{"report_id":"1585b841-247a-4846-8a94-348825491711","version":6,"status":"done","tags":[],"date":"2026-04-11T04:30:40Z","url":{"schema":"http","addr":"perguntando2026.com","fqdn":"perguntando2026.com","domain":"perguntando2026.com","tld":"com"},"ip":{"addr":"34.174.239.165","port":0,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"perguntando2026.com/","fqdn":"perguntando2026.com","domain":"perguntando2026.com","tld":"com"},"title":"TikTok - Verificando progresso","dom":{"size":16990,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (452)","md5":"c9e717072b53ac75a74c1a709e9efb3a","sha1":"54b87d70458f0eeea374e2a21363760d5877560b","sha256":"ce3981a1b71e1f12f120d43906695bb675170c3c30ab4b740dab51cb20df3446","sha512":"026d3ad1d083cf3eb5ce38ed10c3e9559a32273ccff60018a1b49cd733770a0f160f6f6fa0117cbd3e2edc1973ff5bf02f978fca0eab17f4450992d077cc5543","ssdeep":"192:Xl+kjeiLOZ/7SO6NZdQi+zWkjeijOAIXlD5PuQwYs7M+XRA59b1IHt9a+StR0rjh:XXjEZCgjsAIpkQ+SvvQ9hNt","tlshash":"8272955a6de71028681392e567fb674d2674d003d80bcc187bde12988f85fc999a3bec","dom_hash":"domhashcc47b8b9c61dd35736aee919bb5ba8d1","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"perguntando2026.com","fqdn":"perguntando2026.com","domain":"perguntando2026.com","tld":"com"},"ip":{"addr":"34.174.239.165","port":0,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-16T04:30:40Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-11","alert":"Phishing Block","trigger":"perguntando2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-11","alert":"Sinkholed","trigger":"perguntando2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-11","alert":"Sinkholed","trigger":"perguntando2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"perguntando2026.com","ip":{"addr":"34.174.239.165","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"domain_registered":"2026-04-02","domain_rank":0,"first_seen":"2026-04-11T04:30:40.217993Z","last_seen":"2026-04-11T04:30:40.217993Z","alert_count":12,"request_count":4,"received_data":128115,"sent_data":1783,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"SiteGround","description":"SiteGround is a web hosting service.","website":"https://www.siteground.com","common_platform_enumeration":"","icon":"siteground.svg","categories":["PaaS","Hosting"]}]},{"fqdn":"api.utmify.com.br","ip":{"addr":"172.67.68.221","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2023-11-07","domain_rank":0,"first_seen":"2026-01-23T03:37:18.935606Z","last_seen":"2026-04-06T22:16:03.655345Z","alert_count":0,"request_count":1,"received_data":853,"sent_data":549,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"perguntando2026.com/","fqdn":"perguntando2026.com","domain":"perguntando2026.com","tld":"com"},"ip":{"addr":"34.174.239.165","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"6eddae16434c287bbf68925e4f041d47","sha1":"e4b880b010c221f2dbc8079f989a004aa4120459","sha256":"66b0abb890cdac77b9023b9d014099c0c4531cdfca404bf0c1e329c08e949c36","sha512":"65d2949e83c97c249913cfa3b951e920ff09e1d654775ce40b91cc1b167254aa9a33b5979b84a223279f650abd75b0aa6305b52da50be2ed9d0456895a505ff0","ssdeep":"","tlshash":"af11656838fc549c43aa92eb757fef4c862e55170c94cc48c40ed5151835eabc491e6b","size":1029,"data":"","first_seen":"2026-04-11T01:10:55.551961Z","last_seen":"2026-04-11T08:18:11.184044Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"perguntando2026.com/","fqdn":"perguntando2026.com","domain":"perguntando2026.com","tld":"com"},"ip":{"addr":"34.174.239.165","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"fd4243784cbd8514f61519782acbfba7","sha1":"51d3f3f677dbd3ad31e080e54ef61e9dde2edd08","sha256":"6ad7e16f9d6fdfa0a0c3f7247a1b15d7d186116b475480d913f0aa4baeeb7e55","sha512":"f1f359745f57a766f5ac2b6b96437ede24cebaa0420b497675a2cdbf4b86368ac7e9f24099e9b953aa2ac01973ebb3982b60d1c8478bba2ac7d4b67bd0b0db2b","ssdeep":"","tlshash":"cc31dc0e6ca322a4558375bd5a9b30012532d203ac1ded123edd51942f9eb6e03f2bce","size":1621,"data":"","first_seen":"2026-04-11T01:10:55.552819Z","last_seen":"2026-04-11T08:18:11.185798Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"perguntando2026.com/","fqdn":"perguntando2026.com","domain":"perguntando2026.com","tld":"com"},"ip":{"addr":"34.174.239.165","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"ea214d9371ccda37fc0db69a68c2325c","sha1":"f5ecd6e6bf5aeeeedddad2681813fa118ba0f130","sha256":"5925b5f57cd2fa5f2835c0472073556498a826daa22ebcfc5f09b38cbbd72b04","sha512":"691fad44b04085ed20afdb76df39ff9efa23765093ba7cd6e33a45a2c8db6c03222d4f7d80ab2fcc728943096002cff3f3faa9668d25d9d78f57b5108edf3c85","ssdeep":"","tlshash":"7511656838fd549c83aa52ab323feb4c963d91130c40cc48c11ed4551d36e7bc491dab","size":1043,"data":"","first_seen":"2026-04-11T01:10:55.553604Z","last_seen":"2026-04-11T08:18:11.187484Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"perguntando2026.com/","fqdn":"perguntando2026.com","domain":"perguntando2026.com","tld":"com"},"ip":{"addr":"34.174.239.165","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"f8bbe14451c50bd8a841d01ff1ac1a4d","sha1":"a304facad105bca9b6e9b93216b7b87870ed9391","sha256":"9aa375659d2d496fddb12f7ca01ae126051715931f780864ad6beae5c46ebc68","sha512":"838ab594f896443ce641a564645958c039086c14efce3d4c19a5137810f559b9a572f94209c406b3ea36a41ab38f39aa8fc9d1b3ee7322f117d43bb0f11294ce","ssdeep":"","tlshash":"0641df786ae700b4e977a977d3af01983a731443940bd5163c9cd14c0fd078185adee8","size":2188,"data":"","first_seen":"2026-04-11T01:10:55.554374Z","last_seen":"2026-04-11T08:18:11.190904Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"perguntando2026.com/js/events.js","fqdn":"perguntando2026.com","domain":"perguntando2026.com","tld":"com"},"ip":{"addr":"34.174.239.165","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"c74f5466859ddd5c3a54e83595f10caf","sha1":"a4d401ef85d858fe591cc6cf189ef96a54e5c93a","sha256":"5df218f7a8eb8e8def5fd2bf27cc2c299af73ebd6d4e7fbc1f8696c0519e82f8","sha512":"3a78bcdc1ee14ea13feeb75ae2c3a16792305960f3737abb73c0c907d57eb91ea26ea53f62d8ca0b6ca4a39881cac6d0890fdb61eda1fc9de2c457c968fe99d5","ssdeep":"192:g/n5E1kc0IOnqjySXSnSWSQSJS9SQSaFFCh+tWveP9PzP2PTP2PuLPVP/0uzAfTj:tkc0IOqjxiSN7w87aFFCh+YvAxTIzIqq","tlshash":"c502ffbf1504549fd1ea8e43931a6f129dbd18bfc110b345a7bd8688327f53742aae0b","size":8856,"data":"","first_seen":"2026-04-11T01:10:55.550003Z","last_seen":"2026-04-11T08:18:11.172383Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"perguntando2026.com/js/latest.js","fqdn":"perguntando2026.com","domain":"perguntando2026.com","tld":"com"},"ip":{"addr":"34.174.239.165","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"816e859d0d0707607d4cfb34149cee2d","sha1":"a85ee45c46a5c7607ff30de44c29f1d59202dca2","sha256":"7ecf43c7bbccf8c5415b0fe9e64ccbc613a79c7435f59bd8ea0571729e36c2a2","sha512":"6f3d72bbad55f153c009dcbca4fcc2ef0ee6af4e04d7a7e740a624d2d0054e8000fa732613980afd47e606ade3baf15656668b0cd354b415938093e14de61f0d","ssdeep":"384:4XgYWkEERJEukObvEarMZbj6Z+SPRe49pnNy557QV4dDtN3VuhOAcbspSuVaE6E:GgYWkEERJEuIyMZbj6Z+SPRe49pnNM5u","tlshash":"be82a8a4f276d49812b24cfa91b75272f22cb735b144c180654f6d89305dee763e3e2b","size":17579,"data":"","first_seen":"2026-03-09T16:05:53.308102Z","last_seen":"2026-04-22T10:10:49.669858Z","times_seen":194,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"perguntando2026.com/js/latest.js","fqdn":"perguntando2026.com","domain":"perguntando2026.com","tld":"com"},"ip":{"addr":"34.174.239.165","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://perguntando2026.com/","date":"2026-04-11T04:30:19.367Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.perguntando2026.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Apr 2026 21:25:05 GMT","end":"Wed, 01 Jul 2026 21:25:04 GMT"},"fingerprint":{"sha1":"C3:D2:2A:5D:43:88:B9:F8:2D:A7:DE:D3:FA:E8:78:C3:11:7B:C5:F8","sha256":"73:74:E2:27:6C:FE:DE:F6:EA:AD:3D:12:18:5B:F9:AA:51:BB:66:33:D1:5F:62:7C:74:FC:86:75:38:14:20:84"}}},"request":{"raw":"GET /js/latest.js HTTP/1.1\r\nHost: perguntando2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://perguntando2026.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 11 Apr 2026 04:30:19 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 03 Apr 2026 06:31:42 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69cf5ece-44ab\"\r\nexpires: Sun, 11 Apr 2027 04:30:19 GMT\r\ncache-control: max-age=31536000\r\nhost-header: 8441280b0c35cbc1147f8ba998a563a7\r\nx-proxy-cache-info: DT:1\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":17579,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (17507), with no line terminators","md5":"816e859d0d0707607d4cfb34149cee2d","sha1":"a85ee45c46a5c7607ff30de44c29f1d59202dca2","sha256":"7ecf43c7bbccf8c5415b0fe9e64ccbc613a79c7435f59bd8ea0571729e36c2a2","sha512":"6f3d72bbad55f153c009dcbca4fcc2ef0ee6af4e04d7a7e740a624d2d0054e8000fa732613980afd47e606ade3baf15656668b0cd354b415938093e14de61f0d","ssdeep":"384:4XgYWkEERJEukObvEarMZbj6Z+SPRe49pnNy557QV4dDtN3VuhOAcbspSuVaE6E:GgYWkEERJEuIyMZbj6Z+SPRe49pnNM5u","tlshash":"be82a8a4f276d49812b24cfa91b75272f22cb735b144c180654f6d89305dee763e3e2b","first_seen":"2026-03-09T16:05:53.308102Z","last_seen":"2026-04-22T10:10:49.669858Z","times_seen":194,"resource_available":true,"data":null}},"time_used":149,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":149,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-11","alert":"Phishing Block","trigger":"perguntando2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-11","alert":"Sinkholed","trigger":"perguntando2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-11","alert":"Sinkholed","trigger":"perguntando2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"perguntando2026.com/favicon.ico","fqdn":"perguntando2026.com","domain":"perguntando2026.com","tld":"com"},"ip":{"addr":"34.174.239.165","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://perguntando2026.com/","date":"2026-04-11T04:30:19.620Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.perguntando2026.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Apr 2026 21:25:05 GMT","end":"Wed, 01 Jul 2026 21:25:04 GMT"},"fingerprint":{"sha1":"C3:D2:2A:5D:43:88:B9:F8:2D:A7:DE:D3:FA:E8:78:C3:11:7B:C5:F8","sha256":"73:74:E2:27:6C:FE:DE:F6:EA:AD:3D:12:18:5B:F9:AA:51:BB:66:33:D1:5F:62:7C:74:FC:86:75:38:14:20:84"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: perguntando2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://perguntando2026.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Sat, 11 Apr 2026 04:30:19 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\nx-httpd-modphp: 1\r\nhost-header: 6b7412fb82ca5edfd0917e3957f05d89\r\nx-proxy-cache: EXPIRED\r\nx-proxy-cache-info: 0 NC:000000 UP:\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"SiteGround","description":"SiteGround is a web hosting service.","website":"https://www.siteground.com","common_platform_enumeration":"","icon":"siteground.svg","categories":["PaaS","Hosting"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":83800,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (55220)","md5":"3282565ce91f318e21c86df715d1bc6d","sha1":"e082e007cde9080f12f9fd3927b7f4a61228b1bd","sha256":"b39bdadd90378180927c19f1343682602e430b54f3fc7523c5ac4f46ffd67bc7","sha512":"465c18ce197c8c5262f5bb28e368a0341dad21af19dd77b701f9a5afd3fe88cfea024e8491f7ad0b5decfedd96989f9012d0202ad4e52f74629e98b8506cbbf7","ssdeep":"768:kTAEYPP+UIJz+Fi9/Ltk5YzRubj4he6e9ROg2Geir42nEiERZ6JE0Vo:kTAnmPztk5YzzgK6u","tlshash":"7083efed27601cd9cc9182f237a8204534a7e8eef6504558f25d0ba5bf8759fcab068f","first_seen":"2023-04-06T08:07:41Z","last_seen":"2026-04-21T06:24:11.237468Z","times_seen":1436,"resource_available":true,"data":null}},"time_used":219,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":219,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-11","alert":"Phishing Block","trigger":"perguntando2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-11","alert":"Sinkholed","trigger":"perguntando2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-11","alert":"Sinkholed","trigger":"perguntando2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"perguntando2026.com/","fqdn":"perguntando2026.com","domain":"perguntando2026.com","tld":"com"},"ip":{"addr":"34.174.239.165","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-11T04:30:18.541Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.perguntando2026.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Apr 2026 21:25:05 GMT","end":"Wed, 01 Jul 2026 21:25:04 GMT"},"fingerprint":{"sha1":"C3:D2:2A:5D:43:88:B9:F8:2D:A7:DE:D3:FA:E8:78:C3:11:7B:C5:F8","sha256":"73:74:E2:27:6C:FE:DE:F6:EA:AD:3D:12:18:5B:F9:AA:51:BB:66:33:D1:5F:62:7C:74:FC:86:75:38:14:20:84"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: perguntando2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 11 Apr 2026 04:30:19 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\nlast-modified: Fri, 03 Apr 2026 07:32:54 GMT\r\netag: W/\"4068-64e89533b8e86\"\r\nx-httpd-modphp: 1\r\nhost-header: 8441280b0c35cbc1147f8ba998a563a7\r\nx-proxy-cache: HIT\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16488,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (440)","md5":"c8d7db46c8a2ef4d2fa7f0d224f345b5","sha1":"c54ea617e5c7e1896b7dd0198a273f15fbdefe62","sha256":"44c8f3425a21086e375cdbeacea331c33684f691eef649fe714475db04886202","sha512":"6f62418759326c2b42279388a443e0e53b45c468635e73d1b68549ce1efe28f5c97a0c92d1cd3f8348e6d6bc710635d4a0efbc9f1eebe79baf05df65966a002d","ssdeep":"192:p+kjeiLOZ/7SO6NZdQi+zWkjeijOAIXlD5PuQwYs7M+XRA59b1IHt9a+StR0rjA0:rjEZCgjsAIpkQ+SvvwhN7","tlshash":"5872846969e7102c681392e567fb674d26b5d403d80bcc183f9d22488f85fc999b3bec","first_seen":"2026-04-11T01:10:55.549054Z","last_seen":"2026-04-11T08:18:11.177818Z","times_seen":3,"resource_available":true,"data":null}},"time_used":1119,"timings":{"blocked":451,"dns":0,"connect":145,"send":0,"wait":217,"receive":0,"ssl":303},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-11","alert":"Phishing Block","trigger":"perguntando2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-11","alert":"Sinkholed","trigger":"perguntando2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-11","alert":"Sinkholed","trigger":"perguntando2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.utmify.com.br/v1/events","fqdn":"api.utmify.com.br","domain":"utmify.com.br","tld":"com.br"},"ip":{"addr":"172.67.68.221","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://perguntando2026.com/","date":"2026-04-11T04:30:19.376Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"utmify.com.br","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Mar 2026 06:48:55 GMT","end":"Tue, 02 Jun 2026 07:48:45 GMT"},"fingerprint":{"sha1":"F8:30:69:9D:8C:D1:D7:C9:68:98:97:88:32:3A:35:87:4C:D1:22:3E","sha256":"74:13:AD:B5:2D:EB:6F:7A:30:17:34:1B:79:03:D5:94:2C:C0:0C:EA:C7:B0:61:84:27:72:77:CB:D4:4F:87:DC"}}},"request":{"raw":"OPTIONS /v1/events HTTP/1.1\r\nHost: api.utmify.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type,x-api-key\r\nReferer: https://perguntando2026.com/\r\nOrigin: https://perguntando2026.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 403 Forbidden\r\ndate: Sat, 11 Apr 2026 04:30:20 GMT\r\ncontent-type: application/json\r\ncontent-length: 42\r\nx-amzn-requestid: 6255f364-b0a7-4ff5-b863-3a6ca17ac892\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Content-Type,X-Api-Token\r\nx-amzn-errortype: MissingAuthenticationTokenException\r\nx-amz-apigw-id: bo0ubG4nGjQESfQ=\r\naccess-control-allow-methods: OPTIONS,POST\r\naccess-control-allow-credentials: true\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=S7oGTNvMB%2FfavoqnahpHMVCnJvwtSQSWxeK35NGvavh67%2BOUsMVTTbS6np%2BtnUwPx%2BzhKBKhgKqPj%2FSMjl6Z6kGz9szxTLOkQ%2F8qsYAJLm9eqFGovyitJrwiGRaWR7pXVHMV\"}]}\r\nserver: cloudflare\r\ncf-ray: 9ea7415b5ef9568b-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/json","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-22T16:09:26.709379Z","times_seen":14066297,"resource_available":true,"data":null}},"time_used":673,"timings":{"blocked":33,"dns":22,"connect":1,"send":0,"wait":595,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"perguntando2026.com/js/events.js","fqdn":"perguntando2026.com","domain":"perguntando2026.com","tld":"com"},"ip":{"addr":"34.174.239.165","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://perguntando2026.com/","date":"2026-04-11T04:30:19.365Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.perguntando2026.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 02 Apr 2026 21:25:05 GMT","end":"Wed, 01 Jul 2026 21:25:04 GMT"},"fingerprint":{"sha1":"C3:D2:2A:5D:43:88:B9:F8:2D:A7:DE:D3:FA:E8:78:C3:11:7B:C5:F8","sha256":"73:74:E2:27:6C:FE:DE:F6:EA:AD:3D:12:18:5B:F9:AA:51:BB:66:33:D1:5F:62:7C:74:FC:86:75:38:14:20:84"}}},"request":{"raw":"GET /js/events.js HTTP/1.1\r\nHost: perguntando2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://perguntando2026.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 11 Apr 2026 04:30:19 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 03 Apr 2026 06:31:42 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69cf5ece-2298\"\r\nexpires: Sun, 11 Apr 2027 04:30:19 GMT\r\ncache-control: max-age=31536000\r\nhost-header: 8441280b0c35cbc1147f8ba998a563a7\r\nx-proxy-cache-info: DT:1\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8856,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (6468)","md5":"c74f5466859ddd5c3a54e83595f10caf","sha1":"a4d401ef85d858fe591cc6cf189ef96a54e5c93a","sha256":"5df218f7a8eb8e8def5fd2bf27cc2c299af73ebd6d4e7fbc1f8696c0519e82f8","sha512":"3a78bcdc1ee14ea13feeb75ae2c3a16792305960f3737abb73c0c907d57eb91ea26ea53f62d8ca0b6ca4a39881cac6d0890fdb61eda1fc9de2c457c968fe99d5","ssdeep":"192:g/n5E1kc0IOnqjySXSnSWSQSJS9SQSaFFCh+tWveP9PzP2PTP2PuLPVP/0uzAfTj:tkc0IOqjxiSN7w87aFFCh+YvAxTIzIqq","tlshash":"c502ffbf1504549fd1ea8e43931a6f129dbd18bfc110b345a7bd8688327f53742aae0b","first_seen":"2026-04-11T01:10:55.550003Z","last_seen":"2026-04-11T08:18:11.172383Z","times_seen":3,"resource_available":true,"data":null}},"time_used":147,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":147,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-11","alert":"Phishing Block","trigger":"perguntando2026.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-11","alert":"Sinkholed","trigger":"perguntando2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-11","alert":"Sinkholed","trigger":"perguntando2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}