Report - bjgempreendimentos.com.br/aeat/index.php?QBOT.zip

Report Overview

Submitted URL
bjgempreendimentos.com.br/aeat/index.php?QBOT.zip
IP
162.214.155.226
ASN
#46606 UNIFIEDLAYER-AS-1
Submitted
2022-12-06 21:46:01
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
74

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.8 kB	9.8 kB	142.250.74.131
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	368 B	1.9 kB	104.18.21.226
static.xx.fbcdn.net	661	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.8 kB	151 kB	31.13.72.12
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	391 B	64 kB	172.217.21.168
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	499 B	32 kB	216.58.207.227
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	5.8 kB	93.184.220.29
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	430 B	16 kB	104.17.24.14
cdn.jsdelivr.net	439	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	837 B	53 kB	151.101.129.229
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.8 kB	78 kB	34.120.237.76
www.facebook.com	99	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	528 B	349 B	31.13.72.36
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	4.4 kB	95.101.11.115
bjgempreendimentos.com.br	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	8.1 kB	525 kB	162.214.155.226
code.jquery.com	634	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	420 B	31 kB	69.16.175.10
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.163.38.240
connect.facebook.net	139	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	119 kB	31.13.72.12
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	677 B	757 B	216.58.207.228
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	676 B	757 B	142.250.74.131
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	440 B	746 B	142.250.74.74
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.9 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
stackpath.bootstrapcdn.com	2467	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	447 B	17 kB	104.18.10.207
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	382 B	21 kB	142.250.74.14

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

Scan Date	Severity	Indicator	Alert
2022-12-06	medium	bjgempreendimentos.com.br	Sinkholed
2022-12-06	medium	bjgempreendimentos.com.br	Sinkholed
2022-12-06	medium	bjgempreendimentos.com.br	Sinkholed
2022-12-06	medium	bjgempreendimentos.com.br	Sinkholed
2022-12-06	medium	bjgempreendimentos.com.br	Sinkholed
2022-12-06	medium	bjgempreendimentos.com.br	Sinkholed
2022-12-06	medium	bjgempreendimentos.com.br	Sinkholed
2022-12-06	medium	bjgempreendimentos.com.br	Sinkholed
2022-12-06	medium	bjgempreendimentos.com.br	Sinkholed
2022-12-06	medium	bjgempreendimentos.com.br	Sinkholed
2022-12-06	medium	bjgempreendimentos.com.br	Sinkholed
2022-12-06	medium	bjgempreendimentos.com.br	Sinkholed
2022-12-06	medium	bjgempreendimentos.com.br	Sinkholed
2022-12-06	medium	bjgempreendimentos.com.br	Sinkholed
2022-12-06	medium	bjgempreendimentos.com.br	Sinkholed
2022-12-06	medium	bjgempreendimentos.com.br	Sinkholed
2022-12-06	medium	bjgempreendimentos.com.br	Sinkholed
2022-12-06	medium	bjgempreendimentos.com.br	Sinkholed
2022-12-06	medium	bjgempreendimentos.com.br	Sinkholed

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-12-06	medium	bjgempreendimentos.com.br	Sinkholed
2022-12-06	medium	bjgempreendimentos.com.br	Sinkholed
2022-12-06	medium	bjgempreendimentos.com.br	Sinkholed
2022-12-06	medium	bjgempreendimentos.com.br	Sinkholed
2022-12-06	medium	bjgempreendimentos.com.br	Sinkholed
2022-12-06	medium	bjgempreendimentos.com.br	Sinkholed
2022-12-06	medium	bjgempreendimentos.com.br	Sinkholed
2022-12-06	medium	bjgempreendimentos.com.br	Sinkholed
2022-12-06	medium	bjgempreendimentos.com.br	Sinkholed
2022-12-06	medium	bjgempreendimentos.com.br	Sinkholed
2022-12-06	medium	bjgempreendimentos.com.br	Sinkholed
2022-12-06	medium	bjgempreendimentos.com.br	Sinkholed
2022-12-06	medium	bjgempreendimentos.com.br	Sinkholed
2022-12-06	medium	bjgempreendimentos.com.br	Sinkholed
2022-12-06	medium	bjgempreendimentos.com.br	Sinkholed
2022-12-06	medium	bjgempreendimentos.com.br	Sinkholed
2022-12-06	medium	bjgempreendimentos.com.br	Sinkholed
2022-12-06	medium	bjgempreendimentos.com.br	Sinkholed

JavaScript (27)

	URL	Size	First Seen	Last Seen
	connect.facebook.net/pt_BR/sdk.js?hash=ce597452b536b36f6d3f38c1308e75b7	307 kB	2023-03-08	2023-03-08
Pretty URL connect.facebook.net/pt_BR/sdk.js?hash=ce597452b536b36f6d3f38c1308e75b7 IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:29:56 Last Seen2023-03-08 20:29:56 Times Seen1 Hash 04834ddbcf9ecaeb4bab7fdfcb45a607 1e17c707468e3e0426219daa695f08eac03481da 30ebcbc9e906e78482c2df37cedccbb02b6ea2434461c1dba07122ef36177530 Loading...

	static.xx.fbcdn.net/rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz	39 kB	2023-03-08	2023-04-02
Pretty URL static.xx.fbcdn.net/rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:26:59 Last Seen2023-04-02 21:25:26 Times Seen2 Hash d0096b3780248d2d053b1826ffa2e991 cb82a7cd24e2afb463141954d925ca118db6000a f93df2735d94cf2ebfc2f07b0f8038e4c9e177d89e3e8b7cd1604e23c556f63b Loading...

	bjgempreendimentos.com.br/js/main.js	1.4 kB	2023-03-08	2023-03-08
Pretty URL bjgempreendimentos.com.br/js/main.js IP 162.214.155.226 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:04:56 Last Seen2023-03-08 20:29:56 Times Seen1 Hash cf0d51ddaddd691bd57618f3b2f425af c07b17f6ff7ff6ff76b27a2634b933b5e5d22bc9 f8747603bebadb7ac96ea3d5ea65b49b930da04230a2e08f7a0d15e690ca67db Loading...

	connect.facebook.net/pt_BR/sdk.js#xfbml=1&version=v13.0&appId=426309295832970&autoLogAppEvents=1	3.1 kB	2023-03-08	2023-03-08
Pretty URL connect.facebook.net/pt_BR/sdk.js#xfbml=1&version=v13.0&appId=426309295832970&autoLogAppEvents=1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:29:56 Last Seen2023-03-08 20:29:56 Times Seen1 Hash 058f9c812de55121258bef38cc8b4c95 1cc2c36515b1e98594347cf9f1e9ad4893e1ca3c 89104fa5a3ed491887688032a2ec60e6326b64b719c1c1f94da0405fa08c31fd Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/11035587724/?random=1670363151006&cv=11&fst=1670363151006&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fbjgempreendimentos.com.br%2F%3FQBOT.zip&tiba=BJG%20-%20Empreendimentos%20Imobili%C3%A1rios&auid=1582677681.1670363151&rfmt=3&fmt=4	1.9 kB	2023-03-08	2023-03-08
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/11035587724/?random=1670363151006&cv=11&fst=1670363151006&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fbjgempreendimentos.com.br%2F%3FQBOT.zip&tiba=BJG%20-%20Empreendimentos%20Imobili%C3%A1rios&auid=1582677681.1670363151&rfmt=3&fmt=4 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:29:56 Last Seen2023-03-08 20:29:56 Times Seen1 Hash a4b1329106e85b96e736a114a0827c97 c201a7f87b8ac6fb178e67f87e0df7d8c74967ca b4cf14c9ea60d8300c03e8ff1ac2db785c5f2346e640307f07c866bd4e27e7e8 Loading...

	static.xx.fbcdn.net/rsrc.php/v3/yX/r/JYOpIVwZVr3.js?_nc_x=Ij3Wp8lg5Kz	22 kB	2023-03-08	2023-03-11
Pretty URL static.xx.fbcdn.net/rsrc.php/v3/yX/r/JYOpIVwZVr3.js?_nc_x=Ij3Wp8lg5Kz IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:26:59 Last Seen2023-03-11 23:53:02 Times Seen1 Hash 9e7e32972f12d00feacb921846906ac6 f292ce3f81ffaaba10e8ac24458407d627e02b1a f2ca33864034e9249b711caf35f10c615d64a1a7b1fae36c96e150c502d5df2f Loading...

	www.facebook.com/v13.0/plugins/page.php?adapt_container_width=true&app_id=426309295832970&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df318eedcab53d86%26domain%3Dbjgempreendimentos.com.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbjgempreendimentos.com.br%252Ff16042e8f1d677c%26relation%3Dparent.parent&container_width=356&hide_cover=false&href=https%3A%2F%2Fweb.facebook.com%2FBJG-Empreendimentos-111337518143588%2F%3F_rdc%3D10%26_rdr&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false&tabs=&width=	15 kB	2023-03-08	2023-03-08
Pretty URL www.facebook.com/v13.0/plugins/page.php?adapt_container_width=true&app_id=426309295832970&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df318eedcab53d86%26domain%3Dbjgempreendimentos.com.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbjgempreendimentos.com.br%252Ff16042e8f1d677c%26relation%3Dparent.parent&container_width=356&hide_cover=false&href=https%3A%2F%2Fweb.facebook.com%2FBJG-Empreendimentos-111337518143588%2F%3F_rdc%3D10%26_rdr&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false&tabs=&width= IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:29:56 Last Seen2023-03-08 20:29:56 Times Seen1 Hash ee2959c8fe42ca2c6c69b9938df61bc1 1703888cc225869175839e29434bf193d0db6433 622995111eb9c29e3942ca89509f994de996c6285dc3f2d5f856c305bda2dad3 Loading...

	www.facebook.com/v13.0/plugins/page.php?adapt_container_width=true&app_id=426309295832970&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df318eedcab53d86%26domain%3Dbjgempreendimentos.com.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbjgempreendimentos.com.br%252Ff16042e8f1d677c%26relation%3Dparent.parent&container_width=356&hide_cover=false&href=https%3A%2F%2Fweb.facebook.com%2FBJG-Empreendimentos-111337518143588%2F%3F_rdc%3D10%26_rdr&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false&tabs=&width=	114 B	2023-03-07	2023-04-02
Pretty URL www.facebook.com/v13.0/plugins/page.php?adapt_container_width=true&app_id=426309295832970&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df318eedcab53d86%26domain%3Dbjgempreendimentos.com.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbjgempreendimentos.com.br%252Ff16042e8f1d677c%26relation%3Dparent.parent&container_width=356&hide_cover=false&href=https%3A%2F%2Fweb.facebook.com%2FBJG-Empreendimentos-111337518143588%2F%3F_rdc%3D10%26_rdr&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false&tabs=&width= IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:57 Last Seen2023-04-02 21:25:26 Times Seen2 Hash 95a616294c811b3802967925a7dede6e 66ac0daa1bea28c665f5a125b7ce6684b9d9886d 0b193295687a90ce84341a7bc4787ce1bbf189e70cd129d795fe95e293ed77de Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-24
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.14 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-24 18:41:20 Times Seen1526 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	unknown	0 B	2023-03-07	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 08:37:38 Times Seen37058423 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.facebook.com/v13.0/plugins/page.php?adapt_container_width=true&app_id=426309295832970&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df318eedcab53d86%26domain%3Dbjgempreendimentos.com.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbjgempreendimentos.com.br%252Ff16042e8f1d677c%26relation%3Dparent.parent&container_width=356&hide_cover=false&href=https%3A%2F%2Fweb.facebook.com%2FBJG-Empreendimentos-111337518143588%2F%3F_rdc%3D10%26_rdr&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false&tabs=&width=	218 B	2023-03-07	2024-04-25
Pretty URL www.facebook.com/v13.0/plugins/page.php?adapt_container_width=true&app_id=426309295832970&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df318eedcab53d86%26domain%3Dbjgempreendimentos.com.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbjgempreendimentos.com.br%252Ff16042e8f1d677c%26relation%3Dparent.parent&container_width=356&hide_cover=false&href=https%3A%2F%2Fweb.facebook.com%2FBJG-Empreendimentos-111337518143588%2F%3F_rdc%3D10%26_rdr&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false&tabs=&width= IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2024-04-25 07:52:43 Times Seen12516 Hash 23731f926ba1b7856c53bf9c572f9e96 52618c2e6dd1bce8956fd2e2872c524eb1fd59d6 dbf6a6f99233910115437a7d602f004b1287d55441d4f751d152bf216375c07a Loading...

	www.facebook.com/v13.0/plugins/page.php?adapt_container_width=true&app_id=426309295832970&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df318eedcab53d86%26domain%3Dbjgempreendimentos.com.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbjgempreendimentos.com.br%252Ff16042e8f1d677c%26relation%3Dparent.parent&container_width=356&hide_cover=false&href=https%3A%2F%2Fweb.facebook.com%2FBJG-Empreendimentos-111337518143588%2F%3F_rdc%3D10%26_rdr&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false&tabs=&width=	10 B	2023-03-07	2024-04-25
Pretty URL www.facebook.com/v13.0/plugins/page.php?adapt_container_width=true&app_id=426309295832970&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df318eedcab53d86%26domain%3Dbjgempreendimentos.com.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbjgempreendimentos.com.br%252Ff16042e8f1d677c%26relation%3Dparent.parent&container_width=356&hide_cover=false&href=https%3A%2F%2Fweb.facebook.com%2FBJG-Empreendimentos-111337518143588%2F%3F_rdc%3D10%26_rdr&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false&tabs=&width= IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:18 Last Seen2024-04-25 07:52:43 Times Seen14098 Hash 91b3d54bc665b27a303ea5103da4f0b5 1ea644a3b2b1e427686c79e379e4074d576e732a 8c946addeada771d3dc6866cc23be2d1ef3f84b0ae6a98989cbf25b1a9249a61 Loading...

	stackpath.bootstrapcdn.com/bootstrap/4.5.0/js/bootstrap.min.js	60 kB	2023-03-07	2024-04-25
Pretty URL stackpath.bootstrapcdn.com/bootstrap/4.5.0/js/bootstrap.min.js IP 104.18.10.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:32 Last Seen2024-04-25 07:35:17 Times Seen6329 Hash 6bea60c34c5db6797150610dacdc6bce 544afefd148715da7dd52d368a414703390ca0e0 38544024da1a0fc2f706be6582557b5722d17f48ad9a8073594a0cf928e2e3ff Loading...

	www.facebook.com/v13.0/plugins/page.php?adapt_container_width=true&app_id=426309295832970&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df318eedcab53d86%26domain%3Dbjgempreendimentos.com.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbjgempreendimentos.com.br%252Ff16042e8f1d677c%26relation%3Dparent.parent&container_width=356&hide_cover=false&href=https%3A%2F%2Fweb.facebook.com%2FBJG-Empreendimentos-111337518143588%2F%3F_rdc%3D10%26_rdr&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false&tabs=&width=	18 kB	2023-03-08	2023-03-08
Pretty URL www.facebook.com/v13.0/plugins/page.php?adapt_container_width=true&app_id=426309295832970&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df318eedcab53d86%26domain%3Dbjgempreendimentos.com.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbjgempreendimentos.com.br%252Ff16042e8f1d677c%26relation%3Dparent.parent&container_width=356&hide_cover=false&href=https%3A%2F%2Fweb.facebook.com%2FBJG-Empreendimentos-111337518143588%2F%3F_rdc%3D10%26_rdr&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false&tabs=&width= IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:29:56 Last Seen2023-03-08 20:29:56 Times Seen1 Hash 065d705fd0aceca78f0c4d96c1df46b4 59efd7feabf7cafb8daff2066ee087a6a1dbd253 e0845fdaf9c4a7be94cc3ee899af2bb4ed0ad04b73c7d4dfd54e82b642bd0e6d Loading...

	static.xx.fbcdn.net/rsrc.php/v3/yR/r/bPhRbIw5d4Y.js?_nc_x=Ij3Wp8lg5Kz	53 kB	2023-03-08	2023-03-13
Pretty URL static.xx.fbcdn.net/rsrc.php/v3/yR/r/bPhRbIw5d4Y.js?_nc_x=Ij3Wp8lg5Kz IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:26:59 Last Seen2023-03-13 02:53:11 Times Seen1 Hash 73a0b1ff652307a0c4f80eefedf0674a 4972c74d05c51b1a6509ad59c145e9575efee260 dc07d382f00a25c7cab4993b3675027b7ba9fdf978474e9611aadde6383d9a57 Loading...

	www.facebook.com/v13.0/plugins/page.php?adapt_container_width=true&app_id=426309295832970&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df318eedcab53d86%26domain%3Dbjgempreendimentos.com.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbjgempreendimentos.com.br%252Ff16042e8f1d677c%26relation%3Dparent.parent&container_width=356&hide_cover=false&href=https%3A%2F%2Fweb.facebook.com%2FBJG-Empreendimentos-111337518143588%2F%3F_rdc%3D10%26_rdr&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false&tabs=&width=	4.7 kB	2023-03-08	2023-03-08
Pretty URL www.facebook.com/v13.0/plugins/page.php?adapt_container_width=true&app_id=426309295832970&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df318eedcab53d86%26domain%3Dbjgempreendimentos.com.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbjgempreendimentos.com.br%252Ff16042e8f1d677c%26relation%3Dparent.parent&container_width=356&hide_cover=false&href=https%3A%2F%2Fweb.facebook.com%2FBJG-Empreendimentos-111337518143588%2F%3F_rdc%3D10%26_rdr&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false&tabs=&width= IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:29:56 Last Seen2023-03-08 20:29:56 Times Seen1 Hash 9ec18a246d5f6fa3592045a411cebeb4 2a77248ef0215cf991cc6777aa65c7fbb6a48b6e b28783390a553af70f1a7e6a80b2e4d52185258699eadac4ceedc958b3fc762b Loading...

	bjgempreendimentos.com.br/?QBOT.zip	449 B	2023-03-08	2023-03-08
Pretty URL bjgempreendimentos.com.br/?QBOT.zip IP 162.214.155.226 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:04:56 Last Seen2023-03-08 20:29:56 Times Seen1 Hash bdd7ee3530754b9d8fca28d3467ea10b 29f5360e462c7695ff43d6947e0527939608eaf8 090a0459c58b29ddf7b108dc77b48e9904b4d6263ea6be878c1591cb54006d9a Loading...

	code.jquery.com/jquery-3.6.0.min.js	90 kB	2023-03-07	2024-04-25
Pretty URL code.jquery.com/jquery-3.6.0.min.js IP 69.16.175.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-04-25 08:12:55 Times Seen261115 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	connect.facebook.net/signals/config/479339550851052?v=2.9.89&r=stable	300 kB	2023-03-08	2023-03-08
Pretty URL connect.facebook.net/signals/config/479339550851052?v=2.9.89&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:04:56 Last Seen2023-03-08 20:29:56 Times Seen1 Hash a0928bdd38f6c6ebb18fdf77cb5fafc2 a98c8e553b4a67a42e19d0644c5d22a5253dab7a 540ccfc6042cb1c0ddcad9aa50a033243295fb47372a10f31764e58529a316fd Loading...

	static.xx.fbcdn.net/rsrc.php/v3iM-F4/yw/l/pt_BR/sdLyto6-v_-.js?_nc_x=Ij3Wp8lg5Kz	85 kB	2023-03-08	2023-03-08
Pretty URL static.xx.fbcdn.net/rsrc.php/v3iM-F4/yw/l/pt_BR/sdLyto6-v_-.js?_nc_x=Ij3Wp8lg5Kz IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:04:56 Last Seen2023-03-08 20:29:56 Times Seen1 Hash 8d840b27966cb4b6058006a12fb4e4d4 349fa6e09c917ce78e0980a473d0811a61a4ba7d 8adea77a3da0ec6d9796b05dad91c9685b3d81b2e138c7b7977849792d9eb55a Loading...

	www.facebook.com/v13.0/plugins/page.php?adapt_container_width=true&app_id=426309295832970&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df318eedcab53d86%26domain%3Dbjgempreendimentos.com.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbjgempreendimentos.com.br%252Ff16042e8f1d677c%26relation%3Dparent.parent&container_width=356&hide_cover=false&href=https%3A%2F%2Fweb.facebook.com%2FBJG-Empreendimentos-111337518143588%2F%3F_rdc%3D10%26_rdr&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false&tabs=&width=	1.6 kB	2023-03-08	2023-03-08
Pretty URL www.facebook.com/v13.0/plugins/page.php?adapt_container_width=true&app_id=426309295832970&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df318eedcab53d86%26domain%3Dbjgempreendimentos.com.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbjgempreendimentos.com.br%252Ff16042e8f1d677c%26relation%3Dparent.parent&container_width=356&hide_cover=false&href=https%3A%2F%2Fweb.facebook.com%2FBJG-Empreendimentos-111337518143588%2F%3F_rdc%3D10%26_rdr&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false&tabs=&width= IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:29:56 Last Seen2023-03-08 20:29:56 Times Seen1 Hash e5ca19d648d3dc8a0a677c8e728840c2 d8201de560f172223245936521a021168890618f d0580c45d7262ed5cd2adc97d7d4cec79c6804d87cb70957956b8798bb210a0d Loading...

	www.facebook.com/v13.0/plugins/page.php?adapt_container_width=true&app_id=426309295832970&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df318eedcab53d86%26domain%3Dbjgempreendimentos.com.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbjgempreendimentos.com.br%252Ff16042e8f1d677c%26relation%3Dparent.parent&container_width=356&hide_cover=false&href=https%3A%2F%2Fweb.facebook.com%2FBJG-Empreendimentos-111337518143588%2F%3F_rdc%3D10%26_rdr&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false&tabs=&width=	252 B	2023-03-07	2024-03-07
Pretty URL www.facebook.com/v13.0/plugins/page.php?adapt_container_width=true&app_id=426309295832970&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df318eedcab53d86%26domain%3Dbjgempreendimentos.com.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbjgempreendimentos.com.br%252Ff16042e8f1d677c%26relation%3Dparent.parent&container_width=356&hide_cover=false&href=https%3A%2F%2Fweb.facebook.com%2FBJG-Empreendimentos-111337518143588%2F%3F_rdc%3D10%26_rdr&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false&tabs=&width= IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2024-03-07 18:38:30 Times Seen2234 Hash dfc334cd5201ae3c020f43848b1646c4 b951863e53fd874757a2d5a21c8739a4d3640947 6e28b909a82bf42f6a2b51d7bbdc3ecafc47cd43cd52d1a3b584250c2ae579fe Loading...

	bjgempreendimentos.com.br/?QBOT.zip	341 B	2023-03-08	2023-03-08
Pretty URL bjgempreendimentos.com.br/?QBOT.zip IP 162.214.155.226 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:04:56 Last Seen2023-03-08 20:29:56 Times Seen1 Hash 73593616ee0604cc0cbde8b2eaffdf97 56b7706521ed837ad603e2c9bbd001293059a567 bb430cf637d3a3fa58c41164c2ae3dd2d66777799e039595edc3541ee0003421 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-NJJWG6X	168 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-NJJWG6X IP 172.217.21.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:29:56 Last Seen2023-03-08 20:29:56 Times Seen1 Hash 862fbb3a66911f6e78f031c74a396abd bebf32634e8cf4f7a6b5e3679e80ee17de3eaf2f 7c7bd10595130a983a275e0d9ac9f0f62171102ac480f9be8e555c034884080e Loading...

	www.facebook.com/v13.0/plugins/page.php?adapt_container_width=true&app_id=426309295832970&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df318eedcab53d86%26domain%3Dbjgempreendimentos.com.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbjgempreendimentos.com.br%252Ff16042e8f1d677c%26relation%3Dparent.parent&container_width=356&hide_cover=false&href=https%3A%2F%2Fweb.facebook.com%2FBJG-Empreendimentos-111337518143588%2F%3F_rdc%3D10%26_rdr&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false&tabs=&width=	391 B	2023-03-08	2023-03-08
Pretty URL www.facebook.com/v13.0/plugins/page.php?adapt_container_width=true&app_id=426309295832970&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df318eedcab53d86%26domain%3Dbjgempreendimentos.com.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbjgempreendimentos.com.br%252Ff16042e8f1d677c%26relation%3Dparent.parent&container_width=356&hide_cover=false&href=https%3A%2F%2Fweb.facebook.com%2FBJG-Empreendimentos-111337518143588%2F%3F_rdc%3D10%26_rdr&locale=pt_BR&sdk=joey&show_facepile=true&small_header=false&tabs=&width= IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:29:56 Last Seen2023-03-08 20:29:56 Times Seen1 Hash 4e3203cc7c585339bb5f1114ec71059d faceb256932a9c56d755b7587d7ab9109730bfbf 6bf1bc189fe223a0ded60f10cfdf12eef371f176fdcabb3fef329fbf45f75159 Loading...

	static.xx.fbcdn.net/rsrc.php/v3/yH/r/att8vh4fKZW.js?_nc_x=Ij3Wp8lg5Kz	5.9 kB	2023-03-08	2023-03-11
Pretty URL static.xx.fbcdn.net/rsrc.php/v3/yH/r/att8vh4fKZW.js?_nc_x=Ij3Wp8lg5Kz IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:29:30 Last Seen2023-03-11 23:53:02 Times Seen1 Hash e2629e00ff52c9be47641a586f08f82c 08d588734a11705c824070ef8f83468aea62609e eb3c7dcaabfe03ac2d7d3c41bb630dd73587b3f119962c536377e502e47f5df4 Loading...

	bjgempreendimentos.com.br/js/capi.js	625 B	2023-03-08	2023-03-08
Pretty URL bjgempreendimentos.com.br/js/capi.js IP 162.214.155.226 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:04:56 Last Seen2023-03-08 20:29:56 Times Seen1 Hash 14d62b2e66c4d2050c65d1c7e18ea760 17b1e78f3d0da9f65a37dfd88acde62e5b96d822 58ef22a5fed2e317ef7ac7cb51e034907ed94d2b466daea2ecc09b7f95a42543 Loading...

HTTP Transactions (80)

URL IP Response Size

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5ceaca9fd4ad000cb435820812fc69c8
8168397aaf7b572c89a9c83f46c0b65e4ac509f2
9c4e52e7e17158307d752db0bc3d1fbedae4f305cc301fd73b260f73ab796492

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C4E52E7E17158307D752DB0BC3D1FBEDAE4F305CC301FD73B260F73AB796492"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3647
Expires: Tue, 06 Dec 2022 22:46:36 GMT
Date: Tue, 06 Dec 2022 21:45:49 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
f83c5e33ba42e312ee398848bbb711f5
caa1fd23b1fbbe883292ded04404c1cfd861eb09
106d08fba45f1e13f85b4b5abc456594878494238933e54b6a06e21ed8a52bc9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 226
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 21:45:49 GMT
Etag: "638f19f6-1d7"
Last-Modified: Tue, 06 Dec 2022 21:42:03 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 06 Dec 2022 21:18:41 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1628
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a0abf10fb7e96c1c98dacf2f013a68b4
acdd839bce85eadc78a8e821e32e00a958d5c0c8
b85d98f8df05431777d96c767ce4c152302ec3f653cdf6e61c8c3fa9574f3255

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B85D98F8DF05431777D96C767CE4C152302EC3F653CDF6E61C8C3FA9574F3255"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10403
Expires: Wed, 07 Dec 2022 00:39:12 GMT
Date: Tue, 06 Dec 2022 21:45:49 GMT
Connection: keep-alive

bjgempreendimentos.com.br/aeat/index.php?QBOT.zip

162.214.155.226

302 Found

227 B

URL HTTP/1.1
bjgempreendimentos.com.br/aeat/index.php?QBOT.zip
IP
162.214.155.226:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
227 B (227 bytes)
Hash
d519adc5ed4d9b764469b47d8ea266cb
be527f9f523f3a785f84ed5bf85ca4dc4c2abba1
2f45c268e48f30f91421ade6d702ce779940f0d80bcaad833875f0f5b32f53bc

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /aeat/index.php?QBOT.zip HTTP/1.1
Host: bjgempreendimentos.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Date: Tue, 06 Dec 2022 21:45:48 GMT
Server: Apache
Location: https://bjgempreendimentos.com.br/?QBOT.zip
Content-Length: 227
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 1BUv7n44jmE32pZz8x5zRsiDu0lRWiYNuAR8Kt3ZXk7aY/BH8grEsIT7cYPTGsgXtjmEljLKkSgYTNJxjH3Yng==
x-amz-request-id: 6F2MSMVXTR9YR977
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 06 Dec 2022 20:47:14 GMT
age: 3516
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 21:45:50 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 06 Dec 2022 21:11:20 GMT
cache-control: public,max-age=3600
age: 2070
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
0f7dcaa590e32cfd1c075255188d5f06
d4bb4954fefdb3b59560b54adf500e806e252e39
195795c2511b31519134f5eb4442d8708918ecaff72f8e821a5473ad7c97c448

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 224
Cache-Control: max-age=127484
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 21:45:50 GMT
Etag: "638f062a-1d7"
Expires: Thu, 08 Dec 2022 09:10:34 GMT
Last-Modified: Tue, 06 Dec 2022 09:06:50 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

bjgempreendimentos.com.br/?QBOT.zip

162.214.155.226

200 OK

12 kB

URL HTTP/1.1
bjgempreendimentos.com.br/?QBOT.zip
IP
162.214.155.226:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
12 kB (12252 bytes)
Hash
52d4123a8d798c5ab384e567c4fa8071
f190547d5551988afe2be4eb6ce3429689c384fc
0e5fd4ad140d61477efc6159e7e70c30860220de1495d0675f3870fdb3d16df2

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /?QBOT.zip HTTP/1.1
Host: bjgempreendimentos.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 21:45:49 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
a4acd48df178d17fa1c0d0b5efdbf934
4a26acacfa9dba379aca98007fbe6cc2baf0aba3
e1d1488a8815657e7c828976d26cc5d9727630cb966be27999e801213eb29e76

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6591
Cache-Control: max-age=126320
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 21:45:50 GMT
Etag: "638ee8bf-116"
Expires: Thu, 08 Dec 2022 08:51:10 GMT
Last-Modified: Tue, 06 Dec 2022 07:01:19 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 278

code.jquery.com/jquery-3.6.0.min.js

69.16.175.10

200 OK

31 kB

URL HTTP/2
code.jquery.com/jquery-3.6.0.min.js
IP
69.16.175.10:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (65447)
Size
31 kB (30875 bytes)
Hash
899f0189aaf034bbba5340f724d91dfa
210ea9de03968edb9d839ba4a0ce2d48666a8ab8
949b6597c5ea907a7ef3c8ca6d5ffc73be2352f9df485b78704e5c4dabac5d0f

HTTP Headers

GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bjgempreendimentos.com.br
Connection: keep-alive
Referer: https://bjgempreendimentos.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 06 Dec 2022 21:45:50 GMT
content-encoding: gzip
content-length: 30875
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d9d"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1670363150.dop068.sk1.t,1670363150.cds003.sk1.hn,1670363150.cds210.sk1.c
X-Firefox-Spdy: h2

stackpath.bootstrapcdn.com/bootstrap/4.5.0/js/bootstrap.min.js

104.18.10.207

200 OK

16 kB

URL HTTP/2
stackpath.bootstrapcdn.com/bootstrap/4.5.0/js/bootstrap.min.js
IP
104.18.10.207:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (59893)
Size
16 kB (15768 bytes)
Hash
f655952410e1a8272014ba0186d780ab
609b4142c84cd01ba5ce58702b2046bd6a6633c9
01d29843d929e0ccf4667a9ad593ec7ee9ed91b6a5f93713853a47d6e7e4113e

HTTP Headers

GET /bootstrap/4.5.0/js/bootstrap.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bjgempreendimentos.com.br
Connection: keep-alive
Referer: https://bjgempreendimentos.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 06 Dec 2022 21:45:50 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"6bea60c34c5db6797150610dacdc6bce"
last-modified: Mon, 25 Jan 2021 22:04:10 GMT
cdn-cachedat: 10/24/2022 18:37:50
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 874
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: e5dd275093c06b1c9745d15c66e4d6b3
cdn-cache: HIT
cf-cache-status: HIT
age: 97422
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 775835fc5a89b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

bjgempreendimentos.com.br/css/style.css

162.214.155.226

200 OK

3.0 kB

URL HTTP/1.1
bjgempreendimentos.com.br/css/style.css
IP
162.214.155.226:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Unicode text, UTF-8 text
Size
3.0 kB (3041 bytes)
Hash
560bc5506cd579100be1f40377381bb3
4853a870a4471e78c4812acaf728ffb5f5d54bd7
5ebfb478360800e1a5343d8cef36886730e48e8abf17bdc7f6fef95100ef19e7

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /css/style.css HTTP/1.1
Host: bjgempreendimentos.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjgempreendimentos.com.br/?QBOT.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 21:45:49 GMT
Server: Apache
Last-Modified: Mon, 30 May 2022 18:16:31 GMT
Accept-Ranges: bytes
Content-Length: 3041
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
3f4ef8a54bffe08abfd72fbbe3b259e8
28770087be63936aabfdd9d802739767c8fca454
642f68596c1c285397713d2b1147f77a94a5e2eadcb8b18632133f1f87276639

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6521
Cache-Control: max-age=88074
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 21:45:50 GMT
Etag: "638e539f-118"
Expires: Wed, 07 Dec 2022 22:13:44 GMT
Last-Modified: Mon, 05 Dec 2022 20:25:03 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 280

cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css

104.17.24.14

200 OK

15 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65311)
Size
15 kB (14850 bytes)
Hash
1201d85f25136b687e48b5c47c69e1ab
a054a126169ae99d19e2449de4b5cb8f3f439730
715dd041182920f894f96779030573777c231ec1c97215f6d6d51a3f8cf8cec2

HTTP Headers

GET /ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjgempreendimentos.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 06 Dec 2022 21:45:50 GMT
content-type: text/css; charset=utf-8
content-length: 14850
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "619c057b-3a02"
last-modified: Mon, 22 Nov 2021 21:02:51 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1824217
expires: Sun, 26 Nov 2023 21:45:50 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KU%2BcmPTfke90F4kf8L9ibgeqBC%2FQfgKGbZ4nkekN5rxyMCzOI5utaCjuPMcPFlacJbuG%2FSJM4wVkEQp57czcYPw1UFnuSJymNQLVxqKkaNpv4P1qfX4gkWuRhkVO%2BrSkpoJ3Naoq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 775835fd5e14b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

push.services.mozilla.com/

35.163.38.240

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.163.38.240:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: e5Ha5WKh6B8ihE+kl4FhtQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 8F5OvQGPwDObXJTD77NtAJLLyNA=

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
3f4ef8a54bffe08abfd72fbbe3b259e8
28770087be63936aabfdd9d802739767c8fca454
642f68596c1c285397713d2b1147f77a94a5e2eadcb8b18632133f1f87276639

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6521
Cache-Control: max-age=88074
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 21:45:50 GMT
Etag: "638e539f-118"
Expires: Wed, 07 Dec 2022 22:13:44 GMT
Last-Modified: Mon, 05 Dec 2022 20:25:03 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 280

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c10bc583c46449dc192a809398b4e814
ff0f7ad905d32d7f3d01e4054552d0ad551503a5
defd2b2559e55c9c6c0f8be9b23c53c4e781a736feae3dd73b4d203b69cfcc57

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 21:45:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.jsdelivr.net/npm/uikit@3.13.1/dist/css/uikit.min.css

151.101.129.229

200 OK

28 kB

URL HTTP/2
cdn.jsdelivr.net/npm/uikit@3.13.1/dist/css/uikit.min.css
IP
151.101.129.229:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
Size
28 kB (28249 bytes)
Hash
2ff52a990ef23e1c57dcaf72468e9426
b6c5ebb6a5650dc0f23700a8fc5ce65c7aac298f
d5bfec9be07bbb1689ad5cbe02a429039a5d4e3c924b7c01503680492edde747

HTTP Headers

GET /npm/uikit@3.13.1/dist/css/uikit.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjgempreendimentos.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 3.13.1
x-jsd-version-type: version
etag: W/"3db3d-iJRLgF5xttHNSnqqRwqDYtKNsAE"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 06 Dec 2022 21:45:50 GMT
age: 3760731
x-served-by: cache-fra-eddf8230067-FRA, cache-bma1678-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 28249
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css

151.101.129.229

200 OK

23 kB

URL HTTP/2
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css
IP
151.101.129.229:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 text, with very long lines (65306)
Size
23 kB (22977 bytes)
Hash
f1883dfe3d1a16da0d5ad68f7228f99a
37e13f8f11c6c21ad2ea36a108e9006132586635
601ab8c5f5909131ea6a53a997f04c7c6e733127858045caeaa53701978f7e7a

HTTP Headers

GET /npm/bootstrap@5.0.2/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjgempreendimentos.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 5.0.2
x-jsd-version-type: version
etag: W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 06 Dec 2022 21:45:50 GMT
age: 19103113
x-served-by: cache-fra19150-FRA, cache-bma1678-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 22977
X-Firefox-Spdy: h2

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1

104.18.21.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
70ad566ad2535b33c384c3ed10f8322c
4a31e8014a063582566a10c75e0de4fd23f2bff6
1bbb457a64503fa217aaee85fbe471224e3a973e6deadbc5a160db587a4e04d1

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 21:45:51 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "7FABCCE47EB65775A0BBC004BAA4AB754FFE33BC"
Expires: Wed, 07 Dec 2022 08:00:00 GMT
Last-Modified: Tue, 06 Dec 2022 20:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2711
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 775835fdc8e4b521-OSL

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c10bc583c46449dc192a809398b4e814
ff0f7ad905d32d7f3d01e4054552d0ad551503a5
defd2b2559e55c9c6c0f8be9b23c53c4e781a736feae3dd73b4d203b69cfcc57

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 21:45:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8aa9320315b7fc787bfd0fd1baea8721
45328506883b22acc927b8038b73e5247b0a1679
c5827834b5ce1e49980b439410b06fca062d877abd8ca89719b589a2fe28b4b9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 21:45:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtm.js?id=GTM-NJJWG6X

172.217.21.168

200 OK

63 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-NJJWG6X
IP
172.217.21.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (3473)
Size
63 kB (62929 bytes)
Hash
0ff98098ea59603f1cacf614ca60f9d0
ad46af1550c0595476c133bd3ab7dfbedac1b8dd
377fb6d785337575d68374987802782d507bfdc569a995c6fd55546a05dd61e8

HTTP Headers

GET /gtm.js?id=GTM-NJJWG6X HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjgempreendimentos.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 06 Dec 2022 21:45:51 GMT
expires: Tue, 06 Dec 2022 21:45:51 GMT
cache-control: private, max-age=900
last-modified: Tue, 06 Dec 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 62929
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8aa9320315b7fc787bfd0fd1baea8721
45328506883b22acc927b8038b73e5247b0a1679
c5827834b5ce1e49980b439410b06fca062d877abd8ca89719b589a2fe28b4b9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 21:45:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

bjgempreendimentos.com.br/css/home.css

162.214.155.226

200 OK

1.6 kB

URL HTTP/1.1
bjgempreendimentos.com.br/css/home.css
IP
162.214.155.226:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
1.6 kB (1595 bytes)
Hash
7793560e1a04136678ca3316d2869494
a30e927e46f8888fb6d091a29659116a727ea649
15348197fe22fbdb553fbe7af9b53d5abf545966f6984ce097bbbaf47d267127

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /css/home.css HTTP/1.1
Host: bjgempreendimentos.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjgempreendimentos.com.br/?QBOT.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 21:45:50 GMT
Server: Apache
Last-Modified: Thu, 19 May 2022 15:15:33 GMT
Accept-Ranges: bytes
Content-Length: 1595
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

bjgempreendimentos.com.br/js/main.js

162.214.155.226

200 OK

1.4 kB

URL HTTP/1.1
bjgempreendimentos.com.br/js/main.js
IP
162.214.155.226:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
1.4 kB (1395 bytes)
Hash
cf0d51ddaddd691bd57618f3b2f425af
c07b17f6ff7ff6ff76b27a2634b933b5e5d22bc9
f8747603bebadb7ac96ea3d5ea65b49b930da04230a2e08f7a0d15e690ca67db

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /js/main.js HTTP/1.1
Host: bjgempreendimentos.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjgempreendimentos.com.br/?QBOT.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 21:45:50 GMT
Server: Apache
Last-Modified: Fri, 20 May 2022 13:03:45 GMT
Accept-Ranges: bytes
Content-Length: 1395
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

bjgempreendimentos.com.br/js/capi.js

162.214.155.226

200 OK

625 B

URL HTTP/1.1
bjgempreendimentos.com.br/js/capi.js
IP
162.214.155.226:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
625 B (625 bytes)
Hash
14d62b2e66c4d2050c65d1c7e18ea760
17b1e78f3d0da9f65a37dfd88acde62e5b96d822
58ef22a5fed2e317ef7ac7cb51e034907ed94d2b466daea2ecc09b7f95a42543

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /js/capi.js HTTP/1.1
Host: bjgempreendimentos.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjgempreendimentos.com.br/?QBOT.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 21:45:50 GMT
Server: Apache
Last-Modified: Mon, 05 Dec 2022 11:17:36 GMT
Accept-Ranges: bytes
Content-Length: 625
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e24f2da4ed2e3cd07b0999a67550d634
6e2277e734fd0015849c3554dd2cf2ae289c2cf2
74dc14d7d9ba8bba4a162680e59801af1d7c2995639df51f32ff2f3d4d0b0051

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 21:45:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e24f2da4ed2e3cd07b0999a67550d634
6e2277e734fd0015849c3554dd2cf2ae289c2cf2
74dc14d7d9ba8bba4a162680e59801af1d7c2995639df51f32ff2f3d4d0b0051

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 21:45:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e24f2da4ed2e3cd07b0999a67550d634
6e2277e734fd0015849c3554dd2cf2ae289c2cf2
74dc14d7d9ba8bba4a162680e59801af1d7c2995639df51f32ff2f3d4d0b0051

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 21:45:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

216.58.207.227

200 OK

31 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size
31 kB (30928 bytes)
Hash
ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

HTTP Headers

GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bjgempreendimentos.com.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Dec 2022 06:30:11 GMT
expires: Sat, 02 Dec 2023 06:30:11 GMT
cache-control: public, max-age=31536000
age: 400540
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

bjgempreendimentos.com.br/img/logo-resort.webp

162.214.155.226

200 OK

3.1 kB

URL HTTP/1.1
bjgempreendimentos.com.br/img/logo-resort.webp
IP
162.214.155.226:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
RIFF (little-endian) data, Web/P image\012- data
Size
3.1 kB (3114 bytes)
Hash
498deabb85d26f1567fd66dd985cee9b
ab44292f38b850df1dfd7a472d1cc6de9ceb9f45
4f76fe948d41e25380a47d4a24e9efbd34aa9094e3dea86d4fa85e304f89f9ac

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /img/logo-resort.webp HTTP/1.1
Host: bjgempreendimentos.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjgempreendimentos.com.br/?QBOT.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 21:45:50 GMT
Server: Apache
Last-Modified: Thu, 19 May 2022 15:15:34 GMT
Accept-Ranges: bytes
Content-Length: 3114
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/webp

bjgempreendimentos.com.br/img/icones/relogio.webp

162.214.155.226

200 OK

1.1 kB

URL HTTP/1.1
bjgempreendimentos.com.br/img/icones/relogio.webp
IP
162.214.155.226:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
RIFF (little-endian) data, Web/P image\012- data
Size
1.1 kB (1088 bytes)
Hash
fc3779d75e1a3e58541dc91886ce7a41
f8bb1855a90470f7a9431a5ab6d6d28669314421
d889464ba190640ede957b41bf6de256562c5063fe20e0c83f3fd8edaae3c941

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /img/icones/relogio.webp HTTP/1.1
Host: bjgempreendimentos.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjgempreendimentos.com.br/?QBOT.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 21:45:50 GMT
Server: Apache
Last-Modified: Thu, 19 May 2022 15:15:34 GMT
Accept-Ranges: bytes
Content-Length: 1088
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/webp

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e24f2da4ed2e3cd07b0999a67550d634
6e2277e734fd0015849c3554dd2cf2ae289c2cf2
74dc14d7d9ba8bba4a162680e59801af1d7c2995639df51f32ff2f3d4d0b0051

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 21:45:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

bjgempreendimentos.com.br/img/logo.webp

162.214.155.226

200 OK

3.0 kB

URL HTTP/1.1
bjgempreendimentos.com.br/img/logo.webp
IP
162.214.155.226:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
RIFF (little-endian) data, Web/P image\012- data
Size
3.0 kB (2952 bytes)
Hash
e5743a626e2dec8d8904e824c682235f
50cbdcef2d229ef7017cdc4060fdbc35670f8dc5
f5eee524bbedb184e14d536b188b8bd1c32acafe54bcfcf6941c4b12a046af8f

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /img/logo.webp HTTP/1.1
Host: bjgempreendimentos.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjgempreendimentos.com.br/?QBOT.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 21:45:50 GMT
Server: Apache
Last-Modified: Thu, 19 May 2022 15:15:34 GMT
Accept-Ranges: bytes
Content-Length: 2952
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/webp

bjgempreendimentos.com.br/img/icones/diamond.webp

162.214.155.226

200 OK

1.2 kB

URL HTTP/1.1
bjgempreendimentos.com.br/img/icones/diamond.webp
IP
162.214.155.226:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
RIFF (little-endian) data, Web/P image\012- data
Size
1.2 kB (1160 bytes)
Hash
966f3fc2d93917060029533d03e703f3
81db5bd3ab47018b4f2b69071249a86d957ef630
c3f66804c4937a68fa0f5b307269cb385a9357a513e783cdfd4e031029f2332d

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /img/icones/diamond.webp HTTP/1.1
Host: bjgempreendimentos.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjgempreendimentos.com.br/?QBOT.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 21:45:50 GMT
Server: Apache
Last-Modified: Thu, 19 May 2022 15:15:34 GMT
Accept-Ranges: bytes
Content-Length: 1160
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/webp

bjgempreendimentos.com.br/img/logo-sunpark-white.webp

162.214.155.226

200 OK

8.9 kB

URL HTTP/1.1
bjgempreendimentos.com.br/img/logo-sunpark-white.webp
IP
162.214.155.226:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
RIFF (little-endian) data, Web/P image\012- data
Size
8.9 kB (8888 bytes)
Hash
0368ac816b279ad62a5508527d100d48
48d4de5aaaffc96dadd81d2af6c52951d5c285ec
5f96f21cd924e560af1030250a6c04cc9a2dc5d5cb11a9d90be0df43f37fb7d0

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /img/logo-sunpark-white.webp HTTP/1.1
Host: bjgempreendimentos.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjgempreendimentos.com.br/?QBOT.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 21:45:50 GMT
Server: Apache
Last-Modified: Thu, 19 May 2022 15:15:34 GMT
Accept-Ranges: bytes
Content-Length: 8888
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/webp

bjgempreendimentos.com.br/img/icones/estrela.webp

162.214.155.226

200 OK

944 B

URL HTTP/1.1
bjgempreendimentos.com.br/img/icones/estrela.webp
IP
162.214.155.226:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
RIFF (little-endian) data, Web/P image\012- data
Size
944 B (944 bytes)
Hash
4a88010326292df63789a708b80bd71a
4fecc9c9fdc41bd4e07a193419b8686980b8e5ce
129b78a4363ac067753aae4d15b8697f236b2f6d863ecb5e5412743ba1843e2e

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /img/icones/estrela.webp HTTP/1.1
Host: bjgempreendimentos.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjgempreendimentos.com.br/?QBOT.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 21:45:50 GMT
Server: Apache
Last-Modified: Thu, 19 May 2022 15:15:34 GMT
Accept-Ranges: bytes
Content-Length: 944
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/webp

bjgempreendimentos.com.br/img/icones/distintivo.webp

162.214.155.226

200 OK

1.6 kB

URL HTTP/1.1
bjgempreendimentos.com.br/img/icones/distintivo.webp
IP
162.214.155.226:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
RIFF (little-endian) data, Web/P image\012- data
Size
1.6 kB (1622 bytes)
Hash
93187e61e458f49892cb5dd0b959bfca
05de7ff2011bec5bb031aa0bef5c9eab2acbfa1e
8526f1d6381f701e83dabe695ec73bdc5a89c6618706bf1a25f0bf494834a9f4

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /img/icones/distintivo.webp HTTP/1.1
Host: bjgempreendimentos.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjgempreendimentos.com.br/?QBOT.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 21:45:50 GMT
Server: Apache
Last-Modified: Thu, 19 May 2022 15:15:34 GMT
Accept-Ranges: bytes
Content-Length: 1622
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/webp

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2737
Expires: Tue, 06 Dec 2022 22:31:28 GMT
Date: Tue, 06 Dec 2022 21:45:51 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2737
Expires: Tue, 06 Dec 2022 22:31:28 GMT
Date: Tue, 06 Dec 2022 21:45:51 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2737
Expires: Tue, 06 Dec 2022 22:31:28 GMT
Date: Tue, 06 Dec 2022 21:45:51 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8a7b1a4-645c-4164-abf9-5450ef421f97.jpeg

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8a7b1a4-645c-4164-abf9-5450ef421f97.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8660 bytes)
Hash
fddffc8edfa3ca668c8ac740d34f46c5
63483fc211cfb2808c7f37940a4065b4f4177c59
3c736f085f8f25d68c3dd946d5a546dc6d1f5f6e94a0da17b7fd4662d61a0b50

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8a7b1a4-645c-4164-abf9-5450ef421f97.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8660
x-amzn-requestid: d5cf901f-bd2b-4269-918a-29a0bec09a40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_uBG9IIAMFxcw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1326-63b4ea925878dab212409f2b;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZbrQ6wWHMvuPGfdujPdgWq3ahDYeTi0wGfwnn27xEBt6TvM8r0kMgQ==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:49:39 GMT
age: 86172
etag: "63483fc211cfb2808c7f37940a4065b4f4177c59"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11224 bytes)
Hash
b15136d60fd0a5e0f657a4f5c75d540f
36082b7329d473829178f280cb71a83b1531e486
79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11224
x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUINEwdoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT
x-amz-cf-pop: YVR50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGtiCE9C3j0BUruNaFN2j1mKxCSouLmocmTXpmLMBJaLNyVwkXu1gQ==
via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:09:28 GMT
age: 84983
etag: "36082b7329d473829178f280cb71a83b1531e486"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d735c66-8946-4145-a67f-e17dd48087bc.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11175 bytes)
Hash
38b97436af942d5eb1111ca7043259a0
0234fe32c84c4711f0619714f3ac6d3db1b717d3
a76a7721355abbaecd5c8cb5218e7e4626dc345eb26e7541c71bf4ceaa7ae5d8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d735c66-8946-4145-a67f-e17dd48087bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11175
x-amzn-requestid: 9c93ddca-1247-44af-a364-e617f69ace26
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSzYEnEoAMFa2A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64e2-7d38ea383725901524bc2ca0;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fNsYsKfPUM8QaG7-F1tSBDdsNit1BfYpWddNssXwyFO2HgdA0RpjAQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:54:21 GMT
age: 85890
etag: "0234fe32c84c4711f0619714f3ac6d3db1b717d3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

bjgempreendimentos.com.br/img/logo-footer.webp

162.214.155.226

200 OK

3.9 kB

URL HTTP/1.1
bjgempreendimentos.com.br/img/logo-footer.webp
IP
162.214.155.226:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
RIFF (little-endian) data, Web/P image\012- data
Size
3.9 kB (3928 bytes)
Hash
e6ed41bed5a9da500746d888025cd9f5
e296babac78d84a7c7f0a75c393d83d2f67a003b
146b91dfb910962f16ee62788c6a74b3d380cec6b129d1a5bc6e876c68c89beb

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /img/logo-footer.webp HTTP/1.1
Host: bjgempreendimentos.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjgempreendimentos.com.br/?QBOT.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 21:45:50 GMT
Server: Apache
Last-Modified: Thu, 19 May 2022 15:15:34 GMT
Accept-Ranges: bytes
Content-Length: 3928
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/webp

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70fb9d31-10e5-4323-9fbd-ed451a00e6b1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10594 bytes)
Hash
7e1b54923ba506fde6b21c5bfb51ccc8
366aa3ab0790c496ea51bc08d1f2ff3358530d9e
a993ca6dc9a1f854f4542f9221e4f90060825ea863974b5163a9d3e284dc4663

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70fb9d31-10e5-4323-9fbd-ed451a00e6b1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10594
x-amzn-requestid: eee9f193-eef5-44bf-997a-877fa206749e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSyIHpGoAMF1fw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64da-0a9190f7698dbf2f73bb1575;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: T28mItwomGU8iDJ18lUF7ZrFuyh_P3ZTwUtA4AC5qZ5C5FQurDMgmQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:54:01 GMT
age: 85910
etag: "366aa3ab0790c496ea51bc08d1f2ff3358530d9e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffaf0de04-19bf-4944-9ac5-5178afafb192.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11352 bytes)
Hash
7f2c354a00ab51d4a41221b6bf191c10
01ceb7233fe05ad8dff3a0a43eef879ea2b83ec4
7d3c8417e1db0db41ceb8b4bf3f506864392dd1ad29319a06a8a6055f6f2ed12

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffaf0de04-19bf-4944-9ac5-5178afafb192.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11352
x-amzn-requestid: 7c3fc7bb-eb1f-46ec-8e92-b6ffc6261848
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSwuF1ToAMFiIA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64d1-7c53152a279f00595b9886bd;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:25 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: EQorA5VTb0s2BEIWBkdkhDho-bLdLVvu8LnAIQsQqsIjgBLneYqCzg==
via: 1.1 b6d577696b14c86cbfeb5b3459f38c50.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:48:22 GMT
age: 86249
etag: "01ceb7233fe05ad8dff3a0a43eef879ea2b83ec4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6aff31b2-ef3e-4782-ae28-38f9aee8b1b7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.0 kB (5995 bytes)
Hash
3801236dc22938e1cc18947e90ea5326
5979d7dc3ba0eb61947282a4adeac8208b4148ae
3bd4eab29590ec3c316597abd2be65281cd9a6137add037ad57c093f1fca12e2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6aff31b2-ef3e-4782-ae28-38f9aee8b1b7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5995
x-amzn-requestid: 25b34277-c486-4642-aea7-21e0598babc3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSzOGGjoAMF4kw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64e1-6f43ab8e0c1a5260327bce11;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YzpOZW9e-54LuSSOigtmFRb0sUGpIRpqZ-UtINp-B_Uzk6lFPnb6dw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:25:46 GMT
age: 84005
etag: "5979d7dc3ba0eb61947282a4adeac8208b4148ae"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

bjgempreendimentos.com.br/img/home/residence.webp

162.214.155.226

200 OK

84 kB

URL HTTP/1.1
bjgempreendimentos.com.br/img/home/residence.webp
IP
162.214.155.226:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1028x880, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
84 kB (84056 bytes)
Hash
8b96e14fa41eea77a9c666985ef64545
83b6b6e549798a73c5fe65ffc944adefa2b96b84
21a3b92b5adfc739d0d0bde6cbf4b83b3ef43a997ad68a61ffcee6c1cb70464e

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /img/home/residence.webp HTTP/1.1
Host: bjgempreendimentos.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjgempreendimentos.com.br/?QBOT.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 21:45:50 GMT
Server: Apache
Last-Modified: Thu, 19 May 2022 15:15:34 GMT
Accept-Ranges: bytes
Content-Length: 84056
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/webp

bjgempreendimentos.com.br/img/home/hero-img-2.webp

162.214.155.226

200 OK

260 kB

URL HTTP/1.1
bjgempreendimentos.com.br/img/home/hero-img-2.webp
IP
162.214.155.226:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
RIFF (little-endian) data, Web/P image\012- data
Size
260 kB (259644 bytes)
Hash
b6ecb56e403f6a8f047845b6b0998221
a9df249ab6064ffd6b18190958d5f3ba0483061e
32b6b40de7684f7f63a5a19665d1f3ba6b70320c6c00bdf91f543357f0c16649

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /img/home/hero-img-2.webp HTTP/1.1
Host: bjgempreendimentos.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjgempreendimentos.com.br/?QBOT.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 21:45:50 GMT
Server: Apache
Last-Modified: Thu, 19 May 2022 15:15:34 GMT
Accept-Ranges: bytes
Content-Length: 259644
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/webp

bjgempreendimentos.com.br/img/home/resort.webp

162.214.155.226

200 OK

134 kB

URL HTTP/1.1
bjgempreendimentos.com.br/img/home/resort.webp
IP
162.214.155.226:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1028x880, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
134 kB (133454 bytes)
Hash
d2dafa2af21805bcf211b78af9454b72
6a52f35c97a5c18936711796cd37aa6c879e6e89
0463cc58887687119952c09123f372fa305d1e01775e55d36254d9b3281dfb5f

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /img/home/resort.webp HTTP/1.1
Host: bjgempreendimentos.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjgempreendimentos.com.br/?QBOT.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 21:45:50 GMT
Server: Apache
Last-Modified: Thu, 19 May 2022 15:15:34 GMT
Accept-Ranges: bytes
Content-Length: 133454
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/webp

www.google-analytics.com/analytics.js

142.250.74.14

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.14:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjgempreendimentos.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 06 Dec 2022 20:46:55 GMT
expires: Tue, 06 Dec 2022 22:46:55 GMT
cache-control: public, max-age=7200
age: 3537
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
d44205a852cedc47da2373b3542f2ca0
884e5d2d7ef372a86e7edc3f8c1dc63a3b4fbe82
f2adb5b3e4b05ad953d43f483497243ae66c148f2af8f39473ddc6fcf2623bb9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5493
Cache-Control: max-age=146095
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 21:45:52 GMT
Etag: "638f3a4a-1d7"
Expires: Thu, 08 Dec 2022 14:20:47 GMT
Last-Modified: Tue, 06 Dec 2022 12:49:14 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d9339bfb0393ef6575db48a0481f2556
351fa573fc3ea6626f3258061743cad65e0c4fce
5890254c4fac81ab169d788b9e5f9100f36e1ea2a2a6fe9036c45122aff062b3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 21:45:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
d44205a852cedc47da2373b3542f2ca0
884e5d2d7ef372a86e7edc3f8c1dc63a3b4fbe82
f2adb5b3e4b05ad953d43f483497243ae66c148f2af8f39473ddc6fcf2623bb9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5493
Cache-Control: max-age=146095
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 21:45:52 GMT
Etag: "638f3a4a-1d7"
Expires: Thu, 08 Dec 2022 14:20:47 GMT
Last-Modified: Tue, 06 Dec 2022 12:49:14 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

connect.facebook.net/pt_BR/sdk.js

31.13.72.12

200 OK

1.7 kB

URL HTTP/2
connect.facebook.net/pt_BR/sdk.js
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (1957)
Size
1.7 kB (1688 bytes)
Hash
d9eb57ea47835484202c0c7cc6dd29e9
3358c6c008f828479a094481a884af59279a9153
471f2b4f02105b44fdda936e9e7a373fd22410d8a053e41910d2acb6342a93fb

HTTP Headers

GET /pt_BR/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bjgempreendimentos.com.br
Connection: keep-alive
Referer: https://bjgempreendimentos.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 058f9c812de55121258bef38cc8b4c95
etag: "216e57ee685c44113b8bab5f7617e6f7"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Tue, 06 Dec 2022 21:48:35 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: 2etX6keDVIQgLAx8xt0p6Q==
x-fb-debug: sWi33gIxBX6mQx4KCNsKKC7iA6dGZfC7AeGBWKi7jSi11P2K8QHV8ongNd+uBTYPtZmq4yTustAjIm2efFe4Cg==
content-length: 1688
x-fb-trip-id: 1904183273
date: Tue, 06 Dec 2022 21:45:52 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

connect.facebook.net/en_US/fbevents.js

31.13.72.12

200 OK

27 kB

URL HTTP/2
connect.facebook.net/en_US/fbevents.js
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (64348)
Size
27 kB (27340 bytes)
Hash
44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396

HTTP Headers

GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjgempreendimentos.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: yNMAlvtG/CzMwg5IXi0+VYOogY6l0mMTvDeUkzUyN0Lzpb++bG1b9zPEeeia5p01K02scmlX8owP3QI9+Y//Kg==
content-length: 27340
x-fb-trip-id: 1904183273
date: Tue, 06 Dec 2022 21:45:52 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
d44205a852cedc47da2373b3542f2ca0
884e5d2d7ef372a86e7edc3f8c1dc63a3b4fbe82
f2adb5b3e4b05ad953d43f483497243ae66c148f2af8f39473ddc6fcf2623bb9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5493
Cache-Control: max-age=146095
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 21:45:52 GMT
Etag: "638f3a4a-1d7"
Expires: Thu, 08 Dec 2022 14:20:47 GMT
Last-Modified: Tue, 06 Dec 2022 12:49:14 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d9339bfb0393ef6575db48a0481f2556
351fa573fc3ea6626f3258061743cad65e0c4fce
5890254c4fac81ab169d788b9e5f9100f36e1ea2a2a6fe9036c45122aff062b3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 21:45:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

bjgempreendimentos.com.br/img/ico.webp

162.214.155.226

200 OK

788 B

URL HTTP/1.1
bjgempreendimentos.com.br/img/ico.webp
IP
162.214.155.226:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
RIFF (little-endian) data, Web/P image\012- data
Size
788 B (788 bytes)
Hash
f34c0c2f8dbeea457a4fa816dacc799e
9ecaec00ac918a4a5aaec48ca2a2154a58eb884f
ec64f1cc1a784f45f68ecc30487c50bac713c3a27183435ca87755f0d175c4c4

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /img/ico.webp HTTP/1.1
Host: bjgempreendimentos.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjgempreendimentos.com.br/?QBOT.zip
Cookie: _gcl_au=1.1.1582677681.1670363151
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 21:45:51 GMT
Server: Apache
Last-Modified: Thu, 19 May 2022 15:15:34 GMT
Accept-Ranges: bytes
Content-Length: 788
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/webp

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5006b8e985c5838b7fd2f2b558a65bc4
183ff15e0faedf346305fd6fe1c70c9c7a1eef4a
fcbfec9f5fd0e10d44778c1df64d8612281cd39881cdfd0aa8ca30d13655655a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 21:45:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

connect.facebook.net/pt_BR/sdk.js?hash=ce597452b536b36f6d3f38c1308e75b7

31.13.72.12

200 OK

87 kB

URL HTTP/2
connect.facebook.net/pt_BR/sdk.js?hash=ce597452b536b36f6d3f38c1308e75b7
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (12439)
Size
87 kB (86936 bytes)
Hash
4d601d07353bea4a1330713051a2fe62
8334bf98e738cc08d2f813e0d9965f1e6a9b0980
f7175c67324e4be68e17631356dc37cec003cae01c56dccf02e63bdfc21b5d9b

HTTP Headers

GET /pt_BR/sdk.js?hash=ce597452b536b36f6d3f38c1308e75b7 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bjgempreendimentos.com.br
Connection: keep-alive
Referer: https://bjgempreendimentos.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 04834ddbcf9ecaeb4bab7fdfcb45a607
etag: "559c13796db13858b304012ecd1fd2ba"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Wed, 06 Dec 2023 19:47:39 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: TWAdBzU76koTMHEwUaL+Yg==
x-fb-debug: gBGO9kqjvkIrcjcB5F5s36LJVpaJPjAaUvlVCUy6Ipq7XJKrLcbE1hczonbijIux64TTFuzCHgMadGAdOjDxdA==
content-length: 86936
x-fb-trip-id: 1904183273
date: Tue, 06 Dec 2022 21:45:52 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
013b65c5b52bb7855158194ff2024fb8
94eae308d8338735898e90536fc6ba076ff28cdd
bb5ab17efd81056c5f0ab03312011b63acb099c0e249364464391af52428098e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 21:45:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/pagead/1p-user-list/11035587724/?random=1670363151006&cv=11&fst=1670360400000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fbjgempreendimentos.com.br%2F%3FQBOT.zip&tiba=BJG%20-%20Empreendimentos%20Imobili%C3%A1rios&fmt=3&is_vtc=1&random=3061773411&rmt_tld=0&ipr=y

216.58.207.228

200 OK

42 B

URL HTTP/2
www.google.com/pagead/1p-user-list/11035587724/?random=1670363151006&cv=11&fst=1670360400000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fbjgempreendimentos.com.br%2F%3FQBOT.zip&tiba=BJG%20-%20Empreendimentos%20Imobili%C3%A1rios&fmt=3&is_vtc=1&random=3061773411&rmt_tld=0&ipr=y
IP
216.58.207.228:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/11035587724/?random=1670363151006&cv=11&fst=1670360400000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fbjgempreendimentos.com.br%2F%3FQBOT.zip&tiba=BJG%20-%20Empreendimentos%20Imobili%C3%A1rios&fmt=3&is_vtc=1&random=3061773411&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjgempreendimentos.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 21:45:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.no/pagead/1p-user-list/11035587724/?random=1670363151006&cv=11&fst=1670360400000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fbjgempreendimentos.com.br%2F%3FQBOT.zip&tiba=BJG%20-%20Empreendimentos%20Imobili%C3%A1rios&fmt=3&is_vtc=1&random=3061773411&rmt_tld=1&ipr=y

142.250.74.131

200 OK

42 B

URL HTTP/2
www.google.no/pagead/1p-user-list/11035587724/?random=1670363151006&cv=11&fst=1670360400000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fbjgempreendimentos.com.br%2F%3FQBOT.zip&tiba=BJG%20-%20Empreendimentos%20Imobili%C3%A1rios&fmt=3&is_vtc=1&random=3061773411&rmt_tld=1&ipr=y
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/11035587724/?random=1670363151006&cv=11&fst=1670360400000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fbjgempreendimentos.com.br%2F%3FQBOT.zip&tiba=BJG%20-%20Empreendimentos%20Imobili%C3%A1rios&fmt=3&is_vtc=1&random=3061773411&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjgempreendimentos.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 21:45:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

bjgempreendimentos.com.br/capi/entrou_contato.php?acesso=1&evento=PageView&nomevnt=PageView

162.214.155.226

500 Internal Server Error

0 B

URL HTTP/1.1
bjgempreendimentos.com.br/capi/entrou_contato.php?acesso=1&evento=PageView&nomevnt=PageView
IP
162.214.155.226:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /capi/entrou_contato.php?acesso=1&evento=PageView&nomevnt=PageView HTTP/1.1
Host: bjgempreendimentos.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://bjgempreendimentos.com.br/?QBOT.zip
Cookie: _gcl_au=1.1.1582677681.1670363151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 500 Internal Server Error
Date: Tue, 06 Dec 2022 21:45:50 GMT
Server: Apache
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ee6bfe50f8e4b9c142f971a55496ac26
8c3fd42aaa7fa3ebdedc4f7b0271b8caae166e64
4582e8e1ada92a279cbc5d82904c7fd27b9d4b95bc06c7a8b3c13168978f0b33

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 21:45:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
013b65c5b52bb7855158194ff2024fb8
94eae308d8338735898e90536fc6ba076ff28cdd
bb5ab17efd81056c5f0ab03312011b63acb099c0e249364464391af52428098e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 21:45:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.facebook.com/tr/?id=426309295832970&ev=fb_page_view&dl=https%3A%2F%2Fbjgempreendimentos.com.br%2F%3FQBOT.zip&rl=&if=false&ts=1670363152153&sw=1280&sh=1024&at=

31.13.72.36

200 OK

0 B

URL HTTP/2
www.facebook.com/tr/?id=426309295832970&ev=fb_page_view&dl=https%3A%2F%2Fbjgempreendimentos.com.br%2F%3FQBOT.zip&rl=&if=false&ts=1670363152153&sw=1280&sh=1024&at=
IP
31.13.72.36:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tr/?id=426309295832970&ev=fb_page_view&dl=https%3A%2F%2Fbjgempreendimentos.com.br%2F%3FQBOT.zip&rl=&if=false&ts=1670363152153&sw=1280&sh=1024&at= HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjgempreendimentos.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Tue, 06 Dec 2022 21:45:52 GMT
X-Firefox-Spdy: h2

static.xx.fbcdn.net/rsrc.php/v3/yE/l/0,cross/T1wKK3jZYly.css?_nc_x=Ij3Wp8lg5Kz

31.13.72.12

200 OK

5.1 kB

URL HTTP/2
static.xx.fbcdn.net/rsrc.php/v3/yE/l/0,cross/T1wKK3jZYly.css?_nc_x=Ij3Wp8lg5Kz
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (4431)
Size
5.1 kB (5060 bytes)
Hash
54533a07b784a4e82f5a93d7d56c60a3
090ec48e7af4fcdf871cf9402b43c5d782bcb18f
26b48979519acdb0b5642959c5964cd7979918bfaacd4a8b63a795ceb36b259c

HTTP Headers

GET /rsrc.php/v3/yE/l/0,cross/T1wKK3jZYly.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 06 Dec 2023 17:41:05 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: VFM6B7eEpOgvWpPX1Wxgow==
x-fb-debug: 70LjdRAP6HkvKhF9n9dbDTqi0GDv76QhAV4tr4lFNYFbsaXwys1cf/doMAxyP8gnQU8RLurW9O6ChWpvjb+Vfw==
priority: u=3,i
content-length: 5060
x-fb-trip-id: 1904183273
date: Tue, 06 Dec 2022 21:45:52 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

static.xx.fbcdn.net/rsrc.php/v3/yn/l/0,cross/-HGPTKcj37t.css?_nc_x=Ij3Wp8lg5Kz

31.13.72.12

200 OK

830 B

URL HTTP/2
static.xx.fbcdn.net/rsrc.php/v3/yn/l/0,cross/-HGPTKcj37t.css?_nc_x=Ij3Wp8lg5Kz
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (724)
Size
830 B (830 bytes)
Hash
d63a02ce87c07ffcfa869fef7fc5f233
cae745fef84088abe3525bb77f75c55cd1d4cc2c
bf9d4d71541a0a1f31b10be351add847ee935da6de355756314c8ca96512444d

HTTP Headers

GET /rsrc.php/v3/yn/l/0,cross/-HGPTKcj37t.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 01 Dec 2023 15:32:35 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 1joCzofAf/z6hp/vf8XyMw==
x-fb-debug: KXJN8lrki5yL3gkzZNmlm2Aa72min4K4juqQH540tx20GYGPkG5FzIsAbBTGj2R4nS974BGprxYpblGqaixX1g==
priority: u=3,i
content-length: 830
x-fb-trip-id: 1904183273
date: Tue, 06 Dec 2022 21:45:52 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

static.xx.fbcdn.net/rsrc.php/v3/yo/r/LWFrgKrNwhY.js?_nc_x=Ij3Wp8lg5Kz

31.13.72.12

200 OK

99 kB

URL HTTP/2
static.xx.fbcdn.net/rsrc.php/v3/yo/r/LWFrgKrNwhY.js?_nc_x=Ij3Wp8lg5Kz
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (17579)
Size
99 kB (98866 bytes)
Hash
988833e4aab8f7f1b355ce163cf96d50
87ac036a5f26c9760f423a6072c64abdc72f26d1
865064e8ec9d8000078bcf44edb2339107ded4a3c9a4b47f2a1d0cfb60c28f57

HTTP Headers

GET /rsrc.php/v3/yo/r/LWFrgKrNwhY.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Tue, 05 Dec 2023 22:37:51 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: y3x4O8qpIuixyMXISu1lDg==
x-fb-debug: UXRbinCQ0jCYpuFAL49nzTE6bFsXH1JwBy6nB0HiZrKc7/fhV2n3Jqtj5Ajf5ZOdohq6V4ItC00MC9IHTWy6rQ==
priority: u=2
content-length: 84287
x-fb-trip-id: 1904183273
date: Tue, 06 Dec 2022 21:45:52 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

static.xx.fbcdn.net/rsrc.php/v3/yH/r/att8vh4fKZW.js?_nc_x=Ij3Wp8lg5Kz

31.13.72.12

200 OK

1.8 kB

URL HTTP/2
static.xx.fbcdn.net/rsrc.php/v3/yH/r/att8vh4fKZW.js?_nc_x=Ij3Wp8lg5Kz
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (1984)
Size
1.8 kB (1847 bytes)
Hash
3eec5e9a11ba7da3a0f8cd0af8b4bdcb
462922ace2e24121fb02f42966abb8004b24c98c
92e829ebf854a5a759b0f718ea0f31b4870e1dbbd7f09e8c2e1cac0b21e6d69c

HTTP Headers

GET /rsrc.php/v3/yH/r/att8vh4fKZW.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 30 Nov 2023 17:47:11 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: PuxemhG6faOg+M0K+LS9yw==
x-fb-debug: NBMcg3HhaeYN36UeWhUniQQftYkPs9SBDvWKRZCaTKNc4rGO54UzpthVZTDcKygnlKRpJ/Slfvgqq8RVLetIGA==
priority: u=1,i
content-length: 1847
x-fb-trip-id: 1904183273
date: Tue, 06 Dec 2022 21:45:52 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

static.xx.fbcdn.net/rsrc.php/v3/yR/r/bPhRbIw5d4Y.js?_nc_x=Ij3Wp8lg5Kz

31.13.72.12

200 OK

16 kB

URL HTTP/2
static.xx.fbcdn.net/rsrc.php/v3/yR/r/bPhRbIw5d4Y.js?_nc_x=Ij3Wp8lg5Kz
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
C source, ASCII text, with very long lines (8741)
Size
16 kB (16232 bytes)
Hash
c92ef94e30a2dd9473fd9fe533472b73
97049e47de026939c75a885df9e8bb0fb56515ba
f2981c7109e60cf9f5a9e846a25800dbec20a923db028f310b6feb79415650bb

HTTP Headers

GET /rsrc.php/v3/yR/r/bPhRbIw5d4Y.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 01 Dec 2023 16:05:39 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: yS75TjCi3ZRz/Z/lM0crcw==
x-fb-debug: wDsTlr8aZiOvVvXv/fhvZPJj0kaU7nWKo2BrLLKLGWDuUT2i+dju7G+ZqG/pXOk6JXxZwN+15wFpLBRmrMErxg==
content-length: 16232
x-fb-trip-id: 1904183273
date: Tue, 06 Dec 2022 21:45:52 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

static.xx.fbcdn.net/rsrc.php/v3iM-F4/yw/l/pt_BR/sdLyto6-v_-.js?_nc_x=Ij3Wp8lg5Kz

31.13.72.12

200 OK

23 kB

URL HTTP/2
static.xx.fbcdn.net/rsrc.php/v3iM-F4/yw/l/pt_BR/sdLyto6-v_-.js?_nc_x=Ij3Wp8lg5Kz
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (42107)
Size
23 kB (23424 bytes)
Hash
4202b4fb6a660d2b8cb736c170f8d650
4bfcc69c790641ee8968e58ea1586b161b94f039
65a4baa940946c1e87ab1d93c4bf7e846584a904ac16ce86c9fc9aa9358cb821

HTTP Headers

GET /rsrc.php/v3iM-F4/yw/l/pt_BR/sdLyto6-v_-.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 03 Dec 2023 16:52:01 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: QgK0+2pmDSuMtzbBcPjWUA==
x-fb-debug: nDkLpCbKr2ePy8IEpE8lMBdvTMLQEHK3k+e1Cm2xpCOfYp30Vzv8mBqdFmc6ev3hQ7SpWr2Whcf+JRW6j5wGSg==
priority: u=3,i
content-length: 23424
x-fb-trip-id: 1904183273
date: Tue, 06 Dec 2022 21:45:52 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faeae6973-c3cb-4597-8dcc-f36e4cd35fda.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11469 bytes)
Hash
5529617b0748f2d8c82ef99c1ac116a8
a862b74508113ae72b56b9b3de0c75ba559b9032
376a82ae4a5b80f59fb746be79bca569b03a74c345845c7bbf15189964b0bb96

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faeae6973-c3cb-4597-8dcc-f36e4cd35fda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 11469
x-amzn-requestid: f60a3f0d-38f7-4f82-bdd5-9e31814ab1d9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSuZGAXIAMFwuA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64c2-5b4b99e779a0aaa71a311a1c;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: SxFdluOKQmnZA8pW576X9B4b3d4MIWehMY_pbAs52EuR8KfQvlWAPA==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:41:57 GMT
age: 241
etag: "a862b74508113ae72b56b9b3de0c75ba559b9032"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700&display=swap

142.250.74.74

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700&display=swap
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Montserrat:wght@300;400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bjgempreendimentos.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Dec 2022 21:45:50 GMT
date: Tue, 06 Dec 2022 21:45:50 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (27)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations