848
Connection
keep-alive
Content-Length
4585
heroillustration
secure.aadcdn.microsoftonline-p.com/dbd5a2dd-6ybrougjmflxqw910ieyohr7wb4x4-yvoixrlaidmz4/appbranding/askzfdsqe20i-bcjwporaywega7vbt4acqnn1hiliiw/0/ 		199 KB
199 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.aadcdn.microsoftonline-p.com/dbd5a2dd-6ybrougjmflxqw910ieyohr7wb4x4-yvoixrlaidmz4/appbranding/askzfdsqe20i-bcjwporaywega7vbt4acqnn1hiliiw/0/heroillustration?ts=635974776187911809
Requested by
Host: raifix.com.br
URL: http://raifix.com.br/365/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:2bf::35c1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
7e50e406688bd898803f653058d14ca384734cb9b39ba900bc5e2734b59c073b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://raifix.com.br/365/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 27 Nov 2019 21:02:59 GMT
Last-Modified
Wed, 03 Apr 2019 22:28:45 GMT
Content-MD5
ZSg7Ej6yNeYXaumMAqxbHA==
Strict-Transport-Security
max-age=31536000
Content-Type
image\jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Connection
keep-alive
Content-Length
203294
work_account.png
secure.aadcdn.microsoftonline-p.com/ests/2.1.5814.20/content/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.aadcdn.microsoftonline-p.com/ests/2.1.5814.20/content/images/work_account.png
Requested by
Host: raifix.com.br
URL: http://raifix.com.br/365/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:2bf::35c1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
9fc929be7892b2f4498627d22bc1b3990dc380efcfe40fe6c3cac2dea7565c8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://raifix.com.br/365/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 27 Nov 2019 21:02:58 GMT
Last-Modified
Sat, 18 May 2019 08:33:16 GMT
Content-MD5
GWPGsZJrdzmG9T+ETOTDLg==
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=604800
Connection
keep-alive
Content-Length
1487
use_another_account.png
secure.aadcdn.microsoftonline-p.com/ests/2.1.5814.20/content/images/ 		756 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.aadcdn.microsoftonline-p.com/ests/2.1.5814.20/content/images/use_another_account.png
Requested by
Host: raifix.com.br
URL: http://raifix.com.br/365/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:2bf::35c1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
a0ecb34d7d42843a8d2b9a65886984f8e50936461b15aede60ba6e97e781ea6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://raifix.com.br/365/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 27 Nov 2019 21:02:58 GMT
Last-Modified
Sat, 18 May 2019 08:34:13 GMT
Content-MD5
kPzjxgRIU0Xx7Ptx4ULddw==
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=604800
Connection
keep-alive
Content-Length
756
reportpageload
login.microsoftonline.com/common/instrumentation/ 		0
934 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/common/instrumentation/reportpageload
Requested by
Host: secure.aadcdn.microsoftonline-p.com
URL: https://secure.aadcdn.microsoftonline-p.com/ests/2.1.5814.20/content/cdnbundles/jquery.1.11.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.126.1.166 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Access-Control-Request-Method
POST
Origin
http://raifix.com.br
Referer
http://raifix.com.br/365/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
canary,client-request-id,content-type,hpgact,hpgid

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Date
Wed, 27 Nov 2019 21:02:59 GMT
Access-Control-Allow-Methods
POST, OPTIONS
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Access-Control-Allow-Origin
https://autologon.microsoftazuread-sso.com/
x-ms-request-id
add396f2-36fe-4e40-8e76-c711742c8100
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
canary,client-request-id,content-type,hpgact,hpgid
Content-Length
0
x-ms-ests-server
2.1.9707.16 - DUB2 ProdSlices
Referrer-Policy
strict-origin-when-cross-origin
Expires
-1
Prefetch.aspx
portal.office.com/Prefetch/ Frame 36C4
Redirect Chain
  • https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
  • https://portal.office.com/Prefetch/Prefetch.aspx
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://portal.office.com/Prefetch/Prefetch.aspx
Requested by
Host: secure.aadcdn.microsoftonline-p.com
URL: https://secure.aadcdn.microsoftonline-p.com/ests/2.1.5814.20/content/cdnbundles/jquery.1.11.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::156 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
portal.office.com
:scheme
https
:path
/Prefetch/Prefetch.aspx
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
http://raifix.com.br/365/index.php
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://raifix.com.br/365/index.php

Response headers

status
200
cache-control
no-store, no-cache,no-store, no-cache
content-length
9846
content-type
text/html; charset=utf-8
set-cookie
s.SessID=0b2000a8-8568-424e-b9b7-25801fde0adf; path=/; secure; HttpOnly s.SessID=0b2000a8-8568-424e-b9b7-25801fde0adf; path=/; secure; HttpOnly p.PersID=d57dc91d-9a70-4fa1-ac8d-8e6d0b04b565; expires=Thu, 24-Dec-2020 21:02:59 GMT; path=/; secure; HttpOnly s.SessID=0b2000a8-8568-424e-b9b7-25801fde0adf; path=/; secure; HttpOnly p.PersID=d57dc91d-9a70-4fa1-ac8d-8e6d0b04b565; expires=Thu, 24-Dec-2020 21:02:59 GMT; path=/; secure; HttpOnly x-portal-routekey=weu; path=/; secure; HttpOnly
strict-transport-security
max-age=63072000
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-content-type-options
nosniff
x-ua-compatible
IE=Edge
x-msedge-ref
Ref A: 27071A1083BD448DAD3D308C855B4D9F Ref B: VIEEDGE0709 Ref C: 2019-11-27T21:02:59Z
date
Wed, 27 Nov 2019 21:02:58 GMT

Redirect headers

status
302
cache-control
no-store, no-cache
content-type
text/html; charset=utf-8
location
https://portal.office.com/Prefetch/Prefetch.aspx
server
Microsoft-IIS/10.0
set-cookie
s.SessID=a39cb122-6181-47a1-8f03-bb5827554b7f; path=/; secure; HttpOnly s.SessID=a39cb122-6181-47a1-8f03-bb5827554b7f; path=/; secure; HttpOnly x-portal-routekey=weu; path=/; secure; HttpOnly
x-powered-by
ASP.NET
x-content-type-options
nosniff
x-ua-compatible
IE=Edge
date
Wed, 27 Nov 2019 21:02:59 GMT
content-length
165

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Office 365 (Online)

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B boolean| isTouch string| cssId object| head object| link undefined| msViewportStyle function| $ function| jQuery object| jQuery1112033873083295063866 object| MSLogin object| proxy object| ErrorCodes object| Constants object| Context object| Background object| Logo object| Instrument object| User object| tenant_info object| MSLogout object| ThirdPartyCookieStates object| PostType object| LoginOption object| TenantBranding object| users object| Tiles object| EmailDiscovery object| Support object| Post object| StrongAuthCheck object| Util object| WindowsBrowserSso number| tokenClickCount object| $Api

0 Cookies