{"report_id":"0c55f981-d9ca-4b08-9548-d2b9d954b8fe","version":6,"status":"done","tags":["crypto","phishing"],"date":"2023-12-03T05:32:43Z","url":{"schema":"http","addr":"re-try-connect.ctab.com.br/en/","fqdn":"re-try-connect.ctab.com.br","domain":"ctab.com.br","tld":"com.br"},"ip":{"addr":"108.179.253.92","port":0,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"re-try-connect.ctab.com.br/en/mywallet/?token=nkbihfbeogaeaoehlefnkodbefgpgknn","fqdn":"re-try-connect.ctab.com.br","domain":"ctab.com.br","tld":"com.br"},"title":"Verification | MetaMask"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-26T09:25:45Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"default"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"re-try-connect.ctab.com.br","ip":{"addr":"108.179.253.92","port":0,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":16,"request_count":25,"received_data":718779,"sent_data":14898,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"151.101.129.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2012-05-16","domain_rank":439,"first_seen":"2012-09-30 02:15:09","last_seen":"2023-12-02 05:09:04","alert_count":0,"request_count":5,"received_data":214245,"sent_data":2598,"comment":"","tags":null,"fingerprints":null},{"fqdn":"images.ctfassets.net","ip":{"addr":"54.230.111.2","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2017-03-28","domain_rank":4623,"first_seen":"2017-09-20 18:27:05","last_seen":"2023-12-02 05:10:04","alert_count":0,"request_count":1,"received_data":52582,"sent_data":556,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.gstatic.com","ip":{"addr":"216.58.207.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-09-09 02:40:21","last_seen":"2023-12-02 07:24:06","alert_count":0,"request_count":4,"received_data":35936,"sent_data":2216,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdn.korzh.com","ip":{"addr":"172.67.133.181","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"domain_registered":"1999-01-12","domain_rank":0,"first_seen":"2017-02-10 09:55:23","last_seen":"2023-11-09 20:51:00","alert_count":2,"request_count":2,"received_data":1692427,"sent_data":898,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.74.170","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":8877,"first_seen":"2013-06-10 22:14:26","last_seen":"2023-12-02 07:17:09","alert_count":0,"request_count":1,"received_data":1432,"sent_data":469,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"re-try-connect.ctab.com.br/en/mywallet/?token=nkbihfbeogaeaoehlefnkodbefgpgknn","fqdn":"re-try-connect.ctab.com.br","domain":"ctab.com.br","tld":"com.br"},"ip":{"addr":"108.179.253.92","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"ccf7a258eee5e12d2cb3d813a5da86c8","sha1":"0d0c6985e493d2f610870c9259901a2511734328","sha256":"441b05bfa42c0b589fd682ec21e9ba36e55f6ec2718fbb259a812cd0b999c28e","sha512":"dd47d7f83ac882642a70085ae757a07c2677dae8ca45f85bbc633e68ff402c3ec1d9436a51e7a768a33250bea5cf41dbf5fc90fb214334832fa9f0a04c876fea","ssdeep":"","tlshash":"99a02200200cc80303200f3a383ba82ff8020fb38883300a3ec0a200fbc0a08c0a000c","size":73,"data":"","first_seen":"2023-03-07T01:24:43Z","last_seen":"2026-05-11T14:06:14.709418Z","times_seen":328,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"re-try-connect.ctab.com.br/en/mywallet/?token=nkbihfbeogaeaoehlefnkodbefgpgknn","fqdn":"re-try-connect.ctab.com.br","domain":"ctab.com.br","tld":"com.br"},"ip":{"addr":"108.179.253.92","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"e211fcffffcad47d3a228f99f6c58a8b","sha1":"3374e65ba852370abdc282f57fa6b7234fddeaa1","sha256":"21280025d608be64117109d0d04677521dfdd3f9a1e0e6294c0e8722a3b11f09","sha512":"aadc33ad2e7920b5868abf34c591aafdc1d8bcbc628f3c470c90de5fb445557b2520e961eda80c4f31395f06381860633d957ac31de482e901ec3707fea2f11a","ssdeep":"","tlshash":"d8b012697ca428b0a21b1c5f63ab858c34f800446294fc10404cc1810970c793497cd4","size":97,"data":"","first_seen":"2023-09-26T02:07:46Z","last_seen":"2024-08-21T05:45:42.144395Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"re-try-connect.ctab.com.br/en/mywallet/style/webfont.js","fqdn":"re-try-connect.ctab.com.br","domain":"ctab.com.br","tld":"com.br"},"ip":{"addr":"108.179.253.92","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"7c96a5f11d9741541d5e3c42ff6380d7","sha1":"d3fa2564c021cf730e58ffddb138cf6b57ed126e","sha256":"81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee","sha512":"23c162a2e268951729b580e5035ad6ca9969cfcc5ce58a220817b912e76b38be6c29c3ca7680cb4e8198863d95a72ea65bd06ff7189b5c8475e4c1ce501aeab1","ssdeep":"384:i11kqRm4UjryX2DfatZrT80NCGz5r2zItrX:iEqRm4cy338m7d","tlshash":"7942c65d7652b26a825280f2177f060b9576fa2ab844c0bc7a89d8d46c74db8037ff7c","size":13188,"data":"","first_seen":"2023-03-07T01:03:17Z","last_seen":"2026-05-17T17:21:00.053823Z","times_seen":56829,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"re-try-connect.ctab.com.br/en/mywallet/?token=nkbihfbeogaeaoehlefnkodbefgpgknn","fqdn":"re-try-connect.ctab.com.br","domain":"ctab.com.br","tld":"com.br"},"ip":{"addr":"108.179.253.92","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"eb5585a904579924ce58dce730a56b05","sha1":"99518ae241e056f3aa89253e07d3d50bd05833f7","sha256":"ac4d66982e1bee4753c08ee8553752ee8078a2519f764f5288d56bcc76029e1f","sha512":"ae62b47d5c2c0b3f3628803e5003d59d68bc4574d72eb63b152e33f60cd7df7402852c904124f1373d13cc3af76e7b401c8313684d3a74badd76cbe894a308f0","ssdeep":"","tlshash":"6721c0095caa22647977283ad5af600431f7406b570cd312b11cf255bfe9e6503afded","size":1427,"data":"","first_seen":"2023-09-26T02:07:46Z","last_seen":"2026-04-07T00:17:20.972041Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/jquery@3.5.1/dist/jquery.slim.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.129.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"fb8409a092adc6e8be17e87d59e0595e","sha1":"cf8d9821552d51bb50ce572e696aba1309065800","sha256":"e3e5f35d586c0e6a9a9d7187687be087580c40a5f8d0e52f0c4053bbc25c98db","sha512":"fc35d35ebea742874c522abe2142580add8f3ce523ac727dc05aeaa49dd79203cd39955f32893b711c3a092c72090c579faa339444ac4a1d7fb0c093175acbfe","ssdeep":"1536:KDFXTRMYFbeDtyZxg6V4mMeexs1Lzu3JlQ5uCe/ZiEm4kWpfBogmzmPx3SgQ47Gl:AuIy3JlQ5cF7m+SgQ47GKA","tlshash":"7f6318dd72c6b07357ab70b9007f610bf13618996c4e4450f129e8e9bc78a4a827bf6d","size":72380,"data":"","first_seen":"2023-03-07T01:03:10Z","last_seen":"2026-05-17T15:19:59.105224Z","times_seen":7936,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/js/bootstrap.bundle.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.129.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a0805bca912ec901f2a7096228b62d46","sha1":"3233fd01d87fba457eaad8dcbc289f75b170f814","sha256":"19126b874a32753d42c12dfa6c17892bfd93820a5a5100ba1b34da4d07599b49","sha512":"8a097c58452e6acf64e5db6784aab2ca577a4f3cd18ef32a2c2efd8e4813df3d3616f2721c0b94b727a69bf3ff8d84a77b5c70148d3a7b3431130c1e6a257b54","ssdeep":"768:du/iZDSuTVlHNvNu7MTMYnxKeNbtj+nUvAQ3+SQQnxyoM+Fos/aAMEolXlbBaCBW:deiJS4KUwnUpkQYV+mB9mydftEyHdUPp","tlshash":"eb83944972a4f472069f60a6907b0a0bf6376c4da507b01cb6e8d4ed1e7cd88316bf79","size":83376,"data":"","first_seen":"2023-03-07T12:23:54Z","last_seen":"2026-05-17T15:16:59.455694Z","times_seen":13759,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.korzh.com/metroui/v4/js/metro.min.js","fqdn":"cdn.korzh.com","domain":"korzh.com","tld":"com"},"ip":{"addr":"172.67.133.181","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"fde6223c137255aa0d9876b8e8baf265","sha1":"2cf5dafbf21bc2b91074ba33d594f9b729121a63","sha256":"3c8989ad7b3de70187687e6d2d23e063a823db3ab0e4d0a5fdb40e3e18a7380a","sha512":"af37a9f44bfe4ad2ceed3909d61ab329f38a6776a4ef41e57b1faa257021a15abb0c69cb35b4d3f0e3b2d60f42e638600c88013706abd7a1196d8c80960dec97","ssdeep":"12288:6mjia7lMimFA6tUQELbZgTpM/MquW2adgAXJVVqPS:b7lh6A6tUQELbZgTeN2adg4JV0PS","tlshash":"49d40a4c7292709142ab61b6152f310ba23b256d9809414cb079dddeac7de8d327bfbf","size":623070,"data":"","first_seen":"2023-09-26T02:07:46Z","last_seen":"2024-10-11T08:47:25.144377Z","times_seen":13,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"re-try-connect.ctab.com.br/en/mywallet/?token=nkbihfbeogaeaoehlefnkodbefgpgknn","fqdn":"re-try-connect.ctab.com.br","domain":"ctab.com.br","tld":"com.br"},"ip":{"addr":"108.179.253.92","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"c8db05dcb7e25b73e3316c5c05e195b5","sha1":"f31beaa683bf4fac070f9982831b021dc38d2887","sha256":"11fb4eaadf8552fd59b9521e2269738beace2e8e4a0c2e44fefa8b1467cc12e8","sha512":"d149bc4b77ef2cad3e40b92f9de1856cee5ce1c9598c2d94391705cd10ddf8d0c786574d64060d541d7bdfee0b7909dc13967dc8ac6cca681e5660889e87b2de","ssdeep":"","tlshash":"d71126a998a368b049afb27e179fe64477355483604ca505781c1f5cef817288bb6a60","size":890,"data":"","first_seen":"2023-09-26T02:07:46Z","last_seen":"2024-08-21T05:45:42.146316Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"re-try-connect.ctab.com.br/en/mywallet/style/main.js","fqdn":"re-try-connect.ctab.com.br","domain":"ctab.com.br","tld":"com.br"},"ip":{"addr":"108.179.253.92","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"0732e3eabbf8aa7ce7f69eedbd07dfdd","sha1":"4cd5ddc413b3024d7b56331c0d0d0b2bd933f27f","sha256":"ce9d07500ad91ec2b524c270764ec4c9a33e78320d8d374ec400ede488f6251b","sha512":"41d24c426abcf913be59917591d906318a547661280036b098a2b1b948bcf9ff14f268b140db10956730d64a857a61b81034d888ed7f857419dee6b8d327447c","ssdeep":"1536:ejExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1vE:eIh8GgP3hujzwbhd3XvSiDQ47GKq","tlshash":"e19309ddb2c6702257a720ba007f510bf236199d6c4d8450f169d8eabc78a4e827bf7d","size":89503,"data":"","first_seen":"2023-03-07T01:10:32Z","last_seen":"2026-05-17T16:42:45.871119Z","times_seen":18995,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"re-try-connect.ctab.com.br/en/mywallet/js/control.js","fqdn":"re-try-connect.ctab.com.br","domain":"ctab.com.br","tld":"com.br"},"ip":{"addr":"108.179.253.92","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"e76ac728698e3935cf039957458a10fb","sha1":"2bcaab3d6af5441e94a80ddb9a70f7172896f7c6","sha256":"e2121382a5483d7882fef2175c93f173b4eaa9e2264b71612808a87e269043c4","sha512":"122024c793cf261d6c51d985c1315e8df7d6145cad6d86538088b8752e47dcb0564c802cc3575d1d5399632706406f5a507ff5cd3b59dea4d76116296595e92e","ssdeep":"","tlshash":"49d0a7285d5d397aaab71ec54ce50bca2960085ed4c080b3081b8d4bced5d90b9a24f2","size":225,"data":"","first_seen":"2023-09-26T02:07:46Z","last_seen":"2024-10-11T08:47:25.10585Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"re-try-connect.ctab.com.br/en/","fqdn":"re-try-connect.ctab.com.br","domain":"ctab.com.br","tld":"com.br"},"ip":{"addr":"108.179.253.92","port":0,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-12-03T05:32:32.749459389Z","timestamp":1701581552749,"http_version":"","security_state":"secure","security_info":null,"request":{"raw":"GET /en/ HTTP/1.1\r\nHost: re-try-connect.ctab.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nset-cookie: PHPSESSID=28f0de9022786b5c2e71bb60f66eb0f7; path=/\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 102\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Sun, 03 Dec 2023 05:32:25 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":102,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with no line terminators","md5":"28b527efe2a2018170da978a73185819","sha1":"b15ba074496caf2d2a4d04d516331fc2ba285484","sha256":"4e57afa0ac8cbdfc0485a9b8706490b9db21a9dbe10b18026fb9f18b59071f8d","sha512":"d5fd7a8dc771619ec5efc2c7f80afe7d5606a7e98a11304efcc3853592e80b9959444de4fb2a0fe923b0a06ec94ae822d134b30c964bda10018293c23991c950","ssdeep":"","tlshash":"73b0124b1d22814d26a0cd148651711df05304a20304d02d11c05540361034b9fa3eab","first_seen":"2023-09-26T03:42:28Z","last_seen":"2024-08-21T05:45:32.452456Z","times_seen":6,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"re-try-connect.ctab.com.br/en/mywallet/?token=nkbihfbeogaeaoehlefnkodbefgpgknn","fqdn":"re-try-connect.ctab.com.br","domain":"ctab.com.br","tld":"com.br"},"ip":{"addr":"108.179.253.92","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2023-12-03T05:32:33.019Z","timestamp":1701581553019,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ctab.com.br","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 Dec 2023 07:09:36 GMT","end":"Fri, 01 Mar 2024 07:09:35 GMT"},"fingerprint":{"sha1":"12:BF:E9:5F:C9:24:5D:A4:D2:E7:88:8C:62:D1:46:BA:68:07:8E:E1","sha256":"24:63:12:D5:10:50:0B:07:B1:0F:3E:42:0F:01:47:E7:EE:6F:9D:4B:87:FF:A6:59:A1:B4:88:EA:14:EE:2D:66"}}},"request":{"raw":"GET /en/mywallet/?token=nkbihfbeogaeaoehlefnkodbefgpgknn HTTP/1.1\r\nHost: re-try-connect.ctab.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://re-try-connect.ctab.com.br/en/\r\nCookie: PHPSESSID=28f0de9022786b5c2e71bb60f66eb0f7\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 6782\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Sun, 03 Dec 2023 05:32:27 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6782,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (436), with CRLF line terminators","md5":"e6cddbab25be23e8e16e7e38f3e8b558","sha1":"5b8b1a41038ed38d84d550375868f2acf326ad18","sha256":"f724061e18a2beb2ee9bbdf3066b0d230c75c02fa92f8a8234c2072db7400518","sha512":"60e05a62971b08de16d523f4fd369e9ec3bc64a33d8d6f4acadde6f29b159c88dbe1ec83a2a68e42a88bf7de46ec4744ee66a8b3e8be9dfbcd786e2d53c696fc","ssdeep":"192:acaG4gYR/5fOF9U2ZnDZ9ufv6Sh8ZUuYwenuEb03pYbEWsKSfXQyL8ccbchNAR:acaG47B552ZnDnQv18ZoLb+PQyLLcbjR","tlshash":"5b828502a9c1193702b385d9a2a17b1afe928147db078415b1fd578b7ff7d418d2be8c","first_seen":"2023-12-03T06:32:50Z","last_seen":"2024-08-20T16:58:59.863003Z","times_seen":5,"resource_available":false,"data":null}},"time_used":237,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":236,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/bootstrap-icons@1.10.3/font/bootstrap-icons.css","fqdn":"cdn.jsdelivr.net","domain":"cdn.jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.129.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://re-try-connect.ctab.com.br/en/mywallet/?token=nkbihfbeogaeaoehlefnkodbefgpgknn","date":"2023-12-03T05:32:33.341Z","timestamp":1701581553341,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2023 Q3","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 27 Sep 2023 18:13:13 GMT","end":"Mon, 28 Oct 2024 18:13:12 GMT"},"fingerprint":{"sha1":"05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09","sha256":"0F:90:CD:B5:CD:3B:AE:F1:BB:01:3A:4D:6D:2E:A6:BA:98:C6:1B:1B:75:BE:DD:CB:39:33:E8:D1:21:F1:9F:EF"}}},"request":{"raw":"GET /npm/bootstrap-icons@1.10.3/font/bootstrap-icons.css HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://re-try-connect.ctab.com.br/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: text/css; charset=utf-8\r\nx-jsd-version: 1.10.3\r\nx-jsd-version-type: version\r\netag: W/\"17579-AwBvMnkuAzSX6cpoNztsM4YwWTM\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Sun, 03 Dec 2023 05:32:28 GMT\r\nage: 10642891\r\nx-served-by: cache-fra-etou8220052-FRA, cache-bma1679-BMA\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 12937\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":12937,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"06cb502613f99040e534fec65fa725c7","sha1":"03006f32792e033497e9ca68373b6c3386305933","sha256":"e1172d3a0a208cf01dc066f0abeaf17f00264a966159a69f71947d6edcd4935f","sha512":"734faf4aff6d9c64b87f3c1320114f71d099d10c0ff9a4de3ef65e009918a5b8faecabd0e7e56b2630e1de58a5e3c2c82c9c6120241feba750f2dfc12723a8fe","ssdeep":"768:+qnm8OAL1Mzocm4KyH2CuwZwmij34k4RDl8IbgFVyMW:7Oocm4FuwZ5ijINRDl8Sb","tlshash":"9793feba914f05f9d341e4d92743634693aab93cd1813c7ad342399ee3c5a1c8ad72ec","first_seen":"2023-04-05T17:57:45Z","last_seen":"2026-05-17T17:30:35.619233Z","times_seen":5771,"resource_available":false,"data":null}},"time_used":184,"timings":{"blocked":73,"dns":20,"connect":38,"send":0,"wait":9,"receive":3,"ssl":36},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/css/bootstrap.min.css","fqdn":"cdn.jsdelivr.net","domain":"cdn.jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.129.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://re-try-connect.ctab.com.br/en/mywallet/?token=nkbihfbeogaeaoehlefnkodbefgpgknn","date":"2023-12-03T05:32:33.365Z","timestamp":1701581553365,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2023 Q3","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 27 Sep 2023 18:13:13 GMT","end":"Mon, 28 Oct 2024 18:13:12 GMT"},"fingerprint":{"sha1":"05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09","sha256":"0F:90:CD:B5:CD:3B:AE:F1:BB:01:3A:4D:6D:2E:A6:BA:98:C6:1B:1B:75:BE:DD:CB:39:33:E8:D1:21:F1:9F:EF"}}},"request":{"raw":"GET /npm/bootstrap@4.6.2/dist/css/bootstrap.min.css HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://re-try-connect.ctab.com.br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://re-try-connect.ctab.com.br/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: text/css; charset=utf-8\r\nx-jsd-version: 4.6.2\r\nx-jsd-version-type: version\r\netag: W/\"279d8-G+N7YjBsjAxndbtMk8XkxOE9l3U\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Sun, 03 Dec 2023 05:32:28 GMT\r\nage: 22134161\r\nx-served-by: cache-fra-eddf8230063-FRA, cache-bma1636-BMA\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 26373\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":26373,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (65326)","md5":"a4b3f509e79c54a512b890d73235ef04","sha1":"1be37b62306c8c0c6775bb4c93c5e4c4e13d9775","sha256":"f886516f3d41e9e7bd994c7f7a39a89cafae9483f90396cb0ddeafe8d1ea5e72","sha512":"aedfd2ad0e143486867c3c845d9b4d7325af41e3aad102f280796e1507128da181d382315a16a5ef5b4abb33fa2bc7985d807abc9578a47917726146190d7fd3","ssdeep":"1536:SS7CI4NT5+rMqFVD2DEBi8yNcuSElA3/uJpq3SYiLENM6HN26B:17sAGLq3SYiLENM6HN26B","tlshash":"9cf352a6f5a0312de4a7c61964d0bafd152f8245d7224bfbf8273b6447892c70a73e4c","first_seen":"2023-04-07T07:49:16Z","last_seen":"2026-05-17T16:58:10.740817Z","times_seen":10943,"resource_available":false,"data":null}},"time_used":144,"timings":{"blocked":57,"dns":24,"connect":14,"send":0,"wait":19,"receive":1,"ssl":25},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/jquery@3.5.1/dist/jquery.slim.min.js","fqdn":"cdn.jsdelivr.net","domain":"cdn.jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.129.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://re-try-connect.ctab.com.br/en/mywallet/?token=nkbihfbeogaeaoehlefnkodbefgpgknn","date":"2023-12-03T05:32:33.381Z","timestamp":1701581553381,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2023 Q3","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 27 Sep 2023 18:13:13 GMT","end":"Mon, 28 Oct 2024 18:13:12 GMT"},"fingerprint":{"sha1":"05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09","sha256":"0F:90:CD:B5:CD:3B:AE:F1:BB:01:3A:4D:6D:2E:A6:BA:98:C6:1B:1B:75:BE:DD:CB:39:33:E8:D1:21:F1:9F:EF"}}},"request":{"raw":"GET /npm/jquery@3.5.1/dist/jquery.slim.min.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://re-try-connect.ctab.com.br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://re-try-connect.ctab.com.br/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: application/javascript; charset=utf-8\r\nx-jsd-version: 3.5.1\r\nx-jsd-version-type: version\r\netag: W/\"11abc-z42YIVUtUbtQzlcuaWq6EwkGWAA\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Sun, 03 Dec 2023 05:32:28 GMT\r\nage: 4062813\r\nx-served-by: cache-fra-eddf8230022-FRA, cache-bma1636-BMA\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 26139\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":26139,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (65245)","md5":"fb8409a092adc6e8be17e87d59e0595e","sha1":"cf8d9821552d51bb50ce572e696aba1309065800","sha256":"e3e5f35d586c0e6a9a9d7187687be087580c40a5f8d0e52f0c4053bbc25c98db","sha512":"fc35d35ebea742874c522abe2142580add8f3ce523ac727dc05aeaa49dd79203cd39955f32893b711c3a092c72090c579faa339444ac4a1d7fb0c093175acbfe","ssdeep":"1536:KDFXTRMYFbeDtyZxg6V4mMeexs1Lzu3JlQ5uCe/ZiEm4kWpfBogmzmPx3SgQ47Gl:AuIy3JlQ5cF7m+SgQ47GKA","tlshash":"7f6318dd72c6b07357ab70b9007f610bf13618996c4e4450f129e8e9bc78a4a827bf6d","first_seen":"2023-03-07T01:03:10Z","last_seen":"2026-05-17T15:19:59.105224Z","times_seen":7936,"resource_available":true,"data":null}},"time_used":120,"timings":{"blocked":44,"dns":5,"connect":15,"send":0,"wait":18,"receive":7,"ssl":21},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"re-try-connect.ctab.com.br/en/mywallet/style/normalize.css","fqdn":"re-try-connect.ctab.com.br","domain":"ctab.com.br","tld":"com.br"},"ip":{"addr":"108.179.253.92","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://re-try-connect.ctab.com.br/en/mywallet/?token=nkbihfbeogaeaoehlefnkodbefgpgknn","date":"2023-12-03T05:32:33.345Z","timestamp":1701581553345,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ctab.com.br","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 Dec 2023 07:09:36 GMT","end":"Fri, 01 Mar 2024 07:09:35 GMT"},"fingerprint":{"sha1":"12:BF:E9:5F:C9:24:5D:A4:D2:E7:88:8C:62:D1:46:BA:68:07:8E:E1","sha256":"24:63:12:D5:10:50:0B:07:B1:0F:3E:42:0F:01:47:E7:EE:6F:9D:4B:87:FF:A6:59:A1:B4:88:EA:14:EE:2D:66"}}},"request":{"raw":"GET /en/mywallet/style/normalize.css HTTP/1.1\r\nHost: re-try-connect.ctab.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://re-try-connect.ctab.com.br/en/mywallet/?token=nkbihfbeogaeaoehlefnkodbefgpgknn\r\nCookie: PHPSESSID=28f0de9022786b5c2e71bb60f66eb0f7\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Sun, 09 Apr 2023 15:19:04 GMT\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 3168\r\ncontent-type: text/css\r\ndate: Sun, 03 Dec 2023 05:32:28 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3168,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"519121fa4cdf6782a4c1c412564605e2","sha1":"dcd9297e0c5c4a9a8ba8fb02a7d93cf85984ccd3","sha256":"25194b73ec31c5fa1e315cd30fd7428f4075d725740663aea2e60d1de61288cb","sha512":"6db607ad2bdb9d3c78515094fcc56a567f4a4036139c47bbfe143c63769d4445d9147837fe9aa41fdebeac49979830cf9be295a3b9a3206c679db36c01d12eee","ssdeep":"96:MjpceHNdGRj3jGkRUQzMOw3gDYLyUTZWhflwofyD/K6EfFi4jM/F:MvtdkjlW9dIwofyD/K6IcbF","tlshash":"e6f174da1b8032a1b3b54ab173a79108f71001768b0530edbce585bd1f58bd543bafe9","first_seen":"2023-04-05T03:57:28Z","last_seen":"2026-05-11T17:33:08.746454Z","times_seen":72,"resource_available":false,"data":null}},"time_used":132,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":132,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/js/bootstrap.bundle.min.js","fqdn":"cdn.jsdelivr.net","domain":"cdn.jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.129.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://re-try-connect.ctab.com.br/en/mywallet/?token=nkbihfbeogaeaoehlefnkodbefgpgknn","date":"2023-12-03T05:32:33.382Z","timestamp":1701581553382,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2023 Q3","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 27 Sep 2023 18:13:13 GMT","end":"Mon, 28 Oct 2024 18:13:12 GMT"},"fingerprint":{"sha1":"05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09","sha256":"0F:90:CD:B5:CD:3B:AE:F1:BB:01:3A:4D:6D:2E:A6:BA:98:C6:1B:1B:75:BE:DD:CB:39:33:E8:D1:21:F1:9F:EF"}}},"request":{"raw":"GET /npm/bootstrap@4.6.2/dist/js/bootstrap.bundle.min.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://re-try-connect.ctab.com.br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://re-try-connect.ctab.com.br/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: application/javascript; charset=utf-8\r\nx-jsd-version: 4.6.2\r\nx-jsd-version-type: version\r\netag: W/\"145b0-MjP9Adh/ukV+qtjcvCifdbFw+BQ\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Sun, 03 Dec 2023 05:32:28 GMT\r\nage: 20317924\r\nx-served-by: cache-fra-eddf8230069-FRA, cache-bma1636-BMA\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 23636\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":23636,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (65299)","md5":"a0805bca912ec901f2a7096228b62d46","sha1":"3233fd01d87fba457eaad8dcbc289f75b170f814","sha256":"19126b874a32753d42c12dfa6c17892bfd93820a5a5100ba1b34da4d07599b49","sha512":"8a097c58452e6acf64e5db6784aab2ca577a4f3cd18ef32a2c2efd8e4813df3d3616f2721c0b94b727a69bf3ff8d84a77b5c70148d3a7b3431130c1e6a257b54","ssdeep":"768:du/iZDSuTVlHNvNu7MTMYnxKeNbtj+nUvAQ3+SQQnxyoM+Fos/aAMEolXlbBaCBW:deiJS4KUwnUpkQYV+mB9mydftEyHdUPp","tlshash":"eb83944972a4f472069f60a6907b0a0bf6376c4da507b01cb6e8d4ed1e7cd88316bf79","first_seen":"2023-03-07T12:23:54Z","last_seen":"2026-05-17T15:16:59.455694Z","times_seen":13759,"resource_available":true,"data":null}},"time_used":129,"timings":{"blocked":45,"dns":3,"connect":14,"send":0,"wait":24,"receive":9,"ssl":27},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"re-try-connect.ctab.com.br/en/mywallet/style/webflow.css","fqdn":"re-try-connect.ctab.com.br","domain":"ctab.com.br","tld":"com.br"},"ip":{"addr":"108.179.253.92","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://re-try-connect.ctab.com.br/en/mywallet/?token=nkbihfbeogaeaoehlefnkodbefgpgknn","date":"2023-12-03T05:32:33.355Z","timestamp":1701581553355,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ctab.com.br","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 Dec 2023 07:09:36 GMT","end":"Fri, 01 Mar 2024 07:09:35 GMT"},"fingerprint":{"sha1":"12:BF:E9:5F:C9:24:5D:A4:D2:E7:88:8C:62:D1:46:BA:68:07:8E:E1","sha256":"24:63:12:D5:10:50:0B:07:B1:0F:3E:42:0F:01:47:E7:EE:6F:9D:4B:87:FF:A6:59:A1:B4:88:EA:14:EE:2D:66"}}},"request":{"raw":"GET /en/mywallet/style/webflow.css HTTP/1.1\r\nHost: re-try-connect.ctab.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://re-try-connect.ctab.com.br/en/mywallet/?token=nkbihfbeogaeaoehlefnkodbefgpgknn\r\nCookie: PHPSESSID=28f0de9022786b5c2e71bb60f66eb0f7\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Sun, 09 Apr 2023 15:19:04 GMT\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 15501\r\ncontent-type: text/css\r\ndate: Sun, 03 Dec 2023 05:32:28 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":15501,"size_decoded":0,"mime_type":"text/css","magic":"assembler source, Unicode text, UTF-8 text, with very long lines (2587), with CRLF line terminators","md5":"395b633beea11647b06bebb9c5e9304b","sha1":"af27e6eaffa90ae378e10d26392175e107bf86bb","sha256":"5c4150571c1079e893f2af365598d52388a77fbaff96e9aa42946dc7fc574a8a","sha512":"2a02dcc3420ae1f6d99d2f9d8bec9c0c2fcb68f4cab81f255cfed0ece2e3908783c14630269eb6fb9026c123be26f694b7d7944ebfe747ed158623b3656f500e","ssdeep":"768:of7A1sXuF4WaWWDkoovAp3cMFvyfjuz4Zq:b1TFPaWWDFMAsfjuz4Zq","tlshash":"6423b5b8d7400500a6368b76ab9597797f3d00d3eb02076cbee1f607a38f5895632fa5","first_seen":"2023-09-26T02:07:46Z","last_seen":"2024-10-11T08:47:25.099686Z","times_seen":12,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":239,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"images.ctfassets.net/9sy2a0egs6zh/5n9UZwFnPyMTphfiT6SDMv/67001204dd8d16fa99070e902c512b9c/home-hero.png?w=1920\u0026q=100\u0026fm=webp","fqdn":"images.ctfassets.net","domain":"ctfassets.net","tld":"net"},"ip":{"addr":"54.230.111.2","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://re-try-connect.ctab.com.br/en/mywallet/?token=nkbihfbeogaeaoehlefnkodbefgpgknn","date":"2023-12-03T05:32:33.369Z","timestamp":1701581553369,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"images.ctfassets.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Tue, 28 Feb 2023 00:00:00 GMT","end":"Fri, 16 Feb 2024 23:59:59 GMT"},"fingerprint":{"sha1":"CA:D7:EE:33:97:78:A0:CF:39:CA:40:DF:F5:6A:02:B4:28:F4:89:27","sha256":"52:87:AE:8C:F6:FB:5A:88:EE:BD:D4:2E:2E:7D:A6:0D:EE:3D:89:20:0C:83:62:21:2F:D4:63:07:31:8A:24:DE"}}},"request":{"raw":"GET /9sy2a0egs6zh/5n9UZwFnPyMTphfiT6SDMv/67001204dd8d16fa99070e902c512b9c/home-hero.png?w=1920\u0026q=100\u0026fm=webp HTTP/1.1\r\nHost: images.ctfassets.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://re-try-connect.ctab.com.br/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/webp\r\ncontent-length: 52080\r\netag: \"e0b964ce8a22e37761e5c42b18cb810d\"\r\nlast-modified: Tue, 07 Nov 2023 09:56:05 GMT\r\ndate: Sun, 03 Dec 2023 05:32:28 GMT\r\ncache-control: max-age=31536000\r\nserver: Contentful Images API\r\naccess-control-allow-origin: *\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: LGAA2Pxru1HFOFiM0TVxaRoIFcM8xR0eNOnN9ORBPnAwc5QefctKng==\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":52080,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image\\012- data","md5":"e0b964ce8a22e37761e5c42b18cb810d","sha1":"e57271a70e23f87d190556582831c2f91fd4a468","sha256":"0a7b892b315f0dfecb0edfe9948c2925ebe11e6bb5b0c667bf870ff6ae84772c","sha512":"ec1c9fb5bb38576852f9519c257e8f5ff33c3a5d288a8b8d8c545a7403a4ccc189dd3854a26a55a364f500015bd7c3f799dfa98dfb9e662aec1b3716984e01af","ssdeep":"768:o5FQsINewHSHg1TqyQPm5CTHXOQPe71XMZM/gGFerSnwer1B39BUFOySi4eI:o5F6g5AB5CT3O8e5XMZybSWD9B8OypY","tlshash":"de33f2222c917b541570110949bf84fb386b09fb0de75c006ac6bc462ad76397d3d9df","first_seen":"2023-04-30T19:30:40Z","last_seen":"2026-05-11T10:58:40.699458Z","times_seen":75,"resource_available":false,"data":null}},"time_used":343,"timings":{"blocked":74,"dns":61,"connect":2,"send":0,"wait":156,"receive":24,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"re-try-connect.ctab.com.br/en/mywallet/style/webfont.js","fqdn":"re-try-connect.ctab.com.br","domain":"ctab.com.br","tld":"com.br"},"ip":{"addr":"108.179.253.92","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://re-try-connect.ctab.com.br/en/mywallet/?token=nkbihfbeogaeaoehlefnkodbefgpgknn","date":"2023-12-03T05:32:33.359Z","timestamp":1701581553359,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ctab.com.br","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 Dec 2023 07:09:36 GMT","end":"Fri, 01 Mar 2024 07:09:35 GMT"},"fingerprint":{"sha1":"12:BF:E9:5F:C9:24:5D:A4:D2:E7:88:8C:62:D1:46:BA:68:07:8E:E1","sha256":"24:63:12:D5:10:50:0B:07:B1:0F:3E:42:0F:01:47:E7:EE:6F:9D:4B:87:FF:A6:59:A1:B4:88:EA:14:EE:2D:66"}}},"request":{"raw":"GET /en/mywallet/style/webfont.js HTTP/1.1\r\nHost: re-try-connect.ctab.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://re-try-connect.ctab.com.br/en/mywallet/?token=nkbihfbeogaeaoehlefnkodbefgpgknn\r\nCookie: PHPSESSID=28f0de9022786b5c2e71bb60f66eb0f7\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Sun, 09 Apr 2023 15:19:04 GMT\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 6022\r\ncontent-type: application/javascript\r\ndate: Sun, 03 Dec 2023 05:32:28 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6022,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (2134)","md5":"7c96a5f11d9741541d5e3c42ff6380d7","sha1":"d3fa2564c021cf730e58ffddb138cf6b57ed126e","sha256":"81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee","sha512":"23c162a2e268951729b580e5035ad6ca9969cfcc5ce58a220817b912e76b38be6c29c3ca7680cb4e8198863d95a72ea65bd06ff7189b5c8475e4c1ce501aeab1","ssdeep":"384:i11kqRm4UjryX2DfatZrT80NCGz5r2zItrX:iEqRm4cy338m7d","tlshash":"7942c65d7652b26a825280f2177f060b9576fa2ab844c0bc7a89d8d46c74db8037ff7c","first_seen":"2023-03-07T01:03:17Z","last_seen":"2026-05-17T17:21:00.053823Z","times_seen":56829,"resource_available":true,"data":null}},"time_used":361,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":361,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"re-try-connect.ctab.com.br/en/mywallet/style/dapp-aave.png","fqdn":"re-try-connect.ctab.com.br","domain":"ctab.com.br","tld":"com.br"},"ip":{"addr":"108.179.253.92","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://re-try-connect.ctab.com.br/en/mywallet/?token=nkbihfbeogaeaoehlefnkodbefgpgknn","date":"2023-12-03T05:32:33.371Z","timestamp":1701581553371,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ctab.com.br","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 Dec 2023 07:09:36 GMT","end":"Fri, 01 Mar 2024 07:09:35 GMT"},"fingerprint":{"sha1":"12:BF:E9:5F:C9:24:5D:A4:D2:E7:88:8C:62:D1:46:BA:68:07:8E:E1","sha256":"24:63:12:D5:10:50:0B:07:B1:0F:3E:42:0F:01:47:E7:EE:6F:9D:4B:87:FF:A6:59:A1:B4:88:EA:14:EE:2D:66"}}},"request":{"raw":"GET /en/mywallet/style/dapp-aave.png HTTP/1.1\r\nHost: re-try-connect.ctab.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://re-try-connect.ctab.com.br/en/mywallet/?token=nkbihfbeogaeaoehlefnkodbefgpgknn\r\nCookie: PHPSESSID=28f0de9022786b5c2e71bb60f66eb0f7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Sun, 09 Apr 2023 15:19:04 GMT\r\naccept-ranges: bytes\r\ncontent-length: 14347\r\ncontent-type: image/png\r\ndate: Sun, 03 Dec 2023 05:32:28 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":14347,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 560 x 560, 8-bit/color RGBA, non-interlaced\\012- data","md5":"521a00d54b7fe1cb1d7712b655ca54a6","sha1":"8c5aa52335bf25183781e62843ede770bf6877ba","sha256":"506d6d9d5ad22253976f2906bbf141c94d19eb15466ed62b8c6cfb887bf07b55","sha512":"a4db3b51d12937c62fe945b7fc23190ca287e55432aad4f845883f75e18802c2df22b08d88a6c14f113f612aa70f9ee48722e784c363d6a2c1e1044a2a371aad","ssdeep":"384:LFoUuOYy+nQ5XVHnOrWJ1r5ap7+rbRaj/ySY:xH+Q5FHfV5aV+r6S","tlshash":"eb52c0e8b2ce9a4ee0498cf42f60471128d8bbf955c130c81c5fbbd947b3369dad9506","first_seen":"2023-04-30T19:31:04Z","last_seen":"2026-05-11T14:06:14.636998Z","times_seen":290,"resource_available":false,"data":null}},"time_used":351,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":348,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"re-try-connect.ctab.com.br/en/mywallet/js/control.js","fqdn":"re-try-connect.ctab.com.br","domain":"ctab.com.br","tld":"com.br"},"ip":{"addr":"108.179.253.92","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://re-try-connect.ctab.com.br/en/mywallet/?token=nkbihfbeogaeaoehlefnkodbefgpgknn","date":"2023-12-03T05:32:33.380Z","timestamp":1701581553380,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ctab.com.br","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 Dec 2023 07:09:36 GMT","end":"Fri, 01 Mar 2024 07:09:35 GMT"},"fingerprint":{"sha1":"12:BF:E9:5F:C9:24:5D:A4:D2:E7:88:8C:62:D1:46:BA:68:07:8E:E1","sha256":"24:63:12:D5:10:50:0B:07:B1:0F:3E:42:0F:01:47:E7:EE:6F:9D:4B:87:FF:A6:59:A1:B4:88:EA:14:EE:2D:66"}}},"request":{"raw":"GET /en/mywallet/js/control.js HTTP/1.1\r\nHost: re-try-connect.ctab.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://re-try-connect.ctab.com.br/en/mywallet/?token=nkbihfbeogaeaoehlefnkodbefgpgknn\r\nCookie: PHPSESSID=28f0de9022786b5c2e71bb60f66eb0f7\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Sun, 09 Apr 2023 15:19:04 GMT\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 167\r\ncontent-type: application/javascript\r\ndate: Sun, 03 Dec 2023 05:32:28 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":167,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with CRLF line terminators","md5":"e76ac728698e3935cf039957458a10fb","sha1":"2bcaab3d6af5441e94a80ddb9a70f7172896f7c6","sha256":"e2121382a5483d7882fef2175c93f173b4eaa9e2264b71612808a87e269043c4","sha512":"122024c793cf261d6c51d985c1315e8df7d6145cad6d86538088b8752e47dcb0564c802cc3575d1d5399632706406f5a507ff5cd3b59dea4d76116296595e92e","ssdeep":"","tlshash":"49d0a7285d5d397aaab71ec54ce50bca2960085ed4c080b3081b8d4bced5d90b9a24f2","first_seen":"2023-09-26T02:07:46Z","last_seen":"2024-10-11T08:47:25.10585Z","times_seen":12,"resource_available":true,"data":null}},"time_used":344,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":343,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"re-try-connect.ctab.com.br/en/mywallet/style/css","fqdn":"re-try-connect.ctab.com.br","domain":"ctab.com.br","tld":"com.br"},"ip":{"addr":"108.179.253.92","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://re-try-connect.ctab.com.br/en/mywallet/?token=nkbihfbeogaeaoehlefnkodbefgpgknn","date":"2023-12-03T05:32:33.362Z","timestamp":1701581553362,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ctab.com.br","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 Dec 2023 07:09:36 GMT","end":"Fri, 01 Mar 2024 07:09:35 GMT"},"fingerprint":{"sha1":"12:BF:E9:5F:C9:24:5D:A4:D2:E7:88:8C:62:D1:46:BA:68:07:8E:E1","sha256":"24:63:12:D5:10:50:0B:07:B1:0F:3E:42:0F:01:47:E7:EE:6F:9D:4B:87:FF:A6:59:A1:B4:88:EA:14:EE:2D:66"}}},"request":{"raw":"GET /en/mywallet/style/css HTTP/1.1\r\nHost: re-try-connect.ctab.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://re-try-connect.ctab.com.br/en/mywallet/?token=nkbihfbeogaeaoehlefnkodbefgpgknn\r\nCookie: PHPSESSID=28f0de9022786b5c2e71bb60f66eb0f7\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Sun, 09 Apr 2023 15:19:04 GMT\r\naccept-ranges: bytes\r\ncontent-length: 752\r\ndate: Sun, 03 Dec 2023 05:32:28 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":752,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"d75dbb7a19763e296b99fa0b3f42546d","sha1":"8b7752a815b8325ece966de1476e4f43ee1dcdc9","sha256":"8daea9a40be31e567300edc7daeb077f232cf7c32baed3aebff9ee9260b0d5a0","sha512":"1d70de205112639224d2e7b9b24eef1a2a8db61b687ffa0330dc57592284ba453766fb328d986004e66a4363b7d4a6c5fdf0b452348d470605e44d3778243b7a","ssdeep":"","tlshash":"df01bd110826e444a3936dc1129e7632ef4eb0901c85ac3097fe58c8fcc2c576352b1d","first_seen":"2023-04-06T07:54:23Z","last_seen":"2024-10-11T08:47:25.102498Z","times_seen":39,"resource_available":false,"data":null}},"time_used":361,"timings":{"blocked":11,"dns":0,"connect":0,"send":0,"wait":349,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"re-try-connect.ctab.com.br/en/mywallet/style/dapp-opensea.png","fqdn":"re-try-connect.ctab.com.br","domain":"ctab.com.br","tld":"com.br"},"ip":{"addr":"108.179.253.92","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://re-try-connect.ctab.com.br/en/mywallet/?token=nkbihfbeogaeaoehlefnkodbefgpgknn","date":"2023-12-03T05:32:33.378Z","timestamp":1701581553378,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ctab.com.br","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 Dec 2023 07:09:36 GMT","end":"Fri, 01 Mar 2024 07:09:35 GMT"},"fingerprint":{"sha1":"12:BF:E9:5F:C9:24:5D:A4:D2:E7:88:8C:62:D1:46:BA:68:07:8E:E1","sha256":"24:63:12:D5:10:50:0B:07:B1:0F:3E:42:0F:01:47:E7:EE:6F:9D:4B:87:FF:A6:59:A1:B4:88:EA:14:EE:2D:66"}}},"request":{"raw":"GET /en/mywallet/style/dapp-opensea.png HTTP/1.1\r\nHost: re-try-connect.ctab.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://re-try-connect.ctab.com.br/en/mywallet/?token=nkbihfbeogaeaoehlefnkodbefgpgknn\r\nCookie: PHPSESSID=28f0de9022786b5c2e71bb60f66eb0f7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Sun, 09 Apr 2023 15:19:04 GMT\r\naccept-ranges: bytes\r\ncontent-length: 6533\r\ncontent-type: image/png\r\ndate: Sun, 03 Dec 2023 05:32:28 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6533,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 280 x 280, 8-bit/color RGBA, non-interlaced\\012- data","md5":"f82776f839cec899c9c87a680226aabf","sha1":"43f5dedb6216cb02ee568fcb66cb19fc296c3a85","sha256":"c62a1f30cdb6aff5eafdfccb45383032e61bf70aa0573572a4428347a1b5b116","sha512":"03b2e93dd1e1b2c114586329bfb239e5127533c2479b36ae6f4e12a893744504837ad088f2e09e597fcaff4f3cbad5356dd26a4b4056e9b848e046000584cb13","ssdeep":"96:UiTpVcYChUbXO01+3761+gz86TD3s0Vs1AgdntHR+bEFElVZx:UiUHhs476AW3s0ibHFElvx","tlshash":"f8d19e2b2d81a56fc3e986334e36b53c5aa346a841afef743cd3480d0cf13993792520","first_seen":"2023-04-30T19:31:04Z","last_seen":"2026-05-11T14:06:14.615713Z","times_seen":318,"resource_available":false,"data":null}},"time_used":448,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":344,"receive":104,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"re-try-connect.ctab.com.br/en/mywallet/style/dapp-rarible.png","fqdn":"re-try-connect.ctab.com.br","domain":"ctab.com.br","tld":"com.br"},"ip":{"addr":"108.179.253.92","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://re-try-connect.ctab.com.br/en/mywallet/?token=nkbihfbeogaeaoehlefnkodbefgpgknn","date":"2023-12-03T05:32:33.379Z","timestamp":1701581553379,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ctab.com.br","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 Dec 2023 07:09:36 GMT","end":"Fri, 01 Mar 2024 07:09:35 GMT"},"fingerprint":{"sha1":"12:BF:E9:5F:C9:24:5D:A4:D2:E7:88:8C:62:D1:46:BA:68:07:8E:E1","sha256":"24:63:12:D5:10:50:0B:07:B1:0F:3E:42:0F:01:47:E7:EE:6F:9D:4B:87:FF:A6:59:A1:B4:88:EA:14:EE:2D:66"}}},"request":{"raw":"GET /en/mywallet/style/dapp-rarible.png HTTP/1.1\r\nHost: re-try-connect.ctab.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://re-try-connect.ctab.com.br/en/mywallet/?token=nkbihfbeogaeaoehlefnkodbefgpgknn\r\nCookie: PHPSESSID=28f0de9022786b5c2e71bb60f66eb0f7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Sun, 09 Apr 2023 15:19:04 GMT\r\naccept-ranges: bytes\r\ncontent-length: 6840\r\ncontent-type: image/png\r\ndate: Sun, 03 Dec 2023 05:32:28 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6840,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 560 x 560, 8-bit/color RGBA, non-interlaced\\012- data","md5":"b9f7c0fd11c34c044799e673947103f8","sha1":"491baab057af39b2b24bf0c671d0eb05454b8c48","sha256":"29db12a282df5639db8fa232831bbe9a7220884eecf79f1776f1b27237a4597c","sha512":"3e390c95f349dd26a8f040616c53ec34749f6f91577cbcbf2904d8e7069c4de9453d96e93f8d5197c40352b8c659e92d4395da923fd5f379ed226ef54cfd0f72","ssdeep":"192:MSLroCXAV1wXWiVJeGmufU8PDnr6Yw/AL:LLroCwV1iWiVJeGmnUr7","tlshash":"e2e18df62be7025ff0287932508b82e5fb9d445d89497e559e016b3f418c493f392ab0","first_seen":"2023-04-30T19:31:04Z","last_seen":"2026-05-11T14:06:14.637648Z","times_seen":297,"resource_available":false,"data":null}},"time_used":448,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":344,"receive":104,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"re-try-connect.ctab.com.br/en/mywallet/style/dapp-compound.png","fqdn":"re-try-connect.ctab.com.br","domain":"ctab.com.br","tld":"com.br"},"ip":{"addr":"108.179.253.92","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://re-try-connect.ctab.com.br/en/mywallet/?token=nkbihfbeogaeaoehlefnkodbefgpgknn","date":"2023-12-03T05:32:33.375Z","timestamp":1701581553375,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ctab.com.br","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 Dec 2023 07:09:36 GMT","end":"Fri, 01 Mar 2024 07:09:35 GMT"},"fingerprint":{"sha1":"12:BF:E9:5F:C9:24:5D:A4:D2:E7:88:8C:62:D1:46:BA:68:07:8E:E1","sha256":"24:63:12:D5:10:50:0B:07:B1:0F:3E:42:0F:01:47:E7:EE:6F:9D:4B:87:FF:A6:59:A1:B4:88:EA:14:EE:2D:66"}}},"request":{"raw":"GET /en/mywallet/style/dapp-compound.png HTTP/1.1\r\nHost: re-try-connect.ctab.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://re-try-connect.ctab.com.br/en/mywallet/?token=nkbihfbeogaeaoehlefnkodbefgpgknn\r\nCookie: PHPSESSID=28f0de9022786b5c2e71bb60f66eb0f7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Sun, 09 Apr 2023 15:19:04 GMT\r\naccept-ranges: bytes\r\ncontent-length: 11355\r\ncontent-type: image/png\r\ndate: Sun, 03 Dec 2023 05:32:28 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":11355,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 280 x 280, 8-bit/color RGBA, non-interlaced\\012- data","md5":"3818f9cfccbd94fad91a10d3c5ee356c","sha1":"7c6af849177aa8bf6ef9bcbf801dc375e1997900","sha256":"20a34c84f82590d99a060210ea362878975f21cfd65c3a70c54e7fb99dce1f76","sha512":"caf3dc701036ba83c0f0994ab45cdb298cfc681f783960bc3a3e79a7c7c9f595cbea3bed0be36ec3d20961afeeb3a5327634da7d03a3d07c2c83d5e8246e3a8e","ssdeep":"192:9YQjGdccr73Lr4Oa2tQwmn3N5l7gdcpf8BYoRnem9GJQRMhSCC:6Q6yOjLxavwmNg+Giozuo","tlshash":"6932d0e596c9320dc06e3cfbd4ccb98fad4067af1a2cbd8906a4844f9395d49059638f","first_seen":"2023-04-30T19:31:04Z","last_seen":"2026-05-11T14:06:14.651254Z","times_seen":310,"resource_available":false,"data":null}},"time_used":472,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":348,"receive":124,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"re-try-connect.ctab.com.br/en/mywallet/style/mm-logo.svg","fqdn":"re-try-connect.ctab.com.br","domain":"ctab.com.br","tld":"com.br"},"ip":{"addr":"108.179.253.92","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://re-try-connect.ctab.com.br/en/mywallet/?token=nkbihfbeogaeaoehlefnkodbefgpgknn","date":"2023-12-03T05:32:33.368Z","timestamp":1701581553368,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ctab.com.br","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 Dec 2023 07:09:36 GMT","end":"Fri, 01 Mar 2024 07:09:35 GMT"},"fingerprint":{"sha1":"12:BF:E9:5F:C9:24:5D:A4:D2:E7:88:8C:62:D1:46:BA:68:07:8E:E1","sha256":"24:63:12:D5:10:50:0B:07:B1:0F:3E:42:0F:01:47:E7:EE:6F:9D:4B:87:FF:A6:59:A1:B4:88:EA:14:EE:2D:66"}}},"request":{"raw":"GET /en/mywallet/style/mm-logo.svg HTTP/1.1\r\nHost: re-try-connect.ctab.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://re-try-connect.ctab.com.br/en/mywallet/?token=nkbihfbeogaeaoehlefnkodbefgpgknn\r\nCookie: PHPSESSID=28f0de9022786b5c2e71bb60f66eb0f7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Sun, 09 Apr 2023 15:19:04 GMT\r\naccept-ranges: bytes\r\ncontent-length: 12058\r\ncontent-type: image/svg+xml\r\ndate: Sun, 03 Dec 2023 05:32:28 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":12058,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image\\012- , ASCII text, with very long lines (1001), with CRLF line terminators","md5":"7915373f26761992664272083eef55af","sha1":"7b69d64a0ff01d6b0cf0b95558349e83ee4d0698","sha256":"4ad9d7c985fe9bc858d79cfe642d805da47e0fe84ea092acaab8691e20ad8670","sha512":"989d867b8a851bf49e62f36e7c0fe7061dfdfdae05886794a774ca7e2ebd61568121eb3f8764fb0e3d56cc2a8df567c5671e8b0f00315fb0f52a6174629313fc","ssdeep":"192:yh/+7QQXKiHE3WAix4gKpSsvCUFZn7e9ikctjjk8eE6XoX9k:yF+7QviHCKsosv3n7eFctjjk8eE6XoXS","tlshash":"38422fdd2ba85dacba63c7a9e3043532312608fb2b55d364c9736678653221cad7fcc4","first_seen":"2023-05-06T08:23:49Z","last_seen":"2025-08-17T16:18:20.33505Z","times_seen":51,"resource_available":false,"data":null}},"time_used":479,"timings":{"blocked":5,"dns":0,"connect":0,"send":0,"wait":349,"receive":125,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"re-try-connect.ctab.com.br/en/mywallet/style/dapp-uniswap.png","fqdn":"re-try-connect.ctab.com.br","domain":"ctab.com.br","tld":"com.br"},"ip":{"addr":"108.179.253.92","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://re-try-connect.ctab.com.br/en/mywallet/?token=nkbihfbeogaeaoehlefnkodbefgpgknn","date":"2023-12-03T05:32:33.380Z","timestamp":1701581553380,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ctab.com.br","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 Dec 2023 07:09:36 GMT","end":"Fri, 01 Mar 2024 07:09:35 GMT"},"fingerprint":{"sha1":"12:BF:E9:5F:C9:24:5D:A4:D2:E7:88:8C:62:D1:46:BA:68:07:8E:E1","sha256":"24:63:12:D5:10:50:0B:07:B1:0F:3E:42:0F:01:47:E7:EE:6F:9D:4B:87:FF:A6:59:A1:B4:88:EA:14:EE:2D:66"}}},"request":{"raw":"GET /en/mywallet/style/dapp-uniswap.png HTTP/1.1\r\nHost: re-try-connect.ctab.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://re-try-connect.ctab.com.br/en/mywallet/?token=nkbihfbeogaeaoehlefnkodbefgpgknn\r\nCookie: PHPSESSID=28f0de9022786b5c2e71bb60f66eb0f7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Sun, 09 Apr 2023 15:19:04 GMT\r\naccept-ranges: bytes\r\ncontent-length: 10268\r\ncontent-type: image/png\r\ndate: Sun, 03 Dec 2023 05:32:28 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":10268,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 280 x 280, 8-bit/color RGBA, non-interlaced\\012- data","md5":"1948962ad395727d902bd6b5fcd01807","sha1":"f7e85e096b084ef6d9f550afbcd702fd889031a5","sha256":"ad0237265584181a6797c454ca123aa5d3df08001ae39b27bddfc66856b6751b","sha512":"09cd0ebf144113ae88a7419d37f342773c8e53a3c52013096209b16fb2ee238c3933604651585ddbd01028cce8a5996803d74feb1441adada8d5870658481227","ssdeep":"192:D07nrQPhHZ0bKq03XqNUoW16nilG3g1NncAS0v+n84TdcZ5SmS:D03WhHZJrXq+ojilUg1RXSPVdw5S","tlshash":"6722bf7ca3e8d3b9f9468af39079be89b00c1c484534565f069331c74e7e422ac87758","first_seen":"2023-04-30T19:31:04Z","last_seen":"2026-05-11T14:06:14.634757Z","times_seen":321,"resource_available":false,"data":null}},"time_used":469,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":344,"receive":125,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"re-try-connect.ctab.com.br/en/mywallet/style/dapp-axieinfinity.png","fqdn":"re-try-connect.ctab.com.br","domain":"ctab.com.br","tld":"com.br"},"ip":{"addr":"108.179.253.92","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://re-try-connect.ctab.com.br/en/mywallet/?token=nkbihfbeogaeaoehlefnkodbefgpgknn","date":"2023-12-03T05:32:33.372Z","timestamp":1701581553372,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ctab.com.br","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 Dec 2023 07:09:36 GMT","end":"Fri, 01 Mar 2024 07:09:35 GMT"},"fingerprint":{"sha1":"12:BF:E9:5F:C9:24:5D:A4:D2:E7:88:8C:62:D1:46:BA:68:07:8E:E1","sha256":"24:63:12:D5:10:50:0B:07:B1:0F:3E:42:0F:01:47:E7:EE:6F:9D:4B:87:FF:A6:59:A1:B4:88:EA:14:EE:2D:66"}}},"request":{"raw":"GET /en/mywallet/style/dapp-axieinfinity.png HTTP/1.1\r\nHost: re-try-connect.ctab.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://re-try-connect.ctab.com.br/en/mywallet/?token=nkbihfbeogaeaoehlefnkodbefgpgknn\r\nCookie: PHPSESSID=28f0de9022786b5c2e71bb60f66eb0f7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Sun, 09 Apr 2023 15:19:04 GMT\r\naccept-ranges: bytes\r\ncontent-length: 42713\r\ncontent-type: image/png\r\ndate: Sun, 03 Dec 2023 05:32:28 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":42713,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 560 x 560, 8-bit/color RGBA, non-interlaced\\012- data","md5":"5f662391fe3ddc927134ba8e15263eaf","sha1":"ab5ea7aacdc8c97238247f59761abc02033b2a67","sha256":"7faefc7f99e94d6251527c95794a5fdfb3e644baf25ae56f4e13afd125246421","sha512":"dc4b4ab518264bc6c5eeb4be985784602fa52c0b7291246ed17b27f1e4f1b54c48711f6216f637be45cf4e6f208eb42b29fbefacfb36cb590704557f855fa17b","ssdeep":"768:x3/HRN6lDQWD68vV6E646CtTx0ja/M40q2LED5fuRAR9MGfZRckIdu:x3pNsc38vV6E/6ATuNcff3MGvcJg","tlshash":"841302c469a02a8bfd1c4e335a6b958cb5ea400c5ef91bde40f539800d789ca997de3d","first_seen":"2023-04-30T19:31:04Z","last_seen":"2026-05-11T14:06:14.650565Z","times_seen":290,"resource_available":false,"data":null}},"time_used":579,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":348,"receive":229,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"re-try-connect.ctab.com.br/en/mywallet/img/metamask.gif","fqdn":"re-try-connect.ctab.com.br","domain":"ctab.com.br","tld":"com.br"},"ip":{"addr":"108.179.253.92","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://re-try-connect.ctab.com.br/en/mywallet/?token=nkbihfbeogaeaoehlefnkodbefgpgknn","date":"2023-12-03T05:32:33.367Z","timestamp":1701581553367,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ctab.com.br","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 Dec 2023 07:09:36 GMT","end":"Fri, 01 Mar 2024 07:09:35 GMT"},"fingerprint":{"sha1":"12:BF:E9:5F:C9:24:5D:A4:D2:E7:88:8C:62:D1:46:BA:68:07:8E:E1","sha256":"24:63:12:D5:10:50:0B:07:B1:0F:3E:42:0F:01:47:E7:EE:6F:9D:4B:87:FF:A6:59:A1:B4:88:EA:14:EE:2D:66"}}},"request":{"raw":"GET /en/mywallet/img/metamask.gif HTTP/1.1\r\nHost: re-try-connect.ctab.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://re-try-connect.ctab.com.br/en/mywallet/?token=nkbihfbeogaeaoehlefnkodbefgpgknn\r\nCookie: PHPSESSID=28f0de9022786b5c2e71bb60f66eb0f7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Sun, 09 Apr 2023 15:19:04 GMT\r\naccept-ranges: bytes\r\ncontent-length: 227301\r\ncontent-type: image/gif\r\ndate: Sun, 03 Dec 2023 05:32:28 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":227301,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 800 x 600\\012- data","md5":"7dd0cbc9a551a2523d7b76146f165a4c","sha1":"1a4f06c02a2dc89d08be77ef5a6be567d3a30778","sha256":"9ec6ee31fdde5527af232cadd6f6a3e4b392e569db2841ad50a078145aedcb69","sha512":"6a18a1680bddebe5cf0b152aefe43dcc227fa17b219580d84b1840fb05b7ff5093e9afc5c117138441eb37fd06b7c4af4a3d9266249dfcd19692648b259c8e41","ssdeep":"6144:581Dqw5AfWJ9h1QLiL6fTp0j/03z3Smk7Tg:5YDqO1l1oikp0A347Tg","tlshash":"fa24127fe17c4e07ed502ee83727ffed195a48d6189061335c1cf142b8a686e09adba4","first_seen":"2023-09-26T02:07:46Z","last_seen":"2025-01-06T13:34:30.039292Z","times_seen":44,"resource_available":false,"data":null}},"time_used":609,"timings":{"blocked":6,"dns":0,"connect":0,"send":0,"wait":348,"receive":255,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"re-try-connect.ctab.com.br/en/mywallet/style/dapp-maker.png","fqdn":"re-try-connect.ctab.com.br","domain":"ctab.com.br","tld":"com.br"},"ip":{"addr":"108.179.253.92","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://re-try-connect.ctab.com.br/en/mywallet/?token=nkbihfbeogaeaoehlefnkodbefgpgknn","date":"2023-12-03T05:32:33.377Z","timestamp":1701581553377,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ctab.com.br","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 Dec 2023 07:09:36 GMT","end":"Fri, 01 Mar 2024 07:09:35 GMT"},"fingerprint":{"sha1":"12:BF:E9:5F:C9:24:5D:A4:D2:E7:88:8C:62:D1:46:BA:68:07:8E:E1","sha256":"24:63:12:D5:10:50:0B:07:B1:0F:3E:42:0F:01:47:E7:EE:6F:9D:4B:87:FF:A6:59:A1:B4:88:EA:14:EE:2D:66"}}},"request":{"raw":"GET /en/mywallet/style/dapp-maker.png HTTP/1.1\r\nHost: re-try-connect.ctab.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://re-try-connect.ctab.com.br/en/mywallet/?token=nkbihfbeogaeaoehlefnkodbefgpgknn\r\nCookie: PHPSESSID=28f0de9022786b5c2e71bb60f66eb0f7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Sun, 09 Apr 2023 15:19:04 GMT\r\naccept-ranges: bytes\r\ncontent-length: 6852\r\ncontent-type: image/png\r\ndate: Sun, 03 Dec 2023 05:32:28 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6852,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 280 x 280, 8-bit/color RGBA, non-interlaced\\012- data","md5":"720871ca002e89a10d26e5c516066311","sha1":"8648fe12645cd5c3473a73faba1d42cef78de444","sha256":"f0d7356ee903d26301b8960783f70c108efc0382f20c804e0d09872a5443ce96","sha512":"9a68723ebe24c8289fa8f5de5b1550cb17d5148e4d563b9f5665ab5367bd9402a94664423fc10e73573660d31ea3b2369cdffb12f7a22017ec5a2bba22bfc030","ssdeep":"192:BcZy95Kq6nHJzpWG1P3GnqWZ+BmOZYIcM:B4yjvwHZpWG1/GntZ+BFZYI5","tlshash":"2be18d8f11cb7270e32f4bb73a3d65b4e0013a8a495ec41571d53d387aa2a4a150388d","first_seen":"2023-04-30T19:31:04Z","last_seen":"2026-05-11T14:06:14.677476Z","times_seen":315,"resource_available":false,"data":null}},"time_used":603,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":602,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"re-try-connect.ctab.com.br/en/mywallet/style/dapp-gitcoin.png","fqdn":"re-try-connect.ctab.com.br","domain":"ctab.com.br","tld":"com.br"},"ip":{"addr":"108.179.253.92","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://re-try-connect.ctab.com.br/en/mywallet/?token=nkbihfbeogaeaoehlefnkodbefgpgknn","date":"2023-12-03T05:32:33.376Z","timestamp":1701581553376,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ctab.com.br","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 Dec 2023 07:09:36 GMT","end":"Fri, 01 Mar 2024 07:09:35 GMT"},"fingerprint":{"sha1":"12:BF:E9:5F:C9:24:5D:A4:D2:E7:88:8C:62:D1:46:BA:68:07:8E:E1","sha256":"24:63:12:D5:10:50:0B:07:B1:0F:3E:42:0F:01:47:E7:EE:6F:9D:4B:87:FF:A6:59:A1:B4:88:EA:14:EE:2D:66"}}},"request":{"raw":"GET /en/mywallet/style/dapp-gitcoin.png HTTP/1.1\r\nHost: re-try-connect.ctab.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://re-try-connect.ctab.com.br/en/mywallet/?token=nkbihfbeogaeaoehlefnkodbefgpgknn\r\nCookie: PHPSESSID=28f0de9022786b5c2e71bb60f66eb0f7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Sun, 09 Apr 2023 15:19:04 GMT\r\naccept-ranges: bytes\r\ncontent-length: 7998\r\ncontent-type: image/png\r\ndate: Sun, 03 Dec 2023 05:32:28 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7998,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 280 x 280, 8-bit/color RGBA, non-interlaced\\012- data","md5":"c710e9a5c39e89136a73edf0a1c99abe","sha1":"aca40362b7d87533d00250e102ba852d19e2231c","sha256":"7077eb7da3a6f399014d67a1032ab6d67f099055a1a2594cb4753022b843dc43","sha512":"b653e56529e009affdf1cd2f5c37a3ffcafaa01af8276a236dbd80d4804d0ece9841e15bc53a0e66701aab5a2ceec992d2640af94a138d6049620ef628e39df8","ssdeep":"192:q3/9yDsyJu9TRebIdiWXlo5IfkIrDRfgQKOdwg:q3lyDsg7kzW5IcI5goqg","tlshash":"e6f19ea8701bd5cf5fe30a18fd5702c9dc6451ea29ca90b6a09d38eef03d5e6412b781","first_seen":"2023-04-30T19:31:04Z","last_seen":"2026-05-11T14:06:14.669717Z","times_seen":310,"resource_available":false,"data":null}},"time_used":604,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":603,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"re-try-connect.ctab.com.br/en/mywallet/style/favicon.png","fqdn":"re-try-connect.ctab.com.br","domain":"ctab.com.br","tld":"com.br"},"ip":{"addr":"108.179.253.92","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://re-try-connect.ctab.com.br/en/mywallet/?token=nkbihfbeogaeaoehlefnkodbefgpgknn","date":"2023-12-03T05:32:34.004Z","timestamp":1701581554004,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ctab.com.br","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 Dec 2023 07:09:36 GMT","end":"Fri, 01 Mar 2024 07:09:35 GMT"},"fingerprint":{"sha1":"12:BF:E9:5F:C9:24:5D:A4:D2:E7:88:8C:62:D1:46:BA:68:07:8E:E1","sha256":"24:63:12:D5:10:50:0B:07:B1:0F:3E:42:0F:01:47:E7:EE:6F:9D:4B:87:FF:A6:59:A1:B4:88:EA:14:EE:2D:66"}}},"request":{"raw":"GET /en/mywallet/style/favicon.png HTTP/1.1\r\nHost: re-try-connect.ctab.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://re-try-connect.ctab.com.br/en/mywallet/?token=nkbihfbeogaeaoehlefnkodbefgpgknn\r\nCookie: PHPSESSID=28f0de9022786b5c2e71bb60f66eb0f7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Sun, 09 Apr 2023 15:19:04 GMT\r\naccept-ranges: bytes\r\ncontent-length: 1532\r\ncontent-type: image/png\r\ndate: Sun, 03 Dec 2023 05:32:28 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1532,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\\012- data","md5":"b7919ea38a8beed9b4763858c4f7412b","sha1":"1aa57bcd7ca8a0c3352923c9ee06c472f23d5b63","sha256":"214080adac9969108cb602cb68617e332db1288e95e18c29c10f9396c6d3744c","sha512":"7c2b72c2ab01ba3654182244ee3d95b7de954bbfc95ab9778c2360136134a920c1e8e58ba92f75e4ed20cf0595596b0e38020430c09f44a191aea972677fe07e","ssdeep":"","tlshash":"d53129d763af541cf59f8a630326c86074793853832240c98fd2fda422be818b27c29b","first_seen":"2023-04-30T19:31:42Z","last_seen":"2026-05-11T14:06:14.642724Z","times_seen":817,"resource_available":false,"data":null}},"time_used":136,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":136,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"re-try-connect.ctab.com.br/en/mywallet/style/webclip.png","fqdn":"re-try-connect.ctab.com.br","domain":"ctab.com.br","tld":"com.br"},"ip":{"addr":"108.179.253.92","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://re-try-connect.ctab.com.br/en/mywallet/?token=nkbihfbeogaeaoehlefnkodbefgpgknn","date":"2023-12-03T05:32:34.003Z","timestamp":1701581554003,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ctab.com.br","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 Dec 2023 07:09:36 GMT","end":"Fri, 01 Mar 2024 07:09:35 GMT"},"fingerprint":{"sha1":"12:BF:E9:5F:C9:24:5D:A4:D2:E7:88:8C:62:D1:46:BA:68:07:8E:E1","sha256":"24:63:12:D5:10:50:0B:07:B1:0F:3E:42:0F:01:47:E7:EE:6F:9D:4B:87:FF:A6:59:A1:B4:88:EA:14:EE:2D:66"}}},"request":{"raw":"GET /en/mywallet/style/webclip.png HTTP/1.1\r\nHost: re-try-connect.ctab.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://re-try-connect.ctab.com.br/en/mywallet/?token=nkbihfbeogaeaoehlefnkodbefgpgknn\r\nCookie: PHPSESSID=28f0de9022786b5c2e71bb60f66eb0f7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Sun, 09 Apr 2023 15:19:04 GMT\r\naccept-ranges: bytes\r\ncontent-length: 11764\r\ncontent-type: image/png\r\ndate: Sun, 03 Dec 2023 05:32:28 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":11764,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\\012- data","md5":"48400a28770e10dd52a8c0e539aeb282","sha1":"151bcd0c431ed79f30193731de564106a5b11956","sha256":"27712ebee35bae5474f124f7cbf6cb2ca60d5121e561d284c9f11a4e69efd663","sha512":"2c379b81f9f94dab3d756c8a60d00efc992ab34947952b3c2fbbb1d52476659c5c1d7bd9f6d676e05f852ac6be0b1a38af8549bd5be6ea15884aceb0cbb7ee10","ssdeep":"192:1SwLv+UeDeSdXPDbr88+EdNTL8+hvMTvj9kCNH+BdQ5lURjVM79uoaaQmN7sRB9S:U+R0Dn88pdNv479kOebFrMZsaQygB9xg","tlshash":"5a32c0aeeac14d97b496f3b8f417059eca98cf5141e81d620bb0db5ca8700b13a619f7","first_seen":"2023-04-30T19:31:42Z","last_seen":"2026-05-11T14:06:14.62258Z","times_seen":700,"resource_available":false,"data":null}},"time_used":143,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":143,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/changaone/v18/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"216.58.207.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://re-try-connect.ctab.com.br/en/mywallet/?token=nkbihfbeogaeaoehlefnkodbefgpgknn","date":"2023-12-03T05:32:34.093Z","timestamp":1701581554093,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 23 Oct 2023 11:24:07 GMT","end":"Mon, 15 Jan 2024 11:24:06 GMT"},"fingerprint":{"sha1":"E5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD","sha256":"EF:BD:DB:F8:2A:77:8C:C2:9E:F9:E0:B2:26:39:CB:EC:63:F1:80:36:F6:06:6E:F5:E1:6C:45:66:A4:D1:A6:C8"}}},"request":{"raw":"GET /s/changaone/v18/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://re-try-connect.ctab.com.br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://re-try-connect.ctab.com.br/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 7900\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 30 Nov 2023 10:04:56 GMT\r\nexpires: Fri, 29 Nov 2024 10:04:56 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Thu, 21 Apr 2022 17:15:19 GMT\r\ncontent-type: font/woff2\r\nage: 242852\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7900,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 7900, version 1.0\\012- data","md5":"61e86e7a20ecf3ba181ca4b9a9a1cdbd","sha1":"482a65cffc69109af26669d64accbef71db3b836","sha256":"fbd0536d5b92c0dbe6ad2637800ae8da10c20755b564a3575bd12bba57f73b18","sha512":"ab6fdf82b20f56e24715f3ed96e185ca7725bd3fff298682286f46470145fc3e8c216b2d131634222830ba327032fe8a099a717400670efc9d9a890559b44802","ssdeep":"192:gHJf6gkfIzqi/F7Qy1SmeBppn/OeBUZeFDG46EMaHka6OUm:gHx6jfBid7Qvpn/OtedGoM/a6OUm","tlshash":"7ef1ae398751d430e6420fb2eb3dc7cccea7c815ad2839acc256c52c92938148bc79bb","first_seen":"2023-04-16T20:34:53Z","last_seen":"2026-05-17T16:09:51.817051Z","times_seen":801,"resource_available":false,"data":null}},"time_used":134,"timings":{"blocked":62,"dns":0,"connect":7,"send":0,"wait":9,"receive":1,"ssl":52},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/changaone/v18/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"216.58.207.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://re-try-connect.ctab.com.br/en/mywallet/?token=nkbihfbeogaeaoehlefnkodbefgpgknn","date":"2023-12-03T05:32:34.108Z","timestamp":1701581554108,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 23 Oct 2023 11:24:07 GMT","end":"Mon, 15 Jan 2024 11:24:06 GMT"},"fingerprint":{"sha1":"E5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD","sha256":"EF:BD:DB:F8:2A:77:8C:C2:9E:F9:E0:B2:26:39:CB:EC:63:F1:80:36:F6:06:6E:F5:E1:6C:45:66:A4:D1:A6:C8"}}},"request":{"raw":"GET /s/changaone/v18/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://re-try-connect.ctab.com.br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://re-try-connect.ctab.com.br/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 8404\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 01 Dec 2023 20:23:43 GMT\r\nexpires: Sat, 30 Nov 2024 20:23:43 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Thu, 21 Apr 2022 17:15:41 GMT\r\ncontent-type: font/woff2\r\nage: 119325\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8404,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 8404, version 1.0\\012- data","md5":"141119ae119bf7ca75e10ef82f66e442","sha1":"adebf435aa078db3c116cb9faae15f2ad81d3ac5","sha256":"c6afeb967afd466210e4061473c4855684e84b7e850b248c0533e6288acfbaff","sha512":"29ab396d13f26dbed137e0b710fc47db3be83358a8ff265ea4de7bb2b886c406b134497b1f0fbed4a871c5cc5a1999ce1b258bb4c3808d53d40fb7e7f9c4945c","ssdeep":"192:+zTOlHxxAEPen16bfGMCVbda0Y/ez2rmcRCIBERAH3FxaK:y8LApKfGMCVZY/fFoAX3b","tlshash":"7802ae229280e51da8956435348b4d34c7fa36f52e58eeab42ce8ea0dd37200de53f62","first_seen":"2023-04-09T19:42:29Z","last_seen":"2026-05-16T21:32:10.988195Z","times_seen":629,"resource_available":false,"data":null}},"time_used":119,"timings":{"blocked":48,"dns":1,"connect":7,"send":0,"wait":10,"receive":1,"ssl":49},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/changaone/v20/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"216.58.207.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://re-try-connect.ctab.com.br/en/mywallet/?token=nkbihfbeogaeaoehlefnkodbefgpgknn","date":"2023-12-03T05:32:34.105Z","timestamp":1701581554105,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 23 Oct 2023 11:24:07 GMT","end":"Mon, 15 Jan 2024 11:24:06 GMT"},"fingerprint":{"sha1":"E5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD","sha256":"EF:BD:DB:F8:2A:77:8C:C2:9E:F9:E0:B2:26:39:CB:EC:63:F1:80:36:F6:06:6E:F5:E1:6C:45:66:A4:D1:A6:C8"}}},"request":{"raw":"GET /s/changaone/v20/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://re-try-connect.ctab.com.br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 7900\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 29 Nov 2023 19:17:20 GMT\r\nexpires: Thu, 28 Nov 2024 19:17:20 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Thu, 24 Aug 2023 21:10:56 GMT\r\ncontent-type: font/woff2\r\nage: 296108\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7900,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 7900, version 1.0\\012- data","md5":"61e86e7a20ecf3ba181ca4b9a9a1cdbd","sha1":"482a65cffc69109af26669d64accbef71db3b836","sha256":"fbd0536d5b92c0dbe6ad2637800ae8da10c20755b564a3575bd12bba57f73b18","sha512":"ab6fdf82b20f56e24715f3ed96e185ca7725bd3fff298682286f46470145fc3e8c216b2d131634222830ba327032fe8a099a717400670efc9d9a890559b44802","ssdeep":"192:gHJf6gkfIzqi/F7Qy1SmeBppn/OeBUZeFDG46EMaHka6OUm:gHx6jfBid7Qvpn/OtedGoM/a6OUm","tlshash":"7ef1ae398751d430e6420fb2eb3dc7cccea7c815ad2839acc256c52c92938148bc79bb","first_seen":"2023-04-16T20:34:53Z","last_seen":"2026-05-17T16:09:51.817051Z","times_seen":801,"resource_available":false,"data":null}},"time_used":128,"timings":{"blocked":53,"dns":2,"connect":7,"send":0,"wait":10,"receive":4,"ssl":49},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/changaone/v20/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"216.58.207.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://re-try-connect.ctab.com.br/en/mywallet/?token=nkbihfbeogaeaoehlefnkodbefgpgknn","date":"2023-12-03T05:32:34.110Z","timestamp":1701581554110,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 23 Oct 2023 11:24:07 GMT","end":"Mon, 15 Jan 2024 11:24:06 GMT"},"fingerprint":{"sha1":"E5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD","sha256":"EF:BD:DB:F8:2A:77:8C:C2:9E:F9:E0:B2:26:39:CB:EC:63:F1:80:36:F6:06:6E:F5:E1:6C:45:66:A4:D1:A6:C8"}}},"request":{"raw":"GET /s/changaone/v20/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://re-try-connect.ctab.com.br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 8404\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 30 Nov 2023 23:32:37 GMT\r\nexpires: Fri, 29 Nov 2024 23:32:37 GMT\r\ncache-control: public, max-age=31536000\r\nage: 194391\r\nlast-modified: Thu, 24 Aug 2023 20:56:52 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8404,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 8404, version 1.0\\012- data","md5":"141119ae119bf7ca75e10ef82f66e442","sha1":"adebf435aa078db3c116cb9faae15f2ad81d3ac5","sha256":"c6afeb967afd466210e4061473c4855684e84b7e850b248c0533e6288acfbaff","sha512":"29ab396d13f26dbed137e0b710fc47db3be83358a8ff265ea4de7bb2b886c406b134497b1f0fbed4a871c5cc5a1999ce1b258bb4c3808d53d40fb7e7f9c4945c","ssdeep":"192:+zTOlHxxAEPen16bfGMCVbda0Y/ez2rmcRCIBERAH3FxaK:y8LApKfGMCVZY/fFoAX3b","tlshash":"7802ae229280e51da8956435348b4d34c7fa36f52e58eeab42ce8ea0dd37200de53f62","first_seen":"2023-04-09T19:42:29Z","last_seen":"2026-05-16T21:32:10.988195Z","times_seen":629,"resource_available":false,"data":null}},"time_used":129,"timings":{"blocked":59,"dns":1,"connect":9,"send":0,"wait":9,"receive":1,"ssl":46},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"re-try-connect.ctab.com.br/en/mywallet//ws","fqdn":"re-try-connect.ctab.com.br","domain":"ctab.com.br","tld":"com.br"},"ip":{"addr":"108.179.253.92","port":0,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-12-03T05:32:34.435795535Z","timestamp":1701581554435,"http_version":"","security_state":"secure","security_info":null,"request":{"raw":"GET /en/mywallet//ws HTTP/1.1\r\nHost: re-try-connect.ctab.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://re-try-connect.ctab.com.br\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: TcYVDlOStxtNYLlr3hGFFg==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nCookie: PHPSESSID=28f0de9022786b5c2e71bb60f66eb0f7\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Sun, 03 Dec 2023 05:32:29 GMT\r\nServer: Apache\r\nLast-Modified: Tue, 04 Oct 2022 14:10:38 GMT\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 836\r\nKeep-Alive: timeout=5, max=75\r\nConnection: Keep-Alive\r\nContent-Type: text/html\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":836,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"11a0bbc52834cf74da795d5815b7dc63","sha1":"5d401cf953df570210427a92d27e00ddf403f4b7","sha256":"c989a169a129121f006c8fcbf90ab305d9005d516ce72cc44b4949167eed39d5","sha512":"bdc773e24231dcc13db01881c1977c091f565d1505ab8fb8aaf7f6565ddcbc36b1943126d51e43e701a49c6c024e9d335b50ca546e8058029844255f2796a62c","ssdeep":"","tlshash":"75418d8348c04d4f3231a649ba5b63a9d982a147cf6e9e40b2de631f4ff2da1c573131","first_seen":"2023-04-05T04:00:29Z","last_seen":"2026-05-17T14:28:05.613023Z","times_seen":7180,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/bootstrap-icons@1.10.3/font/fonts/bootstrap-icons.woff2?24e3eb84d0bcaf83d77f904c78ac1f47","fqdn":"cdn.jsdelivr.net","domain":"cdn.jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.129.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://re-try-connect.ctab.com.br/en/mywallet/?token=nkbihfbeogaeaoehlefnkodbefgpgknn","date":"2023-12-03T05:32:36.272Z","timestamp":1701581556272,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2023 Q3","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 27 Sep 2023 18:13:13 GMT","end":"Mon, 28 Oct 2024 18:13:12 GMT"},"fingerprint":{"sha1":"05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09","sha256":"0F:90:CD:B5:CD:3B:AE:F1:BB:01:3A:4D:6D:2E:A6:BA:98:C6:1B:1B:75:BE:DD:CB:39:33:E8:D1:21:F1:9F:EF"}}},"request":{"raw":"GET /npm/bootstrap-icons@1.10.3/font/fonts/bootstrap-icons.woff2?24e3eb84d0bcaf83d77f904c78ac1f47 HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://re-try-connect.ctab.com.br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn.jsdelivr.net/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: font/woff2\r\nx-jsd-version: 1.10.3\r\nx-jsd-version-type: version\r\netag: W/\"1d9d0-F9rQd2iZrRvq2r0GHDTioiss3nQ\"\r\naccept-ranges: bytes\r\ndate: Sun, 03 Dec 2023 05:32:31 GMT\r\nage: 2858832\r\nx-served-by: cache-fra-etou8220101-FRA, cache-bma1636-BMA\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 121296\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":121296,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 121296, version 1.0\\012- data","md5":"7f477633ddd12f84284654f2a2e89b8a","sha1":"17dad0776899ad1beadabd061c34e2a22b2cde74","sha256":"966620f9e3bec428663687f9e8d67a6b8e35d79adebf6fb204e9b139eada7599","sha512":"b46baa2a3ea38512f8b539774c751004cc866d085a9739f4c25f2ade9d97c10d6f4b20cf87dcbb6a003e0df0ca2df200f9036a4c76a013f24c57d365981f6e00","ssdeep":"3072:Nodp66TvfwN7lvK/5hwbCuy3Y5vV1uXZKeufOdZMJgQoHy:Gp6gX+7s/5hwD1RvqufOoJgHy","tlshash":"75c313267cc162a8bf6dbcb2545af65c99b4c9ce6a802bacfd30db90c1075ccd910771","first_seen":"2023-04-07T20:14:59Z","last_seen":"2026-05-17T17:30:35.558544Z","times_seen":6692,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":9,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"re-try-connect.ctab.com.br/en/mywallet/style/EuclidCircularB-Regular-WebXL.woff2","fqdn":"re-try-connect.ctab.com.br","domain":"ctab.com.br","tld":"com.br"},"ip":{"addr":"108.179.253.92","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://re-try-connect.ctab.com.br/en/mywallet/?token=nkbihfbeogaeaoehlefnkodbefgpgknn","date":"2023-12-03T05:32:36.307Z","timestamp":1701581556307,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ctab.com.br","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 Dec 2023 07:09:36 GMT","end":"Fri, 01 Mar 2024 07:09:35 GMT"},"fingerprint":{"sha1":"12:BF:E9:5F:C9:24:5D:A4:D2:E7:88:8C:62:D1:46:BA:68:07:8E:E1","sha256":"24:63:12:D5:10:50:0B:07:B1:0F:3E:42:0F:01:47:E7:EE:6F:9D:4B:87:FF:A6:59:A1:B4:88:EA:14:EE:2D:66"}}},"request":{"raw":"GET /en/mywallet/style/EuclidCircularB-Regular-WebXL.woff2 HTTP/1.1\r\nHost: re-try-connect.ctab.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://re-try-connect.ctab.com.br/en/mywallet/style/metamask-staging-2.webflow.css\r\nCookie: PHPSESSID=28f0de9022786b5c2e71bb60f66eb0f7\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Sun, 09 Apr 2023 15:19:04 GMT\r\naccept-ranges: bytes\r\ncontent-length: 45196\r\ncontent-type: font/woff2\r\ndate: Sun, 03 Dec 2023 05:32:31 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":45196,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 45196, version 3.66\\012- data","md5":"2d75957df3bb3aa6ed84f6591b0d5a1a","sha1":"906424e75625f63b0188471067065794d0348536","sha256":"8ff3b303322168b49a14878f195dbaf76d9da16e35094d1f83fa23245450155b","sha512":"79733ed5303ca93cdec16b9da25cd95ca397343d5ee529f4074ea878fa0f9916a6ffef297b51d5b9b3cd3bf8e199e203f91598166429bcce398f7c9055557c40","ssdeep":"768:I31VpnYUI+dibkAK4rZJ5CkE9cfnRN0C6fZQ/UAqD2zsUz8ANMDuu1ftOl6GXv:Ep0IJ4FJ5MhQ22zsUzoDp1Olhf","tlshash":"cc13f1586f3cc766d23960ead86c893d483aa8b6ac420fd4fa47173b0e44755934bb70","first_seen":"2023-04-13T20:09:28Z","last_seen":"2026-05-11T14:06:14.628102Z","times_seen":822,"resource_available":false,"data":null}},"time_used":132,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":131,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"re-try-connect.ctab.com.br/en/mywallet/style/EuclidCircularB-Bold-WebXL.woff2","fqdn":"re-try-connect.ctab.com.br","domain":"ctab.com.br","tld":"com.br"},"ip":{"addr":"108.179.253.92","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://re-try-connect.ctab.com.br/en/mywallet/?token=nkbihfbeogaeaoehlefnkodbefgpgknn","date":"2023-12-03T05:32:36.308Z","timestamp":1701581556308,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ctab.com.br","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 Dec 2023 07:09:36 GMT","end":"Fri, 01 Mar 2024 07:09:35 GMT"},"fingerprint":{"sha1":"12:BF:E9:5F:C9:24:5D:A4:D2:E7:88:8C:62:D1:46:BA:68:07:8E:E1","sha256":"24:63:12:D5:10:50:0B:07:B1:0F:3E:42:0F:01:47:E7:EE:6F:9D:4B:87:FF:A6:59:A1:B4:88:EA:14:EE:2D:66"}}},"request":{"raw":"GET /en/mywallet/style/EuclidCircularB-Bold-WebXL.woff2 HTTP/1.1\r\nHost: re-try-connect.ctab.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://re-try-connect.ctab.com.br/en/mywallet/style/metamask-staging-2.webflow.css\r\nCookie: PHPSESSID=28f0de9022786b5c2e71bb60f66eb0f7\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Sun, 09 Apr 2023 15:19:04 GMT\r\naccept-ranges: bytes\r\ncontent-length: 44544\r\ncontent-type: font/woff2\r\ndate: Sun, 03 Dec 2023 05:32:31 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":44544,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 44544, version 3.66\\012- data","md5":"9024d0bf73943172297c4628d0054e20","sha1":"36c3795e7b297d06589e15ef59592683d9ed0974","sha256":"88fad87880ae6bb0d733c967419d5f0d68da547a88ad67e7af41f18dae2e20df","sha512":"3b621d07add00dcbbefa4b14279c78260d361b9848226d472780896865ecdb0c5096b1ad013ed114ad6c9b5fc60814cd678fd124d5265e9479abc2730cbf9bd6","ssdeep":"768:OYwXmLSu2ENQ2CMecobgGcYjYHI5FhZF2UIlN9/j7gAfHxiPiX0gaIutLAP:OYUm1NQ5gGPZF2UI397nEPinanA","tlshash":"1513e1e1f7961a8e4e500f3e236083be577c1469ff3349866588276d2ba51bf2073c56","first_seen":"2023-04-13T20:09:28Z","last_seen":"2026-05-11T14:06:14.626367Z","times_seen":765,"resource_available":false,"data":null}},"time_used":133,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":132,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"cdn.korzh.com/metroui/v4/js/metro.min.js","fqdn":"cdn.korzh.com","domain":"korzh.com","tld":"com"},"ip":{"addr":"172.67.133.181","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://re-try-connect.ctab.com.br/en/mywallet/?token=nkbihfbeogaeaoehlefnkodbefgpgknn","date":"2023-12-03T05:32:33.383Z","timestamp":1701581553383,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"korzh.com","organization":""},"issuer":{"commonName":"E1","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Oct 2023 10:28:06 GMT","end":"Wed, 17 Jan 2024 10:28:05 GMT"},"fingerprint":{"sha1":"E7:8C:25:47:6E:CE:74:55:BD:1A:91:2A:42:C3:5F:8D:8C:B3:E0:68","sha256":"36:25:E5:76:5F:81:B2:B7:BC:4E:66:00:68:67:70:1F:F3:86:8C:A6:3B:AE:DA:87:D2:B6:CB:77:F9:69:40:D2"}}},"request":{"raw":"GET /metroui/v4/js/metro.min.js HTTP/1.1\r\nHost: cdn.korzh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://re-try-connect.ctab.com.br/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 03 Dec 2023 05:32:28 GMT\r\ncontent-type: application/x-javascript\r\nlast-modified: Thu, 01 Sep 2022 15:49:20 GMT\r\netag: W/\"30401c8-981de-8e7e2000\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,POST,OPTIONS,DELETE,PUT\r\naccess-control-allow-headers: Content-Type\r\ncache-control: max-age=31536000\r\ncf-cache-status: HIT\r\nage: 3095\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=oLYWlBsIKGIt4lH2hUSQ1uMtOZJ%2BYxSqO6m%2BVOYevtAl9%2BWRoMKoRKno%2F7wzo0ObEWtS94rzfr5BMFLwCN8PNt5EQt9wOR%2BlZ6rOM2e8tyKr5YNF4Ow%2FCI1Za0Ct4zRs\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 82f96de41d8d56ab-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":623070,"size_decoded":0,"mime_type":"application/x-javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-17T17:15:06.080654Z","times_seen":15342222,"resource_available":true,"data":null}},"time_used":54,"timings":{"blocked":-1,"dns":3,"connect":3,"send":0,"wait":16,"receive":0,"ssl":31},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Changa+One:400,400italic","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.170","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://re-try-connect.ctab.com.br/en/mywallet/?token=nkbihfbeogaeaoehlefnkodbefgpgknn","date":"2023-12-03T05:32:33.872Z","timestamp":1701581553872,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 23 Oct 2023 11:24:07 GMT","end":"Mon, 15 Jan 2024 11:24:06 GMT"},"fingerprint":{"sha1":"CC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42","sha256":"9A:90:D4:1D:0C:D1:CA:9D:4D:19:37:44:C4:E6:E4:28:27:C0:F5:0A:9C:B4:56:89:C4:D1:8A:63:A7:01:28:54"}}},"request":{"raw":"GET /css?family=Changa+One:400,400italic HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://re-try-connect.ctab.com.br/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sun, 03 Dec 2023 05:32:28 GMT\r\ndate: Sun, 03 Dec 2023 05:32:28 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":800,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (816), with no line terminators","md5":"d649df21660305e95bf70d4282367324","sha1":"4a3aeaf4830f03b873105998d8ceaa017bc0b65c","sha256":"338d6967247111e7857d08db563973e8782b09601225fece0af3420e5cd2fa56","sha512":"d31d2cbdaf30844de111d0ae00ecd2a4979be5bb92d1b97391d272e84513128aa68c82a1ff830ab67abc9c7f1190c50c8feba61662b749215acf80858b99f606","ssdeep":"","tlshash":"f3018e410827b504a2d35fd113de3131ef4eb6905861653097fe58dafcc2c57235171c","first_seen":"2023-08-27T15:01:33Z","last_seen":"2024-10-14T17:47:06.672057Z","times_seen":83,"resource_available":false,"data":null}},"time_used":85,"timings":{"blocked":33,"dns":0,"connect":8,"send":0,"wait":19,"receive":0,"ssl":23},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"wss","addr":"re-try-connect.ctab.com.br/en/mywallet//ws","fqdn":"re-try-connect.ctab.com.br","domain":"ctab.com.br","tld":"com.br"},"ip":{"addr":"108.179.253.92","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://re-try-connect.ctab.com.br/en/mywallet/?token=nkbihfbeogaeaoehlefnkodbefgpgknn","date":"2023-12-03T05:32:33.996Z","timestamp":1701581553996,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ctab.com.br","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 Dec 2023 07:09:36 GMT","end":"Fri, 01 Mar 2024 07:09:35 GMT"},"fingerprint":{"sha1":"12:BF:E9:5F:C9:24:5D:A4:D2:E7:88:8C:62:D1:46:BA:68:07:8E:E1","sha256":"24:63:12:D5:10:50:0B:07:B1:0F:3E:42:0F:01:47:E7:EE:6F:9D:4B:87:FF:A6:59:A1:B4:88:EA:14:EE:2D:66"}}},"request":{"raw":"GET /en/mywallet//ws HTTP/1.1\r\nHost: re-try-connect.ctab.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://re-try-connect.ctab.com.br\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: TcYVDlOStxtNYLlr3hGFFg==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nCookie: PHPSESSID=28f0de9022786b5c2e71bb60f66eb0f7\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Sun, 03 Dec 2023 05:32:29 GMT\r\nServer: Apache\r\nLast-Modified: Tue, 04 Oct 2022 14:10:38 GMT\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 836\r\nKeep-Alive: timeout=5, max=75\r\nConnection: Keep-Alive\r\nContent-Type: text/html\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-17T17:15:06.080654Z","times_seen":15342222,"resource_available":true,"data":null}},"time_used":432,"timings":{"blocked":0,"dns":0,"connect":143,"send":0,"wait":141,"receive":0,"ssl":142},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"cdn.korzh.com/metroui/v4/css/metro-all.min.css","fqdn":"cdn.korzh.com","domain":"korzh.com","tld":"com"},"ip":{"addr":"172.67.133.181","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://re-try-connect.ctab.com.br/en/mywallet/?token=nkbihfbeogaeaoehlefnkodbefgpgknn","date":"2023-12-03T05:32:33.339Z","timestamp":1701581553339,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"korzh.com","organization":""},"issuer":{"commonName":"E1","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Oct 2023 10:28:06 GMT","end":"Wed, 17 Jan 2024 10:28:05 GMT"},"fingerprint":{"sha1":"E7:8C:25:47:6E:CE:74:55:BD:1A:91:2A:42:C3:5F:8D:8C:B3:E0:68","sha256":"36:25:E5:76:5F:81:B2:B7:BC:4E:66:00:68:67:70:1F:F3:86:8C:A6:3B:AE:DA:87:D2:B6:CB:77:F9:69:40:D2"}}},"request":{"raw":"GET /metroui/v4/css/metro-all.min.css HTTP/1.1\r\nHost: cdn.korzh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://re-try-connect.ctab.com.br/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 03 Dec 2023 05:32:28 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 01 Sep 2022 15:49:20 GMT\r\netag: W/\"30401b0-104aa1-8e7e2000\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,POST,OPTIONS,DELETE,PUT\r\naccess-control-allow-headers: Content-Type\r\ncache-control: max-age=31536000\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=%2F1OAkWQ06w2pkf5TPuW288Xr937aPkYnmMIhrtLx0Tp9D3biQ3T%2FZEphM8%2BpmxwkRRcjB%2F%2FCEPutSoBiUCJJylzptzv1LRkeC4cnyESFcDy%2Fw7%2F%2FobAomu2t4TdveDov\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 82f96de42d8e56ab-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1067681,"size_decoded":0,"mime_type":"text/css","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-17T17:15:06.080654Z","times_seen":15342222,"resource_available":true,"data":null}},"time_used":214,"timings":{"blocked":78,"dns":0,"connect":0,"send":0,"wait":105,"receive":0,"ssl":31},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"re-try-connect.ctab.com.br/en/mywallet/style/main.js","fqdn":"re-try-connect.ctab.com.br","domain":"ctab.com.br","tld":"com.br"},"ip":{"addr":"108.179.253.92","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://re-try-connect.ctab.com.br/en/mywallet/?token=nkbihfbeogaeaoehlefnkodbefgpgknn","date":"2023-12-03T05:32:33.361Z","timestamp":1701581553361,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ctab.com.br","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 Dec 2023 07:09:36 GMT","end":"Fri, 01 Mar 2024 07:09:35 GMT"},"fingerprint":{"sha1":"12:BF:E9:5F:C9:24:5D:A4:D2:E7:88:8C:62:D1:46:BA:68:07:8E:E1","sha256":"24:63:12:D5:10:50:0B:07:B1:0F:3E:42:0F:01:47:E7:EE:6F:9D:4B:87:FF:A6:59:A1:B4:88:EA:14:EE:2D:66"}}},"request":{"raw":"GET /en/mywallet/style/main.js HTTP/1.1\r\nHost: re-try-connect.ctab.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://re-try-connect.ctab.com.br/en/mywallet/?token=nkbihfbeogaeaoehlefnkodbefgpgknn\r\nCookie: PHPSESSID=28f0de9022786b5c2e71bb60f66eb0f7\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Sun, 09 Apr 2023 15:19:04 GMT\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript\r\ndate: Sun, 03 Dec 2023 05:32:28 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":89503,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (65446), with CRLF line terminators","md5":"0732e3eabbf8aa7ce7f69eedbd07dfdd","sha1":"4cd5ddc413b3024d7b56331c0d0d0b2bd933f27f","sha256":"ce9d07500ad91ec2b524c270764ec4c9a33e78320d8d374ec400ede488f6251b","sha512":"41d24c426abcf913be59917591d906318a547661280036b098a2b1b948bcf9ff14f268b140db10956730d64a857a61b81034d888ed7f857419dee6b8d327447c","ssdeep":"1536:ejExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1vE:eIh8GgP3hujzwbhd3XvSiDQ47GKq","tlshash":"e19309ddb2c6702257a720ba007f510bf236199d6c4d8450f169d8eabc78a4e827bf7d","first_seen":"2023-03-07T01:10:32Z","last_seen":"2026-05-17T16:42:45.871119Z","times_seen":18995,"resource_available":true,"data":null}},"time_used":359,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":359,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"re-try-connect.ctab.com.br/en/mywallet/style/metamask-staging-2.webflow.css","fqdn":"re-try-connect.ctab.com.br","domain":"ctab.com.br","tld":"com.br"},"ip":{"addr":"108.179.253.92","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://re-try-connect.ctab.com.br/en/mywallet/?token=nkbihfbeogaeaoehlefnkodbefgpgknn","date":"2023-12-03T05:32:33.357Z","timestamp":1701581553357,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ctab.com.br","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 02 Dec 2023 07:09:36 GMT","end":"Fri, 01 Mar 2024 07:09:35 GMT"},"fingerprint":{"sha1":"12:BF:E9:5F:C9:24:5D:A4:D2:E7:88:8C:62:D1:46:BA:68:07:8E:E1","sha256":"24:63:12:D5:10:50:0B:07:B1:0F:3E:42:0F:01:47:E7:EE:6F:9D:4B:87:FF:A6:59:A1:B4:88:EA:14:EE:2D:66"}}},"request":{"raw":"GET /en/mywallet/style/metamask-staging-2.webflow.css HTTP/1.1\r\nHost: re-try-connect.ctab.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://re-try-connect.ctab.com.br/en/mywallet/?token=nkbihfbeogaeaoehlefnkodbefgpgknn\r\nCookie: PHPSESSID=28f0de9022786b5c2e71bb60f66eb0f7\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Sun, 09 Apr 2023 15:19:04 GMT\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-type: text/css\r\ndate: Sun, 03 Dec 2023 05:32:28 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":140959,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"7b4ca45b499c60298cb9d8a7ea289dc9","sha1":"2e0f97cb3d97853badaf45ec6512e0ad3429fe7f","sha256":"f52dde44d3a2b84212b473277a9578196dc09bf9b2d572d2f8f7c3fbb8815fa5","sha512":"cbe770b72a2cc5d0cb065c0501f2b8e9ba870da702087d93b7f01f7b555fc0e2841d5bc0d00481007f19ca48315edd7ccc89f6aea60ac55ee78b3393e3cda886","ssdeep":"768:n7ClM51r618HC/DFW76HSjppCBlREm8nb6EHDX0R/RJuqvNmY8JNtfw0FfYf0jdI:nGm5lI8CLmMev4N5mYDQ+","tlshash":"92d3315a89062104613769f4cba13b21e3e18037cb4b71f63de29049cbd69d4a7b6fed","first_seen":"2023-04-06T07:54:23Z","last_seen":"2024-10-11T08:47:25.103872Z","times_seen":22,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}