{"report_id":"7b395e4c-61d5-4365-a040-af4d34da82ba","version":0,"status":"done","tags":[],"date":"2026-06-17T15:28:34Z","url":{"schema":"http","addr":"freeflowbrasil.shop","fqdn":"freeflowbrasil.shop","domain":"freeflowbrasil.shop","tld":"shop"},"ip":{"addr":"88.80.17.203","port":0,"asn":33837,"as":"Fredrik Holmqvist","country":"Sweden","country_code":"SE"},"final":{"url":{"schema":"https","addr":"freeflowbrasil.shop/","fqdn":"freeflowbrasil.shop","domain":"freeflowbrasil.shop","tld":"shop"},"title":"Pedágio Digital - Consulte e Pague Débitos Online | Pedagio Digital","dom":{"size":29065,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (376)","md5":"0ca0039f453f60d1f84c28b3313a3644","sha1":"bfed451ef902c60fe0b7bce781e68fd0877f366d","sha256":"18cabcd169035d6c3b8a54a53d722c59e22d1c9be15d7fb534e40d80d06a1cf0","sha512":"941d9fe6cb1a00a4c8ba8bf05b3bf69cf89f18261b839f8802b25861e7885f64138d1dc31e167344c7008e9ff1e076f4a22a0b6a916f12451e8f7bdaa14e457e","ssdeep":"384:dLsOGGsCvVxaMB0xrTUIDYwx4nkmxesh0A1rGT30irhio+OVqPsNO3BRt:ArTUI1x4kmosh0A1eEi1r+OsPsNaB7","tlshash":"1fd2b57975f6143702934663abd7eb5a7fa5c503c40aca09baec07416fcac118ca3b9c","dom_hash":"domhash8b85cc4c8c4aef1b89f689a738007bdc","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"freeflowbrasil.shop","fqdn":"freeflowbrasil.shop","domain":"freeflowbrasil.shop","tld":"shop"},"ip":{"addr":"88.80.17.203","port":0,"asn":33837,"as":"Fredrik Holmqvist","country":"Sweden","country_code":"SE"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-22T15:28:34Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":7}},"detection":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"freeflowbrasil.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"freeflowbrasil.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"freeflowbrasil.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"freeflowbrasil.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"freeflowbrasil.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"freeflowbrasil.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"freeflowbrasil.shop","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"freeflowbrasil.shop","ip":{"addr":"88.80.17.203","port":443,"asn":33837,"as":"Fredrik Holmqvist","country":"Sweden","country_code":"SE"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-06-17T08:21:09.714575Z","last_seen":"2026-06-17T08:21:09.714575Z","alert_count":35,"request_count":5,"received_data":1697997,"sent_data":2451,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"freeflowbrasil.shop/","fqdn":"freeflowbrasil.shop","domain":"freeflowbrasil.shop","tld":"shop"},"ip":{"addr":"88.80.17.203","port":443,"asn":33837,"as":"Fredrik Holmqvist","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":true,"md5":"6a7a10988691bdfa8cb70bdaa30520a6","sha1":"21dfc4d463c5e817b2b8c577e03a89fbc1b810bf","sha256":"e83e904c3de56fdced5e9153ef6d5987d54d5bc72c036f32437322cb160bb019","sha512":"e2b672b4399b2d052a38d0a6b99336d2ec4bcc97e16ff61db9e3230dc5d2a2b5433b52f6c87f0ce02ca9750ebf4d6544b0c8e680d4e449f8f2f627ce9f6b8cc2","ssdeep":"192:yl2yH1q8lEjMB9VKNbv+lQZKIVOSB6BRIM24CDS6y2:8PsNO3BRa","tlshash":"14020cbe69fb147146a7757f9bcfe689763140432808cd08be9c8b015f92a6449b3fc9","size":8217,"data":"","first_seen":"2026-06-16T01:30:33.857912Z","last_seen":"2026-06-17T16:59:36.649432Z","times_seen":26,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"freeflowbrasil.shop/pedagio1_files/css2","fqdn":"freeflowbrasil.shop","domain":"freeflowbrasil.shop","tld":"shop"},"ip":{"addr":"88.80.17.203","port":443,"asn":33837,"as":"Fredrik Holmqvist","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://freeflowbrasil.shop/","date":"2026-06-17T15:28:11.027Z","timestamp":1781710091027,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"freeflowbrasil.shop","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Jun 2026 13:23:45 GMT","end":"Thu, 10 Sep 2026 13:23:44 GMT"},"fingerprint":{"sha1":"95:48:B7:03:8E:5D:6F:85:3A:55:F7:31:2D:FA:40:43:8D:0B:5D:E0","sha256":"9E:05:4E:86:A8:BC:A4:55:9A:B5:18:26:92:9E:87:E8:80:C8:22:3E:5D:D2:31:FE:5C:18:FD:4F:6B:37:70:16"}}},"request":{"raw":"GET /pedagio1_files/css2 HTTP/1.1\r\nHost: freeflowbrasil.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://freeflowbrasil.shop/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 \r\ncontent-length: 266\r\ncontent-type: text/html; charset=iso-8859-1\r\ndate: Wed, 17 Jun 2026 15:28:11 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":266,"size_decoded":420,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"b06e917f3a1cedf7181eda94505b8f50","sha1":"cf44760fd336a2a888241ee5ce0d9ea3378e9759","sha256":"3e3d2d1b0194364e59b57755247c4715c2224be56635cd06b34111fb12ab22da","sha512":"d2ade5a935873e1caae3428a8b04d2b38a8fae382d903a23f9b9ff27d7bb48917e2a64e7df6e9758e4910b945b86090c81d2e73900427fdcc200d91e76ba0c10","ssdeep":"","tlshash":"33d02b9e504323960811249039c111d262c812f6b43981a86d85e447525857dcd9968d","first_seen":"2026-06-17T15:28:35.698029Z","last_seen":"2026-06-17T15:28:35.698029Z","times_seen":1,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"freeflowbrasil.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"freeflowbrasil.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"freeflowbrasil.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"freeflowbrasil.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"freeflowbrasil.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"freeflowbrasil.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"freeflowbrasil.shop","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"freeflowbrasil.shop/combined.css","fqdn":"freeflowbrasil.shop","domain":"freeflowbrasil.shop","tld":"shop"},"ip":{"addr":"88.80.17.203","port":443,"asn":33837,"as":"Fredrik Holmqvist","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://freeflowbrasil.shop/","date":"2026-06-17T15:28:11.029Z","timestamp":1781710091029,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"freeflowbrasil.shop","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Jun 2026 13:23:45 GMT","end":"Thu, 10 Sep 2026 13:23:44 GMT"},"fingerprint":{"sha1":"95:48:B7:03:8E:5D:6F:85:3A:55:F7:31:2D:FA:40:43:8D:0B:5D:E0","sha256":"9E:05:4E:86:A8:BC:A4:55:9A:B5:18:26:92:9E:87:E8:80:C8:22:3E:5D:D2:31:FE:5C:18:FD:4F:6B:37:70:16"}}},"request":{"raw":"GET /combined.css HTTP/1.1\r\nHost: freeflowbrasil.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://freeflowbrasil.shop/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nlast-modified: Fri, 12 Jun 2026 17:45:38 GMT\r\netag: \"3f69-654120b768839-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 4351\r\ncontent-type: text/css\r\ndate: Wed, 17 Jun 2026 15:28:11 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":16233,"size_decoded":4633,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (10850), with CRLF line terminators","md5":"f29e93a46838dc4538a22efa576fcb18","sha1":"862d973fe88b53ae8a65bf678e4be8c19835a5b8","sha256":"b6df4065888dc32beb0adb947c4ad8fa76a113ad6c1aa248a25dc86fad0a1dfa","sha512":"fe556a762310d9c56b816b8bf0b3f04647d549443262a4d44ff80b9bb70e9a4421504d9055c6f186cd8d758f505ab06e988652537833d58fe1f97b0f4b543c12","ssdeep":"192:vUC9J8W9J846Awb9NsfL0uSlHGC/LMwhwOMiLGO9+vfbkIUS701GUw5ExOP:cRdB/LMwhwqBJOP","tlshash":"5872c959a641101e3d7382fadaf1775df53e64c3cb2a5bfd759a2010afe22e10893e08","first_seen":"2026-06-16T01:29:24.651796Z","last_seen":"2026-06-17T16:59:36.648234Z","times_seen":27,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"freeflowbrasil.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"freeflowbrasil.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"freeflowbrasil.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"freeflowbrasil.shop","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"freeflowbrasil.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"freeflowbrasil.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"freeflowbrasil.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"freeflowbrasil.shop/img3.jpg","fqdn":"freeflowbrasil.shop","domain":"freeflowbrasil.shop","tld":"shop"},"ip":{"addr":"88.80.17.203","port":443,"asn":33837,"as":"Fredrik Holmqvist","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://freeflowbrasil.shop/","date":"2026-06-17T15:28:11.062Z","timestamp":1781710091062,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"freeflowbrasil.shop","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Jun 2026 13:23:45 GMT","end":"Thu, 10 Sep 2026 13:23:44 GMT"},"fingerprint":{"sha1":"95:48:B7:03:8E:5D:6F:85:3A:55:F7:31:2D:FA:40:43:8D:0B:5D:E0","sha256":"9E:05:4E:86:A8:BC:A4:55:9A:B5:18:26:92:9E:87:E8:80:C8:22:3E:5D:D2:31:FE:5C:18:FD:4F:6B:37:70:16"}}},"request":{"raw":"GET /img3.jpg HTTP/1.1\r\nHost: freeflowbrasil.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://freeflowbrasil.shop/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nlast-modified: Fri, 12 Jun 2026 17:45:38 GMT\r\netag: \"193016-654120b76d659\"\r\naccept-ranges: bytes\r\ncontent-length: 1650710\r\ncontent-type: image/jpeg\r\ndate: Wed, 17 Jun 2026 15:28:11 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":1650710,"size_decoded":1650947,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, copyright=Freepik Company S.L. - www.freepik.com], baseline, precision 8, 6720x4480, components 3","md5":"953c11a355859b3e1496b4648befcfbe","sha1":"8bf0b0478939c44e25e49722355cb74b6e097efd","sha256":"9d10f1cababe42863942815aea6abc5d5910b5c3c0d1e77c3e1f99b67cfc0ac4","sha512":"42a592686d5b31f35637b55d1cbe0f840d647bcd202ce6f9947996e2243efa0736b77665c5354f7dbdb62f9137e2c4bf919f8ad0c110fe8b6079cf009024bfc1","ssdeep":"24576:dBzOtheQwcuIRR34cMU2tONqRuJRA7Zn2oShPX:zaX1wcuIH3tMU28qRuE7lcX","tlshash":"fe252307dc110943faa593f4bf034eac2f766b2ca9a23afe01656edf38101625c9d579","first_seen":"2026-01-26T01:03:01.050515Z","last_seen":"2026-06-17T20:27:52.354729Z","times_seen":32,"resource_available":false,"data":null}},"time_used":352,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":22,"receive":330,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"freeflowbrasil.shop","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"freeflowbrasil.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"freeflowbrasil.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"freeflowbrasil.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"freeflowbrasil.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"freeflowbrasil.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"freeflowbrasil.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"freeflowbrasil.shop/favicon.ico","fqdn":"freeflowbrasil.shop","domain":"freeflowbrasil.shop","tld":"shop"},"ip":{"addr":"88.80.17.203","port":443,"asn":33837,"as":"Fredrik Holmqvist","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://freeflowbrasil.shop/","date":"2026-06-17T15:28:11.183Z","timestamp":1781710091183,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"freeflowbrasil.shop","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Jun 2026 13:23:45 GMT","end":"Thu, 10 Sep 2026 13:23:44 GMT"},"fingerprint":{"sha1":"95:48:B7:03:8E:5D:6F:85:3A:55:F7:31:2D:FA:40:43:8D:0B:5D:E0","sha256":"9E:05:4E:86:A8:BC:A4:55:9A:B5:18:26:92:9E:87:E8:80:C8:22:3E:5D:D2:31:FE:5C:18:FD:4F:6B:37:70:16"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: freeflowbrasil.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://freeflowbrasil.shop/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 \r\ncontent-length: 266\r\ncontent-type: text/html; charset=iso-8859-1\r\ndate: Wed, 17 Jun 2026 15:28:11 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":266,"size_decoded":420,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"b06e917f3a1cedf7181eda94505b8f50","sha1":"cf44760fd336a2a888241ee5ce0d9ea3378e9759","sha256":"3e3d2d1b0194364e59b57755247c4715c2224be56635cd06b34111fb12ab22da","sha512":"d2ade5a935873e1caae3428a8b04d2b38a8fae382d903a23f9b9ff27d7bb48917e2a64e7df6e9758e4910b945b86090c81d2e73900427fdcc200d91e76ba0c10","ssdeep":"","tlshash":"33d02b9e504323960811249039c111d262c812f6b43981a86d85e447525857dcd9968d","first_seen":"2026-06-17T15:28:35.698029Z","last_seen":"2026-06-17T15:28:35.698029Z","times_seen":1,"resource_available":false,"data":null}},"time_used":231,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":231,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"freeflowbrasil.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"freeflowbrasil.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"freeflowbrasil.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"freeflowbrasil.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"freeflowbrasil.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"freeflowbrasil.shop","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"freeflowbrasil.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"freeflowbrasil.shop/","fqdn":"freeflowbrasil.shop","domain":"freeflowbrasil.shop","tld":"shop"},"ip":{"addr":"88.80.17.203","port":443,"asn":33837,"as":"Fredrik Holmqvist","country":"Sweden","country_code":"SE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-17T15:28:10.474Z","timestamp":1781710090474,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"freeflowbrasil.shop","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Jun 2026 13:23:45 GMT","end":"Thu, 10 Sep 2026 13:23:44 GMT"},"fingerprint":{"sha1":"95:48:B7:03:8E:5D:6F:85:3A:55:F7:31:2D:FA:40:43:8D:0B:5D:E0","sha256":"9E:05:4E:86:A8:BC:A4:55:9A:B5:18:26:92:9E:87:E8:80:C8:22:3E:5D:D2:31:FE:5C:18:FD:4F:6B:37:70:16"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: freeflowbrasil.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nlast-modified: Fri, 12 Jun 2026 17:45:38 GMT\r\netag: \"72e4-654120b7714d9-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 7739\r\ncontent-type: text/html\r\ndate: Wed, 17 Jun 2026 15:28:10 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":29412,"size_decoded":8022,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (376)","md5":"d3454e09032f5f3abb099c41c6dc7ba2","sha1":"15f79b90a00f09c889b9645e297b18444c20007a","sha256":"e1a3c774e805f4cae216deaf82ba224142f148fb9e4caea35d7d5c2efb4f93f2","sha512":"8950d03f773ba5fed580e0dd2da51c8aa005d09bb8ef3fae42a1ae470cd127cab347fd6aaf4438838cc7ade6b0829e0c2307b92467a7250c4b382da530de36b5","ssdeep":"384:3dBJxrTUIDQwjrnkmxesh0A1rGT30irhio+OVqPsNO3BRx:vrTUItjrkmosh0A1eEi1r+OsPsNaB/","tlshash":"b5d2b47975f61437029346636bd7eb5a7f65c503c40aca0abaac0741afcac108ca3bdc","first_seen":"2026-06-16T01:30:33.856127Z","last_seen":"2026-06-17T16:59:36.646623Z","times_seen":26,"resource_available":true,"data":null}},"time_used":343,"timings":{"blocked":-1,"dns":237,"connect":21,"send":0,"wait":39,"receive":0,"ssl":46},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"freeflowbrasil.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"freeflowbrasil.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"freeflowbrasil.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"freeflowbrasil.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"freeflowbrasil.shop","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"freeflowbrasil.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"freeflowbrasil.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}}]}