{"report_id":"1d6cd826-0ae0-4e70-bab1-b146b52a3ac0","version":0,"status":"done","tags":["netflix","phishing"],"date":"2026-06-20T12:16:17Z","url":{"schema":"http","addr":"reative-sua-assinatura.fun","fqdn":"reative-sua-assinatura.fun","domain":"reative-sua-assinatura.fun","tld":"fun"},"ip":{"addr":"172.67.182.34","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"reative-sua-assinatura.fun/access.php?verify=LBUXW2XBLBUX-XO60-LBUXXO60XO60-JNNGXO60\u0026identifyData=36ns5471g6qcku7uft5lcj1eph\u0026timeAttemp=1679091c5a880faf6fb5e6087eb1b2dc","fqdn":"reative-sua-assinatura.fun","domain":"reative-sua-assinatura.fun","tld":"fun"},"title":"Netflix","dom":{"size":3794,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1729)","md5":"3d6215bd0926cbae5a5d661d780c4e20","sha1":"f6c2a52a7df138d69f125917166c85c17d687af7","sha256":"835cbc296c3bf8ad61b7290ca3c716bd9604a0c3c2d7b67e276507c4a6991efa","sha512":"0112b8072a5fca43edc68fe7dcc1f6f53d535cadaf6ae62a4c3394c6ccfcce6a2f52af9cc08839c7e699d4e24fdee3393bb404237559d5780d37d44e5c2a06e0","ssdeep":"","tlshash":"12710d32a9c1583b02534de9a5d2ff0ee5e3c19ac92b9908b7fc5bc84bc5ec6cd52524","dom_hash":"domhash00d4355f5d4226467e0fa09adaae3dc7","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"reative-sua-assinatura.fun","fqdn":"reative-sua-assinatura.fun","domain":"reative-sua-assinatura.fun","tld":"fun"},"ip":{"addr":"172.67.182.34","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-25T12:16:17Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":2,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"reative-sua-assinatura.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"reative-sua-assinatura.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-20","alert":"Phishing Block","trigger":"reative-sua-assinatura.fun","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"reative-sua-assinatura.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Netflix","verdict":"phishing","severity":"medium","comment":"Associated with Netflix phishing","tags":["netflix","phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Netflix","verdict":"phishing","severity":"medium","comment":"Associated with Netflix phishing","tags":["netflix","phishing"],"meta":null}]},"summary":[{"fqdn":"reative-sua-assinatura.fun","ip":{"addr":"104.21.32.13","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-06-11","domain_rank":0,"first_seen":"2026-06-20T12:16:09.666246Z","last_seen":"2026-06-20T12:16:09.666246Z","alert_count":70,"request_count":14,"received_data":874604,"sent_data":9326,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Netflix","verdict":"phishing","severity":"medium","comment":"Associated with Netflix phishing","tags":["netflix","phishing"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"reative-sua-assinatura.fun/public/javascripts/jquery.min.js","fqdn":"reative-sua-assinatura.fun","domain":"reative-sua-assinatura.fun","tld":"fun"},"ip":{"addr":"104.21.32.13","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"7c14a783dfeb3d238ccd3edd840d82ee","sha1":"ad886e472b3557f3dc7dfa2bc43468ab8d1cef5b","sha256":"80f04717f32ea0320c5e8618fbacedd1fee3a8775ad8292140a6113551d4b5b0","sha512":"fa3e021ca60a9adbe570c6565c7370727904c4396c23a4c519daf258d05fae3e17bfb7607a0ab6dfe2b7150a4ec1b6a95e6d49675291be5f6a4e5679ad78d858","ssdeep":"1536:DjExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1vN:DIh8GgP3hujzwbhd3XvSiDQ47GK/","tlshash":"6f9309ddb2c6702257a720ba007f510bf236199d6c4d8450f169d8eabc78a4e827bf7d","size":89500,"data":"","first_seen":"2023-03-07T01:06:20Z","last_seen":"2026-06-20T16:33:24.979011Z","times_seen":20150,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"reative-sua-assinatura.fun/public/javascripts/jquery.mask.js","fqdn":"reative-sua-assinatura.fun","domain":"reative-sua-assinatura.fun","tld":"fun"},"ip":{"addr":"104.21.32.13","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"3b5470c70d12e8ac4f31d995c3c027f6","sha1":"f92de41b26d5e744f6335660c2b0d10d21bee210","sha256":"3b775d6e0b0f5cff98aca4daaa7f27a7c3678f39d1f5186776bb14b63cc2f625","sha512":"12881df4695c0b599acaaae46724c38cda703697b5010cb713a7e25f178088ee5b720482f1f432d2f00e970d4274d478e5b83dac6880d2511f00730ec3f5dfee","ssdeep":"96:AZa87Yu4Evyymrdew8UjXp9PZiUZK5QaZuBIiE07Z2myAeKJevlK7ZXO83:P87cxrQwz9kB5QaZuBIiE0GAecev/83","tlshash":"d0d1c7d931c5b06363b364a900bf414ad3b7e7d119de0809e65a95d1be74f8e0163e3b","size":6318,"data":"","first_seen":"2023-03-07T01:16:07Z","last_seen":"2026-06-20T13:37:45.06853Z","times_seen":391,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"reative-sua-assinatura.fun/public/javascripts/bootstrap.bundle.min.js","fqdn":"reative-sua-assinatura.fun","domain":"reative-sua-assinatura.fun","tld":"fun"},"ip":{"addr":"104.21.32.13","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2e477967e482f32e65d4ea9b2fd8e106","sha1":"ddc6e9ead6d16ae9237399ce41e8c1620cc59c36","sha256":"0833b2e9c3a26c258476c46266e6877fc75218625162e0460be9a3a098a61c6c","sha512":"ecf8bfa2d7656db091f8b9d6f85ecfc057120c93ae5090773b1b441db838bd232fcef26375ee0fa35bf8051f4675cf5a5cd50d155518f922b9d70593f161741a","ssdeep":"1536:WmwIiEEO+TBR2t4J9RirWDKsVA5y7fy3YJtC/r/45wZbfbXZTb0WU078:HwORx3YCD45wZbDZTb0g8","tlshash":"ce73c5593244b4730ade85b68037430bf2265998b24b812cb57cadde2a7dcc67277f78","size":80721,"data":"","first_seen":"2024-02-25T11:27:02Z","last_seen":"2026-06-20T17:33:07.069857Z","times_seen":27605,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"reative-sua-assinatura.fun/public/javascripts/extra.js","fqdn":"reative-sua-assinatura.fun","domain":"reative-sua-assinatura.fun","tld":"fun"},"ip":{"addr":"104.21.32.13","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6817fee49a42f8b09c0ef6c295d31284","sha1":"9bc2996ae7a3888ab4b7e3829aee0cbefc9e5d95","sha256":"a8420002621731ad5b96f42ba7b609cf4ff295bbb02e8fc0645c506b11106fb7","sha512":"f4f98b2004c4778c343b17531eaeb5a75da542a6bc3ad0c2ea75eed3e4b521c6fcd34a31a000e57be81a3df9805cb6b7e4a4af93fe9b19e3517e2de7ab41efbf","ssdeep":"1536:LgU9nXn+CiOVtyKze8M0nfoQd45x/8FC5vvWutRgEchtz0bFX:RnX+JOHzPMGwZ8F2nJtCtz0b5","tlshash":"a3a3f8dcb296b47113eb20b1417f050bf33a6915a84ac590f223e4d67db8c4e91abe7d","size":107155,"data":"","first_seen":"2023-03-10T20:10:58Z","last_seen":"2026-06-20T13:37:45.069632Z","times_seen":71,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"reative-sua-assinatura.fun/public/pages/index.js?id=ap1","fqdn":"reative-sua-assinatura.fun","domain":"reative-sua-assinatura.fun","tld":"fun"},"ip":{"addr":"104.21.32.13","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"7633970281bc8ce97d2014753a108531","sha1":"07b992aef0fa77dcabe67b2c94948c6d5f380f1c","sha256":"2f57558a9f7ee23c012bb883df23c45413f8defd92d9c402d8635bc4d3d95850","sha512":"91d7fdbf98b14d6a06bd64966aad15865d4ac9b7d3699960590a23e81730ffe925ea8bbfe68057ff8bad4a0cb39a7ded4bc8eae8c9298db7221281b860d8ea8e","ssdeep":"96:VrAvCPQC7AcQnoGm3ocAx5EMOLjoWPA0C:V0Up3ocAx5jOLj/PDC","tlshash":"94c1ee6155c50577027381d55f728f49fe29a24bc91bd268baec0b836ff3c02cd63a49","size":5900,"data":"","first_seen":"2025-12-22T13:44:50.87162Z","last_seen":"2026-06-20T13:37:45.065186Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"reative-sua-assinatura.fun/access.php?verify=LBUXW2XBLBUX-XO60-LBUXXO60XO60-JNNGXO60\u0026identifyData=36ns5471g6qcku7uft5lcj1eph\u0026timeAttemp=1679091c5a880faf6fb5e6087eb1b2dc","fqdn":"reative-sua-assinatura.fun","domain":"reative-sua-assinatura.fun","tld":"fun"},"ip":{"addr":"104.21.32.13","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"67a516f6876a6d5a6acd917aabe0571f","sha1":"3cafb807a2d7fcf75a5092484795de52336ae1d0","sha256":"cb909329532746539d41f5fe0c5f508bbf8191744c706dd5969753aa14948bc3","sha512":"d1e5c6733679c02add10fd5ee5cabf27063897730f49f3b2aaa8d4898fc62b25844fa92e854abd5b29789c556564b54a8b5c0db0a1378b2cceae77019f8c4dea","ssdeep":"","tlshash":"d990028920d9651146e7216060261d46611504f024848c80915898592863070a5668ac","size":50,"data":"","first_seen":"2023-04-12T00:31:29Z","last_seen":"2026-06-20T15:57:47.522551Z","times_seen":4551,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"reative-sua-assinatura.fun/access.php?verify=LBUXW2XBLBUX-XO60-LBUXXO60XO60-JNNGXO60\u0026identifyData=36ns5471g6qcku7uft5lcj1eph\u0026timeAttemp=1679091c5a880faf6fb5e6087eb1b2dc","fqdn":"reative-sua-assinatura.fun","domain":"reative-sua-assinatura.fun","tld":"fun"},"ip":{"addr":"104.21.32.13","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"93278fef81f2d67a91e02c797e0f62ed","sha1":"559520b2423b547f9b249026ca93a3024fae012e","sha256":"f366d12c0f1b25d81ad2857cbfb8f6d95b67f3aae95af08610125ba374fa253e","sha512":"8441bcd96e197761b6411a2292c3c9897135784f1a253d25e75992ca667dc9953ef75ee6ada54bc9e6c983250afa26ff9e569841baa9ea36f0e7bdf92c7539c4","ssdeep":"","tlshash":"1c71591619eef6b2dd069512055cfeb1e45a8afbc035a4c5f9bccd2092ecae00b1e13d","size":3611,"data":"","first_seen":"2025-12-22T13:44:50.952151Z","last_seen":"2026-06-20T13:37:45.07217Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"reative-sua-assinatura.fun/access.php?verify=LBUXW2XBLBUX-XO60-LBUXXO60XO60-JNNGXO60\u0026identifyData=36ns5471g6qcku7uft5lcj1eph\u0026timeAttemp=1679091c5a880faf6fb5e6087eb1b2dc","fqdn":"reative-sua-assinatura.fun","domain":"reative-sua-assinatura.fun","tld":"fun"},"ip":{"addr":"104.21.32.13","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-20T12:15:51.517Z","timestamp":1781957751517,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"reative-sua-assinatura.fun","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Jun 2026 16:31:28 GMT","end":"Wed, 09 Sep 2026 17:29:16 GMT"},"fingerprint":{"sha1":"A3:00:EF:05:F3:64:69:C7:0F:56:EE:6A:9C:D5:95:ED:F4:C4:04:92","sha256":"84:82:36:E9:66:42:F5:71:E7:B2:78:64:3B:5A:46:04:A7:A3:78:85:32:9D:AF:3C:DB:C7:1B:C0:17:18:40:C4"}}},"request":{"raw":"GET /access.php?verify=LBUXW2XBLBUX-XO60-LBUXXO60XO60-JNNGXO60\u0026identifyData=36ns5471g6qcku7uft5lcj1eph\u0026timeAttemp=1679091c5a880faf6fb5e6087eb1b2dc HTTP/1.1\r\nHost: reative-sua-assinatura.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=36ns5471g6qcku7uft5lcj1eph\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ndate: Sat, 20 Jun 2026 12:15:51 GMT\r\nserver: cloudflare\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nvary: Accept-Encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=0,i\r\ncontent-encoding: zstd\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IyB6KjgoN6P8LyqtwYs2RwJRZHpVapO%2Bm8ItLuxSCLSBTIZHfO%2F%2BC0wjYnkPoOubpYjNmoeTXaGelljDChVHzcqDuGET0akEw43QCuH8ubuXmNX6nzRA7YLgI0NTHQfdgIe9wfmDyI4GW1Zo%2FQ%3D%3D\"}]}\r\ncontent-type: text/html; charset=UTF-8\r\ncf-cache-status: DYNAMIC\r\ncf-ray: a0eab38b0a640883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":1191,"size_decoded":1266,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"15d60eb57f9c454ad9fad80dca161fe7","sha1":"c92a893cdfb41e870b26e6fedc4d327b9a9f140d","sha256":"a695573e18c0dfe864f19a5c5ba1f872ac1ef01ba3af00be1792c3bc2e30c0f9","sha512":"f4ae0d4c5fb1247ca8ca90aa12984916354a95b73d7a2655ce1f7eb186576965249270106d4af475ec6398eb522587fe6061d111e8ff6a78d911796edb400540","ssdeep":"","tlshash":"32213047ae41485d0231ac68a4d1f499cfa39896a6134d12f2ed345b0ee0bdc8cd3916","first_seen":"2025-12-22T13:44:50.89404Z","last_seen":"2026-06-20T13:37:45.064149Z","times_seen":4,"resource_available":true,"data":null}},"time_used":192,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":192,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"reative-sua-assinatura.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"reative-sua-assinatura.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-20","alert":"Phishing Block","trigger":"reative-sua-assinatura.fun","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"reative-sua-assinatura.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Netflix","verdict":"phishing","severity":"medium","comment":"Associated with Netflix phishing","tags":["netflix","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"reative-sua-assinatura.fun/public/styles/bootstrap.min.css","fqdn":"reative-sua-assinatura.fun","domain":"reative-sua-assinatura.fun","tld":"fun"},"ip":{"addr":"104.21.32.13","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://reative-sua-assinatura.fun/access.php?verify=LBUXW2XBLBUX-XO60-LBUXXO60XO60-JNNGXO60\u0026identifyData=36ns5471g6qcku7uft5lcj1eph\u0026timeAttemp=1679091c5a880faf6fb5e6087eb1b2dc","date":"2026-06-20T12:15:51.982Z","timestamp":1781957751982,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"reative-sua-assinatura.fun","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Jun 2026 16:31:28 GMT","end":"Wed, 09 Sep 2026 17:29:16 GMT"},"fingerprint":{"sha1":"A3:00:EF:05:F3:64:69:C7:0F:56:EE:6A:9C:D5:95:ED:F4:C4:04:92","sha256":"84:82:36:E9:66:42:F5:71:E7:B2:78:64:3B:5A:46:04:A7:A3:78:85:32:9D:AF:3C:DB:C7:1B:C0:17:18:40:C4"}}},"request":{"raw":"GET /public/styles/bootstrap.min.css HTTP/1.1\r\nHost: reative-sua-assinatura.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://reative-sua-assinatura.fun/access.php?verify=LBUXW2XBLBUX-XO60-LBUXXO60XO60-JNNGXO60\u0026identifyData=36ns5471g6qcku7uft5lcj1eph\u0026timeAttemp=1679091c5a880faf6fb5e6087eb1b2dc\r\nCookie: PHPSESSID=36ns5471g6qcku7uft5lcj1eph\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ndate: Sat, 20 Jun 2026 12:15:51 GMT\r\nserver: cloudflare\r\nlast-modified: Sat, 31 Aug 2024 16:23:28 GMT\r\netag: \"38d63-620fd20b7e000-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jdqi8bXGDQggSvoewc2uksefpIpvwf5nV%2BbsoOs7eFYiecwzqDkKAVQFNlvJG6%2BNK0c9GbpqU90rvAAvz1xJsF0q%2BeXOp0wH2z9j7AoY4VO0569uEUl7PlAP%2FMfwkg8Y1yFxelEQ9RoSjIVNiQ%3D%3D\"}]}\r\ncontent-type: text/css\r\nage: 69\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-length: 31248\r\ncf-ray: a0eab38dead00883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":232803,"size_decoded":32025,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (65342)","md5":"a549af2a81cd9900ee897d8bc9c4b5e9","sha1":"c5ac1dee961cb59a045256ec203f69e317872f7c","sha256":"3c8f27e6009ccfd710a905e6dcf12d0ee3c6f2ac7da05b0572d3e0d12e736fc8","sha512":"8e74ae0384acd8f9248a448e2ed62cf0195821e7882b587df6dcb861fbd13c0973af7efbbebdc25c36fbb1bede1040588c3b5c623f808c11f714bbf9b9226e5e","ssdeep":"1536:O9YnIWbn98fdRfvO5wlP77k9P3EV98IsYRElV6V6pz600I41r:RnIw98fbV986I6V6pz600I41r","tlshash":"dc3482d6f590317d9ca7c1499681fefd896fa985cb120aa6f003776807cabd30962dcc","first_seen":"2024-02-25T11:27:02Z","last_seen":"2026-06-20T17:38:51.351776Z","times_seen":23498,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"reative-sua-assinatura.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-20","alert":"Phishing Block","trigger":"reative-sua-assinatura.fun","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"reative-sua-assinatura.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"reative-sua-assinatura.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Netflix","verdict":"phishing","severity":"medium","comment":"Associated with Netflix phishing","tags":["netflix","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"reative-sua-assinatura.fun/public/javascripts/jquery.min.js","fqdn":"reative-sua-assinatura.fun","domain":"reative-sua-assinatura.fun","tld":"fun"},"ip":{"addr":"104.21.32.13","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://reative-sua-assinatura.fun/access.php?verify=LBUXW2XBLBUX-XO60-LBUXXO60XO60-JNNGXO60\u0026identifyData=36ns5471g6qcku7uft5lcj1eph\u0026timeAttemp=1679091c5a880faf6fb5e6087eb1b2dc","date":"2026-06-20T12:15:51.986Z","timestamp":1781957751986,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"reative-sua-assinatura.fun","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Jun 2026 16:31:28 GMT","end":"Wed, 09 Sep 2026 17:29:16 GMT"},"fingerprint":{"sha1":"A3:00:EF:05:F3:64:69:C7:0F:56:EE:6A:9C:D5:95:ED:F4:C4:04:92","sha256":"84:82:36:E9:66:42:F5:71:E7:B2:78:64:3B:5A:46:04:A7:A3:78:85:32:9D:AF:3C:DB:C7:1B:C0:17:18:40:C4"}}},"request":{"raw":"GET /public/javascripts/jquery.min.js HTTP/1.1\r\nHost: reative-sua-assinatura.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://reative-sua-assinatura.fun/access.php?verify=LBUXW2XBLBUX-XO60-LBUXXO60XO60-JNNGXO60\u0026identifyData=36ns5471g6qcku7uft5lcj1eph\u0026timeAttemp=1679091c5a880faf6fb5e6087eb1b2dc\r\nCookie: PHPSESSID=36ns5471g6qcku7uft5lcj1eph\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ndate: Sat, 20 Jun 2026 12:15:51 GMT\r\nserver: cloudflare\r\nlast-modified: Mon, 29 Nov 2021 16:26:44 GMT\r\netag: \"15d9c-5d1efe80b5900-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EI1IQ7CYQIAGp2krLjVmPmdEd%2BQk8u0yC2fmGNzF3N3QMFtVyucg4VnCK7g2jUJWrgHDaR3qxiwOHys3vm7AVMIqszigRVFhmhUFoHYT38POciUfnNZA%2BNsbaZW0JCh5LxKUBgNFyZI%2Bh2J%2BPw%3D%3D\"}]}\r\ncontent-type: text/javascript\r\nage: 69\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-length: 30900\r\ncf-ray: a0eab38dfad30883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":89500,"size_decoded":31684,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"7c14a783dfeb3d238ccd3edd840d82ee","sha1":"ad886e472b3557f3dc7dfa2bc43468ab8d1cef5b","sha256":"80f04717f32ea0320c5e8618fbacedd1fee3a8775ad8292140a6113551d4b5b0","sha512":"fa3e021ca60a9adbe570c6565c7370727904c4396c23a4c519daf258d05fae3e17bfb7607a0ab6dfe2b7150a4ec1b6a95e6d49675291be5f6a4e5679ad78d858","ssdeep":"1536:DjExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1vN:DIh8GgP3hujzwbhd3XvSiDQ47GK/","tlshash":"6f9309ddb2c6702257a720ba007f510bf236199d6c4d8450f169d8eabc78a4e827bf7d","first_seen":"2023-03-07T01:06:20Z","last_seen":"2026-06-20T16:33:24.979011Z","times_seen":20150,"resource_available":true,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"reative-sua-assinatura.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"reative-sua-assinatura.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-20","alert":"Phishing Block","trigger":"reative-sua-assinatura.fun","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"reative-sua-assinatura.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Netflix","verdict":"phishing","severity":"medium","comment":"Associated with Netflix phishing","tags":["netflix","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"reative-sua-assinatura.fun/public/javascripts/jquery.mask.js","fqdn":"reative-sua-assinatura.fun","domain":"reative-sua-assinatura.fun","tld":"fun"},"ip":{"addr":"104.21.32.13","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://reative-sua-assinatura.fun/access.php?verify=LBUXW2XBLBUX-XO60-LBUXXO60XO60-JNNGXO60\u0026identifyData=36ns5471g6qcku7uft5lcj1eph\u0026timeAttemp=1679091c5a880faf6fb5e6087eb1b2dc","date":"2026-06-20T12:15:51.989Z","timestamp":1781957751989,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"reative-sua-assinatura.fun","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Jun 2026 16:31:28 GMT","end":"Wed, 09 Sep 2026 17:29:16 GMT"},"fingerprint":{"sha1":"A3:00:EF:05:F3:64:69:C7:0F:56:EE:6A:9C:D5:95:ED:F4:C4:04:92","sha256":"84:82:36:E9:66:42:F5:71:E7:B2:78:64:3B:5A:46:04:A7:A3:78:85:32:9D:AF:3C:DB:C7:1B:C0:17:18:40:C4"}}},"request":{"raw":"GET /public/javascripts/jquery.mask.js HTTP/1.1\r\nHost: reative-sua-assinatura.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://reative-sua-assinatura.fun/access.php?verify=LBUXW2XBLBUX-XO60-LBUXXO60XO60-JNNGXO60\u0026identifyData=36ns5471g6qcku7uft5lcj1eph\u0026timeAttemp=1679091c5a880faf6fb5e6087eb1b2dc\r\nCookie: PHPSESSID=36ns5471g6qcku7uft5lcj1eph\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ndate: Sat, 20 Jun 2026 12:15:52 GMT\r\nserver: cloudflare\r\nlast-modified: Wed, 29 Aug 2018 22:17:30 GMT\r\netag: \"18ae-5749a53025280-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RqJ21mdn892KaRD1KJkQf0aBNwxBOAPU8EPIXrJipgH%2FoCtxI9SxHXmScyaGyhM0akOwqBL3ZmQUmi5KAOu5TyV3WV0%2F53gVs1Oa6OZfJwyJTB3fYdG0GC%2FyFXJRHCJDNTDiNjFSx%2FlSVoOjsw%3D%3D\"}]}\r\ncontent-type: text/javascript\r\nage: 69\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-length: 2669\r\ncf-ray: a0eab38dfad40883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6318,"size_decoded":3451,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (532)","md5":"3b5470c70d12e8ac4f31d995c3c027f6","sha1":"f92de41b26d5e744f6335660c2b0d10d21bee210","sha256":"3b775d6e0b0f5cff98aca4daaa7f27a7c3678f39d1f5186776bb14b63cc2f625","sha512":"12881df4695c0b599acaaae46724c38cda703697b5010cb713a7e25f178088ee5b720482f1f432d2f00e970d4274d478e5b83dac6880d2511f00730ec3f5dfee","ssdeep":"96:AZa87Yu4Evyymrdew8UjXp9PZiUZK5QaZuBIiE07Z2myAeKJevlK7ZXO83:P87cxrQwz9kB5QaZuBIiE0GAecev/83","tlshash":"d0d1c7d931c5b06363b364a900bf414ad3b7e7d119de0809e65a95d1be74f8e0163e3b","first_seen":"2023-03-07T01:16:07Z","last_seen":"2026-06-20T13:37:45.06853Z","times_seen":391,"resource_available":true,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-20","alert":"Phishing Block","trigger":"reative-sua-assinatura.fun","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"reative-sua-assinatura.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"reative-sua-assinatura.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"reative-sua-assinatura.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Netflix","verdict":"phishing","severity":"medium","comment":"Associated with Netflix phishing","tags":["netflix","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"reative-sua-assinatura.fun/public/javascripts/bootstrap.bundle.min.js","fqdn":"reative-sua-assinatura.fun","domain":"reative-sua-assinatura.fun","tld":"fun"},"ip":{"addr":"104.21.32.13","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://reative-sua-assinatura.fun/access.php?verify=LBUXW2XBLBUX-XO60-LBUXXO60XO60-JNNGXO60\u0026identifyData=36ns5471g6qcku7uft5lcj1eph\u0026timeAttemp=1679091c5a880faf6fb5e6087eb1b2dc","date":"2026-06-20T12:15:51.991Z","timestamp":1781957751991,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"reative-sua-assinatura.fun","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Jun 2026 16:31:28 GMT","end":"Wed, 09 Sep 2026 17:29:16 GMT"},"fingerprint":{"sha1":"A3:00:EF:05:F3:64:69:C7:0F:56:EE:6A:9C:D5:95:ED:F4:C4:04:92","sha256":"84:82:36:E9:66:42:F5:71:E7:B2:78:64:3B:5A:46:04:A7:A3:78:85:32:9D:AF:3C:DB:C7:1B:C0:17:18:40:C4"}}},"request":{"raw":"GET /public/javascripts/bootstrap.bundle.min.js HTTP/1.1\r\nHost: reative-sua-assinatura.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://reative-sua-assinatura.fun/access.php?verify=LBUXW2XBLBUX-XO60-LBUXXO60XO60-JNNGXO60\u0026identifyData=36ns5471g6qcku7uft5lcj1eph\u0026timeAttemp=1679091c5a880faf6fb5e6087eb1b2dc\r\nCookie: PHPSESSID=36ns5471g6qcku7uft5lcj1eph\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ndate: Sat, 20 Jun 2026 12:15:51 GMT\r\nserver: cloudflare\r\nlast-modified: Sat, 31 Aug 2024 16:23:42 GMT\r\netag: \"13b51-620fd218d7f80-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3rRkCZbrt04WN0WyiknsrXtZK9FQiH8DOVmskclcZ2C60WbkTwQ6MBg6ucKQHYh88AKOWDv7y97q6FMmxXXKdI%2F5HiMd1wCRTX1iITKhku2kh1YhvPhDbqK99ox1rjwJ6%2B6dHw2hcvRbxXL67Q%3D%3D\"}]}\r\ncontent-type: text/javascript\r\nage: 69\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-length: 23799\r\ncf-ray: a0eab38dfad50883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":80721,"size_decoded":24579,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65299)","md5":"2e477967e482f32e65d4ea9b2fd8e106","sha1":"ddc6e9ead6d16ae9237399ce41e8c1620cc59c36","sha256":"0833b2e9c3a26c258476c46266e6877fc75218625162e0460be9a3a098a61c6c","sha512":"ecf8bfa2d7656db091f8b9d6f85ecfc057120c93ae5090773b1b441db838bd232fcef26375ee0fa35bf8051f4675cf5a5cd50d155518f922b9d70593f161741a","ssdeep":"1536:WmwIiEEO+TBR2t4J9RirWDKsVA5y7fy3YJtC/r/45wZbfbXZTb0WU078:HwORx3YCD45wZbDZTb0g8","tlshash":"ce73c5593244b4730ade85b68037430bf2265998b24b812cb57cadde2a7dcc67277f78","first_seen":"2024-02-25T11:27:02Z","last_seen":"2026-06-20T17:33:07.069857Z","times_seen":27605,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"reative-sua-assinatura.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-20","alert":"Phishing Block","trigger":"reative-sua-assinatura.fun","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"reative-sua-assinatura.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"reative-sua-assinatura.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Netflix","verdict":"phishing","severity":"medium","comment":"Associated with Netflix phishing","tags":["netflix","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"reative-sua-assinatura.fun/public/javascripts/extra.js","fqdn":"reative-sua-assinatura.fun","domain":"reative-sua-assinatura.fun","tld":"fun"},"ip":{"addr":"104.21.32.13","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://reative-sua-assinatura.fun/access.php?verify=LBUXW2XBLBUX-XO60-LBUXXO60XO60-JNNGXO60\u0026identifyData=36ns5471g6qcku7uft5lcj1eph\u0026timeAttemp=1679091c5a880faf6fb5e6087eb1b2dc","date":"2026-06-20T12:15:52.028Z","timestamp":1781957752028,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"reative-sua-assinatura.fun","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Jun 2026 16:31:28 GMT","end":"Wed, 09 Sep 2026 17:29:16 GMT"},"fingerprint":{"sha1":"A3:00:EF:05:F3:64:69:C7:0F:56:EE:6A:9C:D5:95:ED:F4:C4:04:92","sha256":"84:82:36:E9:66:42:F5:71:E7:B2:78:64:3B:5A:46:04:A7:A3:78:85:32:9D:AF:3C:DB:C7:1B:C0:17:18:40:C4"}}},"request":{"raw":"GET /public/javascripts/extra.js HTTP/1.1\r\nHost: reative-sua-assinatura.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://reative-sua-assinatura.fun/access.php?verify=LBUXW2XBLBUX-XO60-LBUXXO60XO60-JNNGXO60\u0026identifyData=36ns5471g6qcku7uft5lcj1eph\u0026timeAttemp=1679091c5a880faf6fb5e6087eb1b2dc\r\nCookie: PHPSESSID=36ns5471g6qcku7uft5lcj1eph\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ndate: Sat, 20 Jun 2026 12:15:52 GMT\r\nserver: cloudflare\r\nlast-modified: Thu, 10 Nov 2022 16:33:18 GMT\r\netag: \"1a293-5ed20549f0f80-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eQB0lfUiimMYcEys3zALZQEtF1Zmn2us%2FjyC0AIfHqVwve7eK1p%2F%2FRh2CYz3ilyASwKzTUIoaBBtoLj3AOX8%2FWM%2FWVGP00AK0N0vUL2Ik4QVBLhQVqwBRz4iJ0stRwGGyrZJGbzta8D%2Fb0tt3A%3D%3D\"}]}\r\ncontent-type: text/javascript\r\nage: 69\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-length: 38375\r\ncf-ray: a0eab38e3ae10883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":107155,"size_decoded":39163,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65362)","md5":"6817fee49a42f8b09c0ef6c295d31284","sha1":"9bc2996ae7a3888ab4b7e3829aee0cbefc9e5d95","sha256":"a8420002621731ad5b96f42ba7b609cf4ff295bbb02e8fc0645c506b11106fb7","sha512":"f4f98b2004c4778c343b17531eaeb5a75da542a6bc3ad0c2ea75eed3e4b521c6fcd34a31a000e57be81a3df9805cb6b7e4a4af93fe9b19e3517e2de7ab41efbf","ssdeep":"1536:LgU9nXn+CiOVtyKze8M0nfoQd45x/8FC5vvWutRgEchtz0bFX:RnX+JOHzPMGwZ8F2nJtCtz0b5","tlshash":"a3a3f8dcb296b47113eb20b1417f050bf33a6915a84ac590f223e4d67db8c4e91abe7d","first_seen":"2023-03-10T20:10:58Z","last_seen":"2026-06-20T13:37:45.069632Z","times_seen":71,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"reative-sua-assinatura.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"reative-sua-assinatura.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-20","alert":"Phishing Block","trigger":"reative-sua-assinatura.fun","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"reative-sua-assinatura.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Netflix","verdict":"phishing","severity":"medium","comment":"Associated with Netflix phishing","tags":["netflix","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"reative-sua-assinatura.fun/public/pages/index.js?id=ap1","fqdn":"reative-sua-assinatura.fun","domain":"reative-sua-assinatura.fun","tld":"fun"},"ip":{"addr":"104.21.32.13","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://reative-sua-assinatura.fun/access.php?verify=LBUXW2XBLBUX-XO60-LBUXXO60XO60-JNNGXO60\u0026identifyData=36ns5471g6qcku7uft5lcj1eph\u0026timeAttemp=1679091c5a880faf6fb5e6087eb1b2dc","date":"2026-06-20T12:15:52.030Z","timestamp":1781957752030,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"reative-sua-assinatura.fun","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Jun 2026 16:31:28 GMT","end":"Wed, 09 Sep 2026 17:29:16 GMT"},"fingerprint":{"sha1":"A3:00:EF:05:F3:64:69:C7:0F:56:EE:6A:9C:D5:95:ED:F4:C4:04:92","sha256":"84:82:36:E9:66:42:F5:71:E7:B2:78:64:3B:5A:46:04:A7:A3:78:85:32:9D:AF:3C:DB:C7:1B:C0:17:18:40:C4"}}},"request":{"raw":"GET /public/pages/index.js?id=ap1 HTTP/1.1\r\nHost: reative-sua-assinatura.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://reative-sua-assinatura.fun/access.php?verify=LBUXW2XBLBUX-XO60-LBUXXO60XO60-JNNGXO60\u0026identifyData=36ns5471g6qcku7uft5lcj1eph\u0026timeAttemp=1679091c5a880faf6fb5e6087eb1b2dc\r\nCookie: PHPSESSID=36ns5471g6qcku7uft5lcj1eph\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ndate: Sat, 20 Jun 2026 12:15:52 GMT\r\nserver: cloudflare\r\nlast-modified: Thu, 05 Sep 2024 12:55:38 GMT\r\netag: \"170c-6215ecea7a680-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kOoO%2BJDxxvaDhTa%2BMxmCiosjKqNvO11pVpI8yG5f%2BFb4gbX3%2Fn%2B0Jr7bRxGpUgWYPdjWioxSj9v0a8B0WR4laOmZMHmqoDByn3leS2BTIXWA8PlUEbc%2BpUBmdbigfS%2FqxVuDT40trL7oKcvpEg%3D%3D\"}]}\r\ncontent-type: text/javascript\r\nage: 69\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-length: 1779\r\ncf-ray: a0eab38e3ae20883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5900,"size_decoded":2567,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators","md5":"7633970281bc8ce97d2014753a108531","sha1":"07b992aef0fa77dcabe67b2c94948c6d5f380f1c","sha256":"2f57558a9f7ee23c012bb883df23c45413f8defd92d9c402d8635bc4d3d95850","sha512":"91d7fdbf98b14d6a06bd64966aad15865d4ac9b7d3699960590a23e81730ffe925ea8bbfe68057ff8bad4a0cb39a7ded4bc8eae8c9298db7221281b860d8ea8e","ssdeep":"96:VrAvCPQC7AcQnoGm3ocAx5EMOLjoWPA0C:V0Up3ocAx5jOLj/PDC","tlshash":"94c1ee6155c50577027381d55f728f49fe29a24bc91bd268baec0b836ff3c02cd63a49","first_seen":"2025-12-22T13:44:50.87162Z","last_seen":"2026-06-20T13:37:45.065186Z","times_seen":4,"resource_available":true,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"reative-sua-assinatura.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-20","alert":"Phishing Block","trigger":"reative-sua-assinatura.fun","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"reative-sua-assinatura.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"reative-sua-assinatura.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Netflix","verdict":"phishing","severity":"medium","comment":"Associated with Netflix phishing","tags":["netflix","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"reative-sua-assinatura.fun/public/images/background.jpg","fqdn":"reative-sua-assinatura.fun","domain":"reative-sua-assinatura.fun","tld":"fun"},"ip":{"addr":"104.21.32.13","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://reative-sua-assinatura.fun/access.php?verify=LBUXW2XBLBUX-XO60-LBUXXO60XO60-JNNGXO60\u0026identifyData=36ns5471g6qcku7uft5lcj1eph\u0026timeAttemp=1679091c5a880faf6fb5e6087eb1b2dc","date":"2026-06-20T12:15:52.070Z","timestamp":1781957752070,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"reative-sua-assinatura.fun","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Jun 2026 16:31:28 GMT","end":"Wed, 09 Sep 2026 17:29:16 GMT"},"fingerprint":{"sha1":"A3:00:EF:05:F3:64:69:C7:0F:56:EE:6A:9C:D5:95:ED:F4:C4:04:92","sha256":"84:82:36:E9:66:42:F5:71:E7:B2:78:64:3B:5A:46:04:A7:A3:78:85:32:9D:AF:3C:DB:C7:1B:C0:17:18:40:C4"}}},"request":{"raw":"GET /public/images/background.jpg HTTP/1.1\r\nHost: reative-sua-assinatura.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://reative-sua-assinatura.fun/public/styles/all.css?id=ap1\r\nCookie: PHPSESSID=36ns5471g6qcku7uft5lcj1eph\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ndate: Sat, 20 Jun 2026 12:15:52 GMT\r\nserver: cloudflare\r\nlast-modified: Sat, 31 Aug 2024 18:31:04 GMT\r\netag: \"4f064-620fee90d2a00\"\r\naccept-ranges: bytes\r\npriority: u=4,i\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=X4l%2FEQCZHTKdPu1JEFhR9i0gCmMf4GRIQzEeJh96rQIcyLpvWq0IRh6ALkczpfcjDFUA2Pbzb%2Fdfr4bB%2BBROnsU1x7VfPLaNK1o7Xe7tsfCCiAudtUfrntb%2BoPQ8eKHvWLZXQjsIU615s26rJA%3D%3D\"}]}\r\ncontent-type: image/jpeg\r\nage: 68\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-length: 323684\r\ncf-ray: a0eab38e7afa0883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":323684,"size_decoded":324409,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=1125, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=2000], baseline, precision 8, 2000x1125, components 3","md5":"36b4a2601ead08b55f331781b0b0a1f8","sha1":"4a74aabd31f96fa3b68221b84a2ae1de2da93527","sha256":"3ff73054eed09776e709ebd470f23ec31c88379cd6c019742c528d34cfaea1ab","sha512":"1a8f0421a1f8edaff0b0ed8309f25b3cfe417d0042b01edc4670f7cbaa6566131055a680d1b502f11840ec8afd01f965457405503eaf320f5896831929f509b0","ssdeep":"6144:B2Z2kue6Ojv8k5nlG4a7Ye12SrgDtZ2QiFPn3aawmD1UbRANcmgqgFB7:u/j9ra35rItoQAP3aa32bRcRWF","tlshash":"bc64223e6248aeecced575b363a5dee290b6ad4271732499f32c3318371ce278815587","first_seen":"2025-12-22T13:44:50.865642Z","last_seen":"2026-06-20T13:37:45.065953Z","times_seen":4,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":9,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"reative-sua-assinatura.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-20","alert":"Phishing Block","trigger":"reative-sua-assinatura.fun","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"reative-sua-assinatura.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"reative-sua-assinatura.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Netflix","verdict":"phishing","severity":"medium","comment":"Associated with Netflix phishing","tags":["netflix","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"reative-sua-assinatura.fun/","fqdn":"reative-sua-assinatura.fun","domain":"reative-sua-assinatura.fun","tld":"fun"},"ip":{"addr":"104.21.32.13","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-20T12:15:50.926Z","timestamp":1781957750926,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"reative-sua-assinatura.fun","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Jun 2026 16:31:28 GMT","end":"Wed, 09 Sep 2026 17:29:16 GMT"},"fingerprint":{"sha1":"A3:00:EF:05:F3:64:69:C7:0F:56:EE:6A:9C:D5:95:ED:F4:C4:04:92","sha256":"84:82:36:E9:66:42:F5:71:E7:B2:78:64:3B:5A:46:04:A7:A3:78:85:32:9D:AF:3C:DB:C7:1B:C0:17:18:40:C4"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: reative-sua-assinatura.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 302 \r\ndate: Sat, 20 Jun 2026 12:15:51 GMT\r\nserver: cloudflare\r\nset-cookie: PHPSESSID=36ns5471g6qcku7uft5lcj1eph; path=/\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nlocation: /access.php?verify=LBUXW2XBLBUX-XO60-LBUXXO60XO60-JNNGXO60\u0026identifyData=36ns5471g6qcku7uft5lcj1eph\u0026timeAttemp=1679091c5a880faf6fb5e6087eb1b2dc\r\npriority: u=0,i\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LC8kcCRsLlDpIKiT856mGkphMvBIj7QKNiUPiSo0RsUZd4hDWLtHn2QRSpzPacPS%2Fgf%2BiGSvRSs4h%2FrfQbev9DvYHqVEj%2FUHM%2BjoAESZFTGwlfo%2BC57QsiI8t1BcCMvKBKjiT6gxLb3NxCu9%2BA%3D%3D\"}]}\r\ncontent-type: text/html; charset=UTF-8\r\ncf-cache-status: DYNAMIC\r\ncf-ray: a0eab38779e70883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"","fingerprints":[{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-20T17:29:48.779532Z","times_seen":16585560,"resource_available":true,"data":null}},"time_used":577,"timings":{"blocked":-1,"dns":6,"connect":19,"send":0,"wait":552,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-20","alert":"Phishing Block","trigger":"reative-sua-assinatura.fun","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"reative-sua-assinatura.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"reative-sua-assinatura.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"reative-sua-assinatura.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Netflix","verdict":"phishing","severity":"medium","comment":"Associated with Netflix phishing","tags":["netflix","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"reative-sua-assinatura.fun/public/styles/all.css?id=ap1","fqdn":"reative-sua-assinatura.fun","domain":"reative-sua-assinatura.fun","tld":"fun"},"ip":{"addr":"104.21.32.13","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://reative-sua-assinatura.fun/access.php?verify=LBUXW2XBLBUX-XO60-LBUXXO60XO60-JNNGXO60\u0026identifyData=36ns5471g6qcku7uft5lcj1eph\u0026timeAttemp=1679091c5a880faf6fb5e6087eb1b2dc","date":"2026-06-20T12:15:51.985Z","timestamp":1781957751985,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"reative-sua-assinatura.fun","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Jun 2026 16:31:28 GMT","end":"Wed, 09 Sep 2026 17:29:16 GMT"},"fingerprint":{"sha1":"A3:00:EF:05:F3:64:69:C7:0F:56:EE:6A:9C:D5:95:ED:F4:C4:04:92","sha256":"84:82:36:E9:66:42:F5:71:E7:B2:78:64:3B:5A:46:04:A7:A3:78:85:32:9D:AF:3C:DB:C7:1B:C0:17:18:40:C4"}}},"request":{"raw":"GET /public/styles/all.css?id=ap1 HTTP/1.1\r\nHost: reative-sua-assinatura.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://reative-sua-assinatura.fun/access.php?verify=LBUXW2XBLBUX-XO60-LBUXXO60XO60-JNNGXO60\u0026identifyData=36ns5471g6qcku7uft5lcj1eph\u0026timeAttemp=1679091c5a880faf6fb5e6087eb1b2dc\r\nCookie: PHPSESSID=36ns5471g6qcku7uft5lcj1eph\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ndate: Sat, 20 Jun 2026 12:15:51 GMT\r\nserver: cloudflare\r\nlast-modified: Tue, 03 Sep 2024 13:44:42 GMT\r\netag: \"e17-621374272c680-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XW48LvpX5QW5DTMDM%2F25Z3sVtiJ6V7wOnu9HCq5YYmqa9NRoM1k5HFCYp%2FtZUOSdflCYU8I8atxkTy1dEEGjY2FdMce2wbOw7jgIR%2Bo7Qytm8LiuW7qU1TyCd2rm5UR1keqbClQIB8N7S1p2uA%3D%3D\"}]}\r\ncontent-type: text/css\r\nage: 69\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-length: 1095\r\ncf-ray: a0eab38dead20883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3607,"size_decoded":1867,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"5a13c7fc527069ca422e3e85a9d2795f","sha1":"39ad29d0d76470edb8dfd803500418a41731de45","sha256":"b952cbd5d6ae5558e8d1f8b929a222cfc304eeb701424a2ab9c25c3b9078f7cf","sha512":"cd299c9f5644cc678ef640b960d4034704813c96ae42e157262e35d965a70c02581083a5ff18dbf3f70d3d9a744d892670dc80e0fa70ca16909a3ad621a04d5f","ssdeep":"","tlshash":"ee712357b197011d3123c0ba68e39acd3abf8941910692bcb7ba36d16d8b08bd533f85","first_seen":"2025-12-22T13:44:50.895591Z","last_seen":"2026-06-20T13:37:45.067407Z","times_seen":4,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"reative-sua-assinatura.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-20","alert":"Phishing Block","trigger":"reative-sua-assinatura.fun","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"reative-sua-assinatura.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"reative-sua-assinatura.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Netflix","verdict":"phishing","severity":"medium","comment":"Associated with Netflix phishing","tags":["netflix","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"reative-sua-assinatura.fun/public/images/logo.svg","fqdn":"reative-sua-assinatura.fun","domain":"reative-sua-assinatura.fun","tld":"fun"},"ip":{"addr":"104.21.32.13","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://reative-sua-assinatura.fun/access.php?verify=LBUXW2XBLBUX-XO60-LBUXXO60XO60-JNNGXO60\u0026identifyData=36ns5471g6qcku7uft5lcj1eph\u0026timeAttemp=1679091c5a880faf6fb5e6087eb1b2dc","date":"2026-06-20T12:15:52.121Z","timestamp":1781957752121,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"reative-sua-assinatura.fun","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Jun 2026 16:31:28 GMT","end":"Wed, 09 Sep 2026 17:29:16 GMT"},"fingerprint":{"sha1":"A3:00:EF:05:F3:64:69:C7:0F:56:EE:6A:9C:D5:95:ED:F4:C4:04:92","sha256":"84:82:36:E9:66:42:F5:71:E7:B2:78:64:3B:5A:46:04:A7:A3:78:85:32:9D:AF:3C:DB:C7:1B:C0:17:18:40:C4"}}},"request":{"raw":"GET /public/images/logo.svg HTTP/1.1\r\nHost: reative-sua-assinatura.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://reative-sua-assinatura.fun/access.php?verify=LBUXW2XBLBUX-XO60-LBUXXO60XO60-JNNGXO60\u0026identifyData=36ns5471g6qcku7uft5lcj1eph\u0026timeAttemp=1679091c5a880faf6fb5e6087eb1b2dc\r\nCookie: PHPSESSID=36ns5471g6qcku7uft5lcj1eph\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ndate: Sat, 20 Jun 2026 12:15:52 GMT\r\nserver: cloudflare\r\nlast-modified: Sat, 31 Aug 2024 16:28:48 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qseCj7g8Gi2KSTrXYvl%2Bohbw9c8STjZmRWHQN9wp9EHK1IUMMzGfTgaUwWVoOiUf%2F%2BGCF%2BcTCAwSi%2BwM5zg61IOw59SDIXI5lmOJXymbsM2zqYIibZlHZo6g6PeZ1OVINgXEI1RkPS3mE%2B0C9w%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-encoding: zstd\r\netag: W/\"95e-620fd33cab000\"\r\ncontent-type: image/svg+xml\r\nage: 68\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncf-ray: a0eab38ecb050883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2398,"size_decoded":1679,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"277cf9f609993497a7b725a7a25c05da","sha1":"6c70ddbf1a997dce89a7b8684fa39f4f212cb544","sha256":"55332d7ca5104ca9e4cba5e29c63a7687c3b820a6da4964fdd1f142b8ac1328c","sha512":"477d9dd21aaf66472199d57ca021326d1eb728eaafa284bb0365ce4b9862e585c12f32e73cc1576b90cc2afdfb5d00f5e3190db24660cda0963fbac3e76cbbcd","ssdeep":"","tlshash":"28415395f3ad17d3ac66468bb6ca0df3391347b1f4a05248a5bc0e2409664e0853dd63","first_seen":"2025-12-22T13:44:50.885174Z","last_seen":"2026-06-20T13:37:45.070185Z","times_seen":4,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"reative-sua-assinatura.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"reative-sua-assinatura.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"reative-sua-assinatura.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-20","alert":"Phishing Block","trigger":"reative-sua-assinatura.fun","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Netflix","verdict":"phishing","severity":"medium","comment":"Associated with Netflix phishing","tags":["netflix","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"reative-sua-assinatura.fun/public/images/select-off.png?id=ap1","fqdn":"reative-sua-assinatura.fun","domain":"reative-sua-assinatura.fun","tld":"fun"},"ip":{"addr":"104.21.32.13","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://reative-sua-assinatura.fun/access.php?verify=LBUXW2XBLBUX-XO60-LBUXXO60XO60-JNNGXO60\u0026identifyData=36ns5471g6qcku7uft5lcj1eph\u0026timeAttemp=1679091c5a880faf6fb5e6087eb1b2dc","date":"2026-06-20T12:15:52.123Z","timestamp":1781957752123,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"reative-sua-assinatura.fun","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Jun 2026 16:31:28 GMT","end":"Wed, 09 Sep 2026 17:29:16 GMT"},"fingerprint":{"sha1":"A3:00:EF:05:F3:64:69:C7:0F:56:EE:6A:9C:D5:95:ED:F4:C4:04:92","sha256":"84:82:36:E9:66:42:F5:71:E7:B2:78:64:3B:5A:46:04:A7:A3:78:85:32:9D:AF:3C:DB:C7:1B:C0:17:18:40:C4"}}},"request":{"raw":"GET /public/images/select-off.png?id=ap1 HTTP/1.1\r\nHost: reative-sua-assinatura.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://reative-sua-assinatura.fun/access.php?verify=LBUXW2XBLBUX-XO60-LBUXXO60XO60-JNNGXO60\u0026identifyData=36ns5471g6qcku7uft5lcj1eph\u0026timeAttemp=1679091c5a880faf6fb5e6087eb1b2dc\r\nCookie: PHPSESSID=36ns5471g6qcku7uft5lcj1eph\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ndate: Sat, 20 Jun 2026 12:15:52 GMT\r\nserver: cloudflare\r\nlast-modified: Sat, 31 Aug 2024 22:33:56 GMT\r\netag: \"220-621024d9c3d00\"\r\naccept-ranges: bytes\r\npriority: u=5,i\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2adXTp4c851BmMew5ffnX5AKgjv4%2FY%2FydM9O3zxoIgrYfIQiulo7RxcnOR52E2cwPpoaCz6K5vvFo25HAyD5hryX0zMxV2elM%2BCok8BIYrfGX%2FfsGbkSvywK%2BLJukQFsx5Wa29TYw2g1N87wQg%3D%3D\"}]}\r\ncontent-type: image/png\r\nage: 68\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-length: 544\r\ncf-ray: a0eab38ecb070883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":544,"size_decoded":1265,"mime_type":"image/png","magic":"PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced","md5":"b3a6f749abfde2d042116dc7a8b32b1c","sha1":"3c24c947394c66ff25588f00d63c74b41dde8773","sha256":"baac0343237537b00ac37eb6a31ae4d120b89c73e7e17101a3ef035da642d930","sha512":"4ec40155666910c80e653b40e4546aab9fbc8700c3f430c98cceaa90188a458fe488f0a99cf9e21dc97bd4341101ac7110d8f16f8c83aae60e55b7cc87be1fa5","ssdeep":"","tlshash":"0bf026cb0e4dfe3bd9528a210b051544fdb3197e5936889039ed31bfcdb8e48b6b4120","first_seen":"2025-12-22T13:44:50.876327Z","last_seen":"2026-06-20T13:37:45.066458Z","times_seen":4,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-20","alert":"Phishing Block","trigger":"reative-sua-assinatura.fun","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"reative-sua-assinatura.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"reative-sua-assinatura.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"reative-sua-assinatura.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Netflix","verdict":"phishing","severity":"medium","comment":"Associated with Netflix phishing","tags":["netflix","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"reative-sua-assinatura.fun/public/images/favicon.ico?id=ap1","fqdn":"reative-sua-assinatura.fun","domain":"reative-sua-assinatura.fun","tld":"fun"},"ip":{"addr":"104.21.32.13","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://reative-sua-assinatura.fun/access.php?verify=LBUXW2XBLBUX-XO60-LBUXXO60XO60-JNNGXO60\u0026identifyData=36ns5471g6qcku7uft5lcj1eph\u0026timeAttemp=1679091c5a880faf6fb5e6087eb1b2dc","date":"2026-06-20T12:15:52.155Z","timestamp":1781957752155,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"reative-sua-assinatura.fun","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Jun 2026 16:31:28 GMT","end":"Wed, 09 Sep 2026 17:29:16 GMT"},"fingerprint":{"sha1":"A3:00:EF:05:F3:64:69:C7:0F:56:EE:6A:9C:D5:95:ED:F4:C4:04:92","sha256":"84:82:36:E9:66:42:F5:71:E7:B2:78:64:3B:5A:46:04:A7:A3:78:85:32:9D:AF:3C:DB:C7:1B:C0:17:18:40:C4"}}},"request":{"raw":"GET /public/images/favicon.ico?id=ap1 HTTP/1.1\r\nHost: reative-sua-assinatura.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://reative-sua-assinatura.fun/access.php?verify=LBUXW2XBLBUX-XO60-LBUXXO60XO60-JNNGXO60\u0026identifyData=36ns5471g6qcku7uft5lcj1eph\u0026timeAttemp=1679091c5a880faf6fb5e6087eb1b2dc\r\nCookie: PHPSESSID=36ns5471g6qcku7uft5lcj1eph\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ndate: Sat, 20 Jun 2026 12:15:52 GMT\r\nserver: cloudflare\r\nlast-modified: Sat, 31 Aug 2024 16:30:44 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=J7h3rXtFceyA2qa1Ik9OC%2BRoNpX1TKZv4cZEgQGa24j9vkph%2BRiuqHAsMSzlpRE66w%2FSGEZmWrZqQck%2Fzt2LWmNFodhNV6FBDOLgoJyRxtAjUKnNvquaDkPPUPWmkvZXobmRxexOoBW0fEe7jg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=6,i=?0\r\ncontent-encoding: zstd\r\netag: W/\"267e-620fd3ab4b500\"\r\ncontent-type: image/vnd.microsoft.icon\r\nage: 67\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncf-ray: a0eab38efb0c0883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9854,"size_decoded":2545,"mime_type":"image/vnd.microsoft.icon","magic":"MS Windows icon resource - 1 icon, 48x48, 32 bits/pixel","md5":"58f54d9ea15176671802bebeee4da4cb","sha1":"4ba1cb97814772435962f3ac25af0def81851735","sha256":"9c5f7722c5df8eb24dda20ecc01c9f73e3103e10052fd980da4e7d9f753a97d3","sha512":"32e6c1ac6220b03bafb9215e4db4cf91352573c34a82accc893b4c7d4d3194d495e241c2f814372930a988688492926fe1d9a5576d2e46378c9f6d1e927c71db","ssdeep":"48:5uZhmwr2VEbaA+8H3J7HZqH0S/DHDHp8HfH5gAaqHwMqHBVqH/6BqHAtvqHAAcqK:shm0AN6YHEOFtwVPmyqPmorAtAco","tlshash":"8a12a02710c35d6cfe016eb8d297ec3a517d40ddeefe82e79a81bd390612146a5cb8e4","first_seen":"2023-09-08T13:51:14Z","last_seen":"2026-06-20T13:37:45.066955Z","times_seen":2142,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"reative-sua-assinatura.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"reative-sua-assinatura.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-20","alert":"Phishing Block","trigger":"reative-sua-assinatura.fun","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"reative-sua-assinatura.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Netflix","verdict":"phishing","severity":"medium","comment":"Associated with Netflix phishing","tags":["netflix","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"reative-sua-assinatura.fun/api.php?call=sessao","fqdn":"reative-sua-assinatura.fun","domain":"reative-sua-assinatura.fun","tld":"fun"},"ip":{"addr":"104.21.32.13","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://reative-sua-assinatura.fun/access.php?verify=LBUXW2XBLBUX-XO60-LBUXXO60XO60-JNNGXO60\u0026identifyData=36ns5471g6qcku7uft5lcj1eph\u0026timeAttemp=1679091c5a880faf6fb5e6087eb1b2dc","date":"2026-06-20T12:15:52.187Z","timestamp":1781957752187,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"reative-sua-assinatura.fun","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 11 Jun 2026 16:31:28 GMT","end":"Wed, 09 Sep 2026 17:29:16 GMT"},"fingerprint":{"sha1":"A3:00:EF:05:F3:64:69:C7:0F:56:EE:6A:9C:D5:95:ED:F4:C4:04:92","sha256":"84:82:36:E9:66:42:F5:71:E7:B2:78:64:3B:5A:46:04:A7:A3:78:85:32:9D:AF:3C:DB:C7:1B:C0:17:18:40:C4"}}},"request":{"raw":"GET /api.php?call=sessao HTTP/1.1\r\nHost: reative-sua-assinatura.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nX-Requested-With: XMLHttpRequest\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://reative-sua-assinatura.fun/access.php?verify=LBUXW2XBLBUX-XO60-LBUXXO60XO60-JNNGXO60\u0026identifyData=36ns5471g6qcku7uft5lcj1eph\u0026timeAttemp=1679091c5a880faf6fb5e6087eb1b2dc\r\nCookie: PHPSESSID=36ns5471g6qcku7uft5lcj1eph\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ndate: Sat, 20 Jun 2026 12:15:52 GMT\r\nserver: cloudflare\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lfWzRF50s4vitxxUySBlAB4XVf2pfY7VdhxCduNQsTMOGLZ1VDQG8i4lASJSMJ1GdQa5lU4QYxpaVbZP%2BUCRNi17hNyaP5vM%2B1WsG7e3PoxRd%2BDkRlUhu%2FZgxSPZZ7d%2BJtXUSbK7t69yLQOvGw%3D%3D\"}]}\r\ncontent-type: application/json; charset=utf-8\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: zstd\r\ncf-ray: a0eab38f2b140883-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":201,"size_decoded":897,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"dd36476dfb322863ad3cfc4f6823a75e","sha1":"c2c396bcde278c077ddc467ffcc5c0a7908fd740","sha256":"f4ab6ab528c76ce557d97a7dfd1685d2527d7925f8badc8cf9c8a650c2d23255","sha512":"f78e6c20e0e95ae31a0fbeb8c60e8bdb5d31281410450e94686c9a8a9929ad5df1e9d2d3c98f212b4653f0d9f55009f51d3c3bb8ae45152d0656f550b757faa1","ssdeep":"","tlshash":"44d0221404b7c89eaeed9100a8cc2ba98c8e0b9102a88959c6dd2e390405358e41c92d","first_seen":"2026-06-20T12:16:22.537179Z","last_seen":"2026-06-20T12:16:22.537179Z","times_seen":1,"resource_available":false,"data":null}},"time_used":183,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":183,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"reative-sua-assinatura.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-20","alert":"Phishing Block","trigger":"reative-sua-assinatura.fun","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"reative-sua-assinatura.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"reative-sua-assinatura.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Netflix","verdict":"phishing","severity":"medium","comment":"Associated with Netflix phishing","tags":["netflix","phishing"],"meta":null}]}}]}