{"report_id":"2a12698b-9c86-4ba4-bbd9-d13ce67fbc78","version":0,"status":"done","tags":[],"date":"2026-06-17T20:27:48Z","url":{"schema":"http","addr":"ww-brasilrodovias.click","fqdn":"ww-brasilrodovias.click","domain":"ww-brasilrodovias.click","tld":"click"},"ip":{"addr":"107.180.114.201","port":0,"asn":398101,"as":"GO-DADDY-COM-LLC","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"ww-brasilrodovias.click/","fqdn":"ww-brasilrodovias.click","domain":"ww-brasilrodovias.click","tld":"click"},"title":"Pedágio Digital - Consulte e Pague Débitos Online | Pedagio Digital","dom":{"size":29540,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (454)","md5":"83c5c4643ba0f5a6aa3c9df20b033675","sha1":"db3c6b00abe90a53d8a37b79909e4c41013ae35a","sha256":"776f8d8b00c01d65568d1b776bda98653e2400073bb4f6f4136d6ef5e244f51f","sha512":"baf7b09e22128896d80ed3b3e9a07784ff71a35d9579255496129bf7503c983508cb49bced7fc9d5395c7c5e16a1ebffed27b4e259337e94c45c012d4c58d037","ssdeep":"384:dLsOGGsZvVnaOB0xrTUIDYwx4nkmxesh0A1rGT30irhio+OVqPsNO3B/Tz:HrTUI1x4kmosh0A1eEi1r+OsPsNaBrz","tlshash":"2dd2b47975f6143702934662abd7eb5a7f65c903c40aca09baec07416fcbc518ca3b8c","dom_hash":"domhashac7e596002c5d0d3ef2cb9a2a3711da8","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"ww-brasilrodovias.click","fqdn":"ww-brasilrodovias.click","domain":"ww-brasilrodovias.click","tld":"click"},"ip":{"addr":"107.180.114.201","port":0,"asn":398101,"as":"GO-DADDY-COM-LLC","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-22T20:27:48Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":6}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ww-brasilrodovias.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"ww-brasilrodovias.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ww-brasilrodovias.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ww-brasilrodovias.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ww-brasilrodovias.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ww-brasilrodovias.click","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"ww-brasilrodovias.click","ip":{"addr":"107.180.114.201","port":443,"asn":398101,"as":"GO-DADDY-COM-LLC","country":"United States","country_code":"US"},"domain_registered":"2026-05-20","domain_rank":0,"first_seen":"2026-06-16T01:29:07.6849Z","last_seen":"2026-06-16T01:29:07.684901Z","alert_count":30,"request_count":5,"received_data":1699421,"sent_data":2649,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}]},{"fqdn":"img1.wsimg.com","ip":{"addr":"2.22.225.50","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"domain_registered":"2008-03-17","domain_rank":58983,"first_seen":"2012-06-20T14:42:31Z","last_seen":"2026-06-15T08:09:19.232945Z","alert_count":0,"request_count":2,"received_data":107467,"sent_data":974,"comment":"","tags":null,"fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]},{"fqdn":"csp.secureserver.net","ip":{"addr":"23.44.47.70","port":443,"asn":16625,"as":"AKAMAI-AS","country":"Norway","country_code":"NO"},"domain_registered":"1998-03-30","domain_rank":62352,"first_seen":"2022-12-18T21:17:09Z","last_seen":"2026-06-15T08:36:57.232187Z","alert_count":0,"request_count":2,"received_data":1016,"sent_data":1106,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"ww-brasilrodovias.click/","fqdn":"ww-brasilrodovias.click","domain":"ww-brasilrodovias.click","tld":"click"},"ip":{"addr":"107.180.114.201","port":443,"asn":398101,"as":"GO-DADDY-COM-LLC","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"7d90835dfb4b42ab991e56dd09eb460e","sha1":"c3ab853ce67c5a33f6b7cc69d01e8d1ed45f84bc","sha256":"ff371546eb9fbb2bd3966eb793575718854e10ab95912a1c39d5c8e67f49c3e4","sha512":"f3f0268f32255389691acafa789d0b1f1efa044e2f36bf7fae06c46e775e1afea4350c8d78c78a98dd08cb88a1d54e41761b26edec361d717df98510df331d26","ssdeep":"192:yl2yH1q8lEjMB9VKNbv+lQZKIVOSB6B/IM24CDS6y2:8PsNO3B/a","tlshash":"54020cbe69fb147146a7757f9bcfe689763140032808cd08be9c8b015f92a6449b3fc8","size":8226,"data":"","first_seen":"2026-06-16T01:29:11.757524Z","last_seen":"2026-06-17T20:27:52.356761Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ww-brasilrodovias.click/","fqdn":"ww-brasilrodovias.click","domain":"ww-brasilrodovias.click","tld":"click"},"ip":{"addr":"107.180.114.201","port":443,"asn":398101,"as":"GO-DADDY-COM-LLC","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"35821ad7a0a58d5943f17f447f6322c9","sha1":"eec85bbb179f8b352ea0006677eedc6d4c26ab21","sha256":"936738a8c97459e70dc734b41f9307e43845b18cecce44f612e90c05e2a47e26","sha512":"908087771730cdfa28b651515068efcbe93d4eb878c4b28ac8185e2ac1f3725b667fac25519f5ace7e9799ed8f41363a3a5c6b394a2a0cca6bac034c446d660d","ssdeep":"","tlshash":"a7e0c00dd01900822326cc443251195fb71ac6fac3481cddc3048c3a65cf00bfb9d190","size":361,"data":"","first_seen":"2026-06-16T01:29:11.760111Z","last_seen":"2026-06-17T20:27:52.357449Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ww-brasilrodovias.click/","fqdn":"ww-brasilrodovias.click","domain":"ww-brasilrodovias.click","tld":"click"},"ip":{"addr":"107.180.114.201","port":443,"asn":398101,"as":"GO-DADDY-COM-LLC","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"7d90835dfb4b42ab991e56dd09eb460e","sha1":"c3ab853ce67c5a33f6b7cc69d01e8d1ed45f84bc","sha256":"ff371546eb9fbb2bd3966eb793575718854e10ab95912a1c39d5c8e67f49c3e4","sha512":"f3f0268f32255389691acafa789d0b1f1efa044e2f36bf7fae06c46e775e1afea4350c8d78c78a98dd08cb88a1d54e41761b26edec361d717df98510df331d26","ssdeep":"192:yl2yH1q8lEjMB9VKNbv+lQZKIVOSB6B/IM24CDS6y2:8PsNO3B/a","tlshash":"54020cbe69fb147146a7757f9bcfe689763140032808cd08be9c8b015f92a6449b3fc8","size":8226,"data":"","first_seen":"2026-06-16T01:29:11.757524Z","last_seen":"2026-06-17T20:27:52.356761Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ww-brasilrodovias.click/","fqdn":"ww-brasilrodovias.click","domain":"ww-brasilrodovias.click","tld":"click"},"ip":{"addr":"107.180.114.201","port":443,"asn":398101,"as":"GO-DADDY-COM-LLC","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"35821ad7a0a58d5943f17f447f6322c9","sha1":"eec85bbb179f8b352ea0006677eedc6d4c26ab21","sha256":"936738a8c97459e70dc734b41f9307e43845b18cecce44f612e90c05e2a47e26","sha512":"908087771730cdfa28b651515068efcbe93d4eb878c4b28ac8185e2ac1f3725b667fac25519f5ace7e9799ed8f41363a3a5c6b394a2a0cca6bac034c446d660d","ssdeep":"","tlshash":"a7e0c00dd01900822326cc443251195fb71ac6fac3481cddc3048c3a65cf00bfb9d190","size":361,"data":"","first_seen":"2026-06-16T01:29:11.760111Z","last_seen":"2026-06-17T20:27:52.357449Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img1.wsimg.com/traffic-assets/js/tccl.min.js","fqdn":"img1.wsimg.com","domain":"wsimg.com","tld":"com"},"ip":{"addr":"2.22.225.50","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"introduction_type":"scriptElement","is_inline":false,"md5":"8a37dab530d4cba8ef9134c279c20612","sha1":"ef687d672e515d41f8b9c6b23e8c66b117a609c3","sha256":"5c16c1b3a290dd98b67c97387769f0ba4ce1a68fc5a584f603d85eec8ecfa499","sha512":"f08cbc1d2bea4b6bef0f153e83a74edfe4abf9c6f39aaadb35a6c167efd6f667b151b7154ab6e444b75420335488d27d3a33ec6e6e2c3d953a41d0a03ce563f9","ssdeep":"1536:uzSGNmZEfRDJYW/3TV4vlJHjaBaR02YX25x6JR:kD6W/WFu","tlshash":"67a3a688f6a1f07142e76165412f010bf379a965b0aed0d4e725e8f8adf85ce8173f29","size":106502,"data":"","first_seen":"2026-05-27T17:58:47.761284Z","last_seen":"2026-06-19T13:10:21.429399Z","times_seen":6410,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"ww-brasilrodovias.click/","fqdn":"ww-brasilrodovias.click","domain":"ww-brasilrodovias.click","tld":"click"},"ip":{"addr":"107.180.114.201","port":443,"asn":398101,"as":"GO-DADDY-COM-LLC","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-17T20:27:21.837Z","timestamp":1781728041837,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"cpanel.ww-brasilrodovias.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 13:56:42 GMT","end":"Tue, 18 Aug 2026 13:56:41 GMT"},"fingerprint":{"sha1":"E1:DB:B3:21:03:FD:FA:3E:D2:A6:FA:E1:E5:BB:DC:E0:BD:62:6F:A1","sha256":"69:4B:56:7A:E3:F8:CA:D7:1B:57:DE:62:78:74:39:F9:2A:0A:AF:58:A9:23:5D:14:48:D3:90:C9:E8:9F:5B:AC"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: ww-brasilrodovias.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nlast-modified: Wed, 20 May 2026 13:35:08 GMT\r\netag: \"3420c74-75ca-6523fdd363b00-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 8027\r\ncontent-type: text/html\r\ndate: Wed, 17 Jun 2026 20:27:22 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":30608,"size_decoded":8318,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (461), with CRLF line terminators","md5":"e09cc4fe1c2484db423dd48b8f95364f","sha1":"5b17949f7d09cd749281757bb39fe3ca3f98dde8","sha256":"83fe4dd1b9c12b915ad713f0f757d35c9a3c160ef13e91b0c355e8d8cfe31daa","sha512":"3266294acaa1af3af1117fa88ed7297f9610d2e05c2f751c7dad28150aa13e92611fa0aa9baae1d10e1b2732eded26bcaa81936685a9c74804de449df4196ef6","ssdeep":"384:bMuJpTOSSwhOTEtcqGEk39bTyi46zujv5tl/QpMY6v:bpTOS3UTacykt6b6zu7fl4pn6v","tlshash":"6fd2837975c0143601734766aba3ab9aff65c503c106c64abaad17476ffbc108893fd8","first_seen":"2026-06-16T01:29:11.756364Z","last_seen":"2026-06-17T20:27:52.350907Z","times_seen":5,"resource_available":true,"data":null}},"time_used":827,"timings":{"blocked":0,"dns":70,"connect":149,"send":0,"wait":160,"receive":0,"ssl":449},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ww-brasilrodovias.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"ww-brasilrodovias.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ww-brasilrodovias.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ww-brasilrodovias.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ww-brasilrodovias.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ww-brasilrodovias.click","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww-brasilrodovias.click/pedagio1_files/css2","fqdn":"ww-brasilrodovias.click","domain":"ww-brasilrodovias.click","tld":"click"},"ip":{"addr":"107.180.114.201","port":443,"asn":398101,"as":"GO-DADDY-COM-LLC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ww-brasilrodovias.click/","date":"2026-06-17T20:27:22.879Z","timestamp":1781728042879,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"cpanel.ww-brasilrodovias.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 13:56:42 GMT","end":"Tue, 18 Aug 2026 13:56:41 GMT"},"fingerprint":{"sha1":"E1:DB:B3:21:03:FD:FA:3E:D2:A6:FA:E1:E5:BB:DC:E0:BD:62:6F:A1","sha256":"69:4B:56:7A:E3:F8:CA:D7:1B:57:DE:62:78:74:39:F9:2A:0A:AF:58:A9:23:5D:14:48:D3:90:C9:E8:9F:5B:AC"}}},"request":{"raw":"GET /pedagio1_files/css2 HTTP/1.1\r\nHost: ww-brasilrodovias.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ww-brasilrodovias.click/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 \r\ncontent-length: 355\r\ncontent-type: text/html; charset=iso-8859-1\r\ndate: Wed, 17 Jun 2026 20:27:22 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":355,"size_decoded":509,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"4525b2d648f7c457a689fd96421783a5","sha1":"11bfe30ce44585a15a38e86bc094224ddfe2c08e","sha256":"cc0b4e42510d49c6decd464123ecf3b14ae9b47f9b4ed2ee64893e2d6520a264","sha512":"94e3e8246cf38ff7740e51aa115c8c455b14f78e672c2686b782c0ce30b6fa2dbd91a78b29b3964d9c0414aabd4b9391fd5db326665e25b4b8e73dae60ffe979","ssdeep":"","tlshash":"71e0c04f4057b3474011a2907dc01291e505236b38a152f93ac09467500897dc4aa2dd","first_seen":"2025-12-09T03:51:58.5943Z","last_seen":"2026-06-19T13:14:12.711616Z","times_seen":40907,"resource_available":true,"data":null}},"time_used":156,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":156,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ww-brasilrodovias.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ww-brasilrodovias.click","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ww-brasilrodovias.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"ww-brasilrodovias.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ww-brasilrodovias.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ww-brasilrodovias.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww-brasilrodovias.click/combined.css","fqdn":"ww-brasilrodovias.click","domain":"ww-brasilrodovias.click","tld":"click"},"ip":{"addr":"107.180.114.201","port":443,"asn":398101,"as":"GO-DADDY-COM-LLC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ww-brasilrodovias.click/","date":"2026-06-17T20:27:22.880Z","timestamp":1781728042880,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"cpanel.ww-brasilrodovias.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 13:56:42 GMT","end":"Tue, 18 Aug 2026 13:56:41 GMT"},"fingerprint":{"sha1":"E1:DB:B3:21:03:FD:FA:3E:D2:A6:FA:E1:E5:BB:DC:E0:BD:62:6F:A1","sha256":"69:4B:56:7A:E3:F8:CA:D7:1B:57:DE:62:78:74:39:F9:2A:0A:AF:58:A9:23:5D:14:48:D3:90:C9:E8:9F:5B:AC"}}},"request":{"raw":"GET /combined.css HTTP/1.1\r\nHost: ww-brasilrodovias.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ww-brasilrodovias.click/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nlast-modified: Wed, 20 May 2026 13:35:08 GMT\r\netag: \"3420c6f-3f83-6523fdd363b00-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 4361\r\ncontent-type: text/css\r\ndate: Wed, 17 Jun 2026 20:27:22 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":16259,"size_decoded":4651,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (10850), with CRLF line terminators","md5":"3065ac2107438af609f0f025c2d308ba","sha1":"91072f699ab6ea939613302bc25ee92d54042968","sha256":"7ab2fb5861b370fa4b5bc096025087961c1cf9d734eb8185a3352d2c86e8a386","sha512":"b99c17802910acd237ae85a3c15bce2ddb43da2607d9dee2acb95b883c7ea3a2b920270980492c7dc34c94f1a9d6d9ea81d371277dfc6a3fc3752a8d5679978a","ssdeep":"192:vUC9J8W9J846Awb9NsfL0uSlHGC/LMwhwOMiLGW9+vfakIUS70tBUw5EeOh:cRdB/LMwhwq+5Oh","tlshash":"2e72b969a641101e3d7382f9dbf1775df63e64c3cb1a5bfd759a2010abe22e10897e04","first_seen":"2026-06-16T01:29:11.753535Z","last_seen":"2026-06-17T20:27:52.353334Z","times_seen":6,"resource_available":false,"data":null}},"time_used":156,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":156,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ww-brasilrodovias.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ww-brasilrodovias.click","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ww-brasilrodovias.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"ww-brasilrodovias.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ww-brasilrodovias.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ww-brasilrodovias.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img1.wsimg.com/traffic-assets/js/tccl.min.js","fqdn":"img1.wsimg.com","domain":"wsimg.com","tld":"com"},"ip":{"addr":"2.22.225.50","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ww-brasilrodovias.click/","date":"2026-06-17T20:27:23.066Z","timestamp":1781728043066,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wsimg.com","organization":""},"issuer":{"commonName":"Starfield Secure Certificate Authority - G2","organization":"Starfield Technologies, Inc."},"validity":{"start":"Fri, 05 Sep 2025 18:24:05 GMT","end":"Wed, 07 Oct 2026 18:24:05 GMT"},"fingerprint":{"sha1":"0E:95:B5:3C:BC:57:5B:29:44:36:31:82:4A:13:83:C0:BB:C6:51:2D","sha256":"2E:41:DD:15:BE:3D:3A:3A:29:F0:65:E6:52:EC:88:54:C4:60:01:9E:68:96:30:F3:2A:31:D9:A1:95:CA:69:24"}}},"request":{"raw":"GET /traffic-assets/js/tccl.min.js HTTP/1.1\r\nHost: img1.wsimg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ww-brasilrodovias.click/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 \r\ncontent-length: 0\r\nlocation: https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js\r\ncache-control: max-age=31536000\r\nexpires: Thu, 17 Jun 2027 20:27:23 GMT\r\ndate: Wed, 17 Jun 2026 20:27:23 GMT\r\ntiming-allow-origin: *\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-19T13:14:46.704344Z","times_seen":16547271,"resource_available":true,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":11,"connect":1,"send":0,"wait":6,"receive":0,"ssl":10},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ww-brasilrodovias.click/img3.jpg","fqdn":"ww-brasilrodovias.click","domain":"ww-brasilrodovias.click","tld":"click"},"ip":{"addr":"107.180.114.201","port":443,"asn":398101,"as":"GO-DADDY-COM-LLC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww-brasilrodovias.click/","date":"2026-06-17T20:27:23.083Z","timestamp":1781728043083,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"cpanel.ww-brasilrodovias.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 13:56:42 GMT","end":"Tue, 18 Aug 2026 13:56:41 GMT"},"fingerprint":{"sha1":"E1:DB:B3:21:03:FD:FA:3E:D2:A6:FA:E1:E5:BB:DC:E0:BD:62:6F:A1","sha256":"69:4B:56:7A:E3:F8:CA:D7:1B:57:DE:62:78:74:39:F9:2A:0A:AF:58:A9:23:5D:14:48:D3:90:C9:E8:9F:5B:AC"}}},"request":{"raw":"GET /img3.jpg HTTP/1.1\r\nHost: ww-brasilrodovias.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ww-brasilrodovias.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nlast-modified: Wed, 20 May 2026 13:35:08 GMT\r\netag: \"3420c73-193016-6523fdd363b00\"\r\naccept-ranges: bytes\r\ncontent-length: 1650710\r\ncontent-type: image/jpeg\r\ndate: Wed, 17 Jun 2026 20:27:23 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":1650710,"size_decoded":1650955,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, copyright=Freepik Company S.L. - www.freepik.com], baseline, precision 8, 6720x4480, components 3","md5":"953c11a355859b3e1496b4648befcfbe","sha1":"8bf0b0478939c44e25e49722355cb74b6e097efd","sha256":"9d10f1cababe42863942815aea6abc5d5910b5c3c0d1e77c3e1f99b67cfc0ac4","sha512":"42a592686d5b31f35637b55d1cbe0f840d647bcd202ce6f9947996e2243efa0736b77665c5354f7dbdb62f9137e2c4bf919f8ad0c110fe8b6079cf009024bfc1","ssdeep":"24576:dBzOtheQwcuIRR34cMU2tONqRuJRA7Zn2oShPX:zaX1wcuIH3tMU28qRuE7lcX","tlshash":"fe252307dc110943faa593f4bf034eac2f766b2ca9a23afe01656edf38101625c9d579","first_seen":"2026-01-26T01:03:01.050515Z","last_seen":"2026-06-17T20:27:52.354729Z","times_seen":32,"resource_available":false,"data":null}},"time_used":1612,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":155,"receive":1456,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ww-brasilrodovias.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ww-brasilrodovias.click","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ww-brasilrodovias.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ww-brasilrodovias.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"ww-brasilrodovias.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ww-brasilrodovias.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww-brasilrodovias.click/favicon.ico","fqdn":"ww-brasilrodovias.click","domain":"ww-brasilrodovias.click","tld":"click"},"ip":{"addr":"107.180.114.201","port":443,"asn":398101,"as":"GO-DADDY-COM-LLC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww-brasilrodovias.click/","date":"2026-06-17T20:27:23.262Z","timestamp":1781728043262,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"cpanel.ww-brasilrodovias.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 20 May 2026 13:56:42 GMT","end":"Tue, 18 Aug 2026 13:56:41 GMT"},"fingerprint":{"sha1":"E1:DB:B3:21:03:FD:FA:3E:D2:A6:FA:E1:E5:BB:DC:E0:BD:62:6F:A1","sha256":"69:4B:56:7A:E3:F8:CA:D7:1B:57:DE:62:78:74:39:F9:2A:0A:AF:58:A9:23:5D:14:48:D3:90:C9:E8:9F:5B:AC"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: ww-brasilrodovias.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ww-brasilrodovias.click/\r\nCookie: _tccl_visitor=e28288f4-e889-4497-b8cc-5cec36ba1995; _tccl_visit=e28288f4-e889-4497-b8cc-5cec36ba1995; _scc_session=pc=1\u0026C_TOUCH=2026-06-17T20:27:23.162Z\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 \r\ncontent-length: 355\r\ncontent-type: text/html; charset=iso-8859-1\r\ndate: Wed, 17 Jun 2026 20:27:23 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":355,"size_decoded":509,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"4525b2d648f7c457a689fd96421783a5","sha1":"11bfe30ce44585a15a38e86bc094224ddfe2c08e","sha256":"cc0b4e42510d49c6decd464123ecf3b14ae9b47f9b4ed2ee64893e2d6520a264","sha512":"94e3e8246cf38ff7740e51aa115c8c455b14f78e672c2686b782c0ce30b6fa2dbd91a78b29b3964d9c0414aabd4b9391fd5db326665e25b4b8e73dae60ffe979","ssdeep":"","tlshash":"71e0c04f4057b3474011a2907dc01291e505236b38a152f93ac09467500897dc4aa2dd","first_seen":"2025-12-09T03:51:58.5943Z","last_seen":"2026-06-19T13:14:12.711616Z","times_seen":40907,"resource_available":true,"data":null}},"time_used":1433,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1433,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ww-brasilrodovias.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ww-brasilrodovias.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ww-brasilrodovias.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"ww-brasilrodovias.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ww-brasilrodovias.click","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"ww-brasilrodovias.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"csp.secureserver.net/eventbus/web?clientid=b18ef4f046435b64a469b32c3c1c20a3","fqdn":"csp.secureserver.net","domain":"secureserver.net","tld":"net"},"ip":{"addr":"23.44.47.70","port":443,"asn":16625,"as":"AKAMAI-AS","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ww-brasilrodovias.click/","date":"2026-06-17T20:27:24.957Z","timestamp":1781728044957,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.secureserver.net","organization":""},"issuer":{"commonName":"Starfield Secure Certificate Authority - G2","organization":"Starfield Technologies, Inc."},"validity":{"start":"Thu, 23 Oct 2025 00:07:48 GMT","end":"Tue, 24 Nov 2026 00:07:48 GMT"},"fingerprint":{"sha1":"0C:85:75:97:2A:6F:2B:92:48:28:1A:FB:30:8A:C4:98:A7:9E:26:CE","sha256":"2F:4B:65:33:11:10:9D:A1:94:4B:5A:5D:40:E6:63:70:B6:7E:1A:7F:E7:90:E4:E8:F4:4A:37:2E:94:17:64:AB"}}},"request":{"raw":"POST /eventbus/web?clientid=b18ef4f046435b64a469b32c3c1c20a3 HTTP/1.1\r\nHost: csp.secureserver.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nContent-Type: text/plain;charset=UTF-8\r\nReferer: https://ww-brasilrodovias.click/\r\nContent-Length: 1067\r\nOrigin: https://ww-brasilrodovias.click\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 202 Accepted\r\nContent-Type: application/json\r\nContent-Length: 2\r\nAccess-Control-Allow-Origin: *\r\nx-bus-trace-id: 161719023317969281507333836587965997061\r\nx-envoy-upstream-service-time: 83\r\nx-error-info: 0\r\nx-request-id: b02e8d65-a97e-41e3-8fd9-c188e20c52b5\r\nExpires: Wed, 17 Jun 2026 20:27:25 GMT\r\nCache-Control: max-age=0, no-cache, no-store\r\nPragma: no-cache\r\nDate: Wed, 17 Jun 2026 20:27:25 GMT\r\nConnection: keep-alive\r\nStrict-Transport-Security: max-age=86400 ; includeSubDomains ; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"202","status_text":"Accepted","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":2,"size_decoded":508,"mime_type":"application/json","magic":"JSON text data","md5":"99914b932bd37a50b983c5e7c90ae93b","sha1":"bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f","sha256":"44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a","sha512":"27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd","ssdeep":"","tlshash":"c7100000000000c00000000c00000000000000000c0000000000000000000000000000","first_seen":"2023-03-07T01:15:26Z","last_seen":"2026-06-19T13:10:40.189934Z","times_seen":714156,"resource_available":true,"data":null}},"time_used":199,"timings":{"blocked":-1,"dns":12,"connect":1,"send":0,"wait":178,"receive":0,"ssl":8},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"csp.secureserver.net/eventbus/web?clientid=8da2217409854bee82e12dc4ca0b39fb","fqdn":"csp.secureserver.net","domain":"secureserver.net","tld":"net"},"ip":{"addr":"23.44.47.70","port":443,"asn":16625,"as":"AKAMAI-AS","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ww-brasilrodovias.click/","date":"2026-06-17T20:27:24.959Z","timestamp":1781728044959,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.secureserver.net","organization":""},"issuer":{"commonName":"Starfield Secure Certificate Authority - G2","organization":"Starfield Technologies, Inc."},"validity":{"start":"Thu, 23 Oct 2025 00:07:48 GMT","end":"Tue, 24 Nov 2026 00:07:48 GMT"},"fingerprint":{"sha1":"0C:85:75:97:2A:6F:2B:92:48:28:1A:FB:30:8A:C4:98:A7:9E:26:CE","sha256":"2F:4B:65:33:11:10:9D:A1:94:4B:5A:5D:40:E6:63:70:B6:7E:1A:7F:E7:90:E4:E8:F4:4A:37:2E:94:17:64:AB"}}},"request":{"raw":"POST /eventbus/web?clientid=8da2217409854bee82e12dc4ca0b39fb HTTP/1.1\r\nHost: csp.secureserver.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nContent-Type: text/plain;charset=UTF-8\r\nReferer: https://ww-brasilrodovias.click/\r\nContent-Length: 1852\r\nOrigin: https://ww-brasilrodovias.click\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 202 Accepted\r\nContent-Type: application/json\r\nContent-Length: 2\r\nAccess-Control-Allow-Origin: *\r\nx-bus-trace-id: 237372181340880110282723893683983438016\r\nx-envoy-upstream-service-time: 88\r\nx-error-info: 0\r\nx-request-id: d1239cc8-3b5f-4b77-9b87-22c73ea5758c\r\nExpires: Wed, 17 Jun 2026 20:27:25 GMT\r\nCache-Control: max-age=0, no-cache, no-store\r\nPragma: no-cache\r\nDate: Wed, 17 Jun 2026 20:27:25 GMT\r\nConnection: keep-alive\r\nStrict-Transport-Security: max-age=86400 ; includeSubDomains ; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"202","status_text":"Accepted","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":2,"size_decoded":508,"mime_type":"application/json","magic":"JSON text data","md5":"99914b932bd37a50b983c5e7c90ae93b","sha1":"bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f","sha256":"44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a","sha512":"27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd","ssdeep":"","tlshash":"c7100000000000c00000000c00000000000000000c0000000000000000000000000000","first_seen":"2023-03-07T01:15:26Z","last_seen":"2026-06-19T13:10:40.189934Z","times_seen":714156,"resource_available":true,"data":null}},"time_used":405,"timings":{"blocked":0,"dns":10,"connect":2,"send":0,"wait":179,"receive":0,"ssl":214},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js","fqdn":"img1.wsimg.com","domain":"wsimg.com","tld":"com"},"ip":{"addr":"2.22.225.50","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ww-brasilrodovias.click/","date":"2026-06-17T20:27:23.105Z","timestamp":1781728043105,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wsimg.com","organization":""},"issuer":{"commonName":"Starfield Secure Certificate Authority - G2","organization":"Starfield Technologies, Inc."},"validity":{"start":"Fri, 05 Sep 2025 18:24:05 GMT","end":"Wed, 07 Oct 2026 18:24:05 GMT"},"fingerprint":{"sha1":"0E:95:B5:3C:BC:57:5B:29:44:36:31:82:4A:13:83:C0:BB:C6:51:2D","sha256":"2E:41:DD:15:BE:3D:3A:3A:29:F0:65:E6:52:EC:88:54:C4:60:01:9E:68:96:30:F3:2A:31:D9:A1:95:CA:69:24"}}},"request":{"raw":"GET /signals/js/clients/scc-c2/scc-c2.min.js HTTP/1.1\r\nHost: img1.wsimg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://ww-brasilrodovias.click/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nx-amz-id-2: gUH+nIXP/l8oFWl8BmNVrHVHUJ78BGl93xD8CEn4Zv8PTaV4T8hH2etKBcCIGy0j5iQawIcpoyXK5j9ss+68VRnCgONyOQDz\r\nx-amz-request-id: DRTDCZG7W5GRB4Q7\r\nlast-modified: Wed, 27 May 2026 17:27:10 GMT\r\netag: \"8a37dab530d4cba8ef9134c279c20612\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-meta-version: 1.3.2\r\nx-amz-version-id: V1QpCm1bxgHgw4G1nDhX4YJuFGsOtoK3\r\naccept-ranges: bytes\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncache-control: max-age=1800\r\nexpires: Wed, 17 Jun 2026 20:57:23 GMT\r\ndate: Wed, 17 Jun 2026 20:27:23 GMT\r\ncontent-length: 21664\r\ntiming-allow-origin: *\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":106502,"size_decoded":22335,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"8a37dab530d4cba8ef9134c279c20612","sha1":"ef687d672e515d41f8b9c6b23e8c66b117a609c3","sha256":"5c16c1b3a290dd98b67c97387769f0ba4ce1a68fc5a584f603d85eec8ecfa499","sha512":"f08cbc1d2bea4b6bef0f153e83a74edfe4abf9c6f39aaadb35a6c167efd6f667b151b7154ab6e444b75420335488d27d3a33ec6e6e2c3d953a41d0a03ce563f9","ssdeep":"1536:uzSGNmZEfRDJYW/3TV4vlJHjaBaR02YX25x6JR:kD6W/WFu","tlshash":"67a3a688f6a1f07142e76165412f010bf379a965b0aed0d4e725e8f8adf85ce8173f29","first_seen":"2026-05-27T17:58:47.761284Z","last_seen":"2026-06-19T13:10:21.429399Z","times_seen":6410,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}