Report - consultasintegra.fazenda.mg.gov.br/sintegra/ctrl/SINTEGRA/SINTEGRA/CONSULTA

Report Overview

Submitted URL
consultasintegra.fazenda.mg.gov.br/sintegra/ctrl/SINTEGRA/SINTEGRA/CONSULTA_707
IP
45.183.222.190
ASN
#269406 Secretaria De Estado De Fazenda De Minas Gerais
Submitted
2022-12-06 19:01:57
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
50

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
dfe-portal.svrs.rs.gov.br	175490	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	11 kB	496 kB	200.233.4.174
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	899 B	1.5 kB	142.250.74.106
ocsp2.globalsign.com	1544	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	357 B	1.9 kB	104.18.21.226
www.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	475 B	164 kB	142.250.74.163
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.162.142.194
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.1 kB	6.3 kB	216.58.211.3
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	72 kB	34.120.237.76
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.76.226
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.5 kB	93.184.220.29
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	376 B	1.2 kB	216.58.207.228
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	66 kB	142.250.74.163
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
consultasintegra.fazenda.mg.gov.br	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	410 B	143 B	45.183.222.190

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-12-06	medium	svrs.rs.gov.br	Sinkholed
2022-12-06	medium	svrs.rs.gov.br	Sinkholed
2022-12-06	medium	svrs.rs.gov.br	Sinkholed
2022-12-06	medium	svrs.rs.gov.br	Sinkholed
2022-12-06	medium	svrs.rs.gov.br	Sinkholed
2022-12-06	medium	svrs.rs.gov.br	Sinkholed
2022-12-06	medium	svrs.rs.gov.br	Sinkholed
2022-12-06	medium	svrs.rs.gov.br	Sinkholed
2022-12-06	medium	svrs.rs.gov.br	Sinkholed
2022-12-06	medium	svrs.rs.gov.br	Sinkholed
2022-12-06	medium	svrs.rs.gov.br	Sinkholed
2022-12-06	medium	svrs.rs.gov.br	Sinkholed
2022-12-06	medium	svrs.rs.gov.br	Sinkholed
2022-12-06	medium	svrs.rs.gov.br	Sinkholed
2022-12-06	medium	svrs.rs.gov.br	Sinkholed
2022-12-06	medium	svrs.rs.gov.br	Sinkholed
2022-12-06	medium	svrs.rs.gov.br	Sinkholed
2022-12-06	medium	svrs.rs.gov.br	Sinkholed
2022-12-06	medium	svrs.rs.gov.br	Sinkholed
2022-12-06	medium	svrs.rs.gov.br	Sinkholed
2022-12-06	medium	svrs.rs.gov.br	Sinkholed
2022-12-06	medium	svrs.rs.gov.br	Sinkholed
2022-12-06	medium	svrs.rs.gov.br	Sinkholed
2022-12-06	medium	svrs.rs.gov.br	Sinkholed
2022-12-06	medium	svrs.rs.gov.br	Sinkholed

JavaScript (22)

	URL	Size	First Seen	Last Seen
	www.google.com/recaptcha/api2/bframe?hl=en&v=Km9gKuG06He-isPsP6saG8cn&k=6LcPrHYUAAAAAFc6TCjw0pq2qDKQ3dzHHlqOh3J9	178 B	2023-03-07	2023-03-13
Pretty URL www.google.com/recaptcha/api2/bframe?hl=en&v=Km9gKuG06He-isPsP6saG8cn&k=6LcPrHYUAAAAAFc6TCjw0pq2qDKQ3dzHHlqOh3J9 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:24 Last Seen2023-03-13 23:12:31 Times Seen1 Hash 99a45c41d8199b4fab953dc76eb670fd 56aa0209ac296ab67fd17c9460f0f095df495d77 2fbd1aa6f06ea476011e86407ba66388067695dc2cc0c8111dd33bc50ec448aa Loading...

	dfe-portal.svrs.rs.gov.br/Scripts/bootstrap.320.min.js	32 kB	2023-03-07	2024-04-19
Pretty URL dfe-portal.svrs.rs.gov.br/Scripts/bootstrap.320.min.js IP 200.233.4.174 ASN #7465 Cia de Processamento de Dados do RGS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:23 Last Seen2024-04-19 12:55:40 Times Seen4124 Hash abda843684d022f3bc22bc83927fe05f 26908395e7a9a4eab607d80aa50a81d65f3017cb 24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LcPrHYUAAAAAFc6TCjw0pq2qDKQ3dzHHlqOh3J9&co=aHR0cHM6Ly9kZmUtcG9ydGFsLnN2cnMucnMuZ292LmJyOjQ0Mw..&hl=en&v=Km9gKuG06He-isPsP6saG8cn&size=normal&cb=s73be4qilswr	36 kB	2023-03-08	2023-03-08
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LcPrHYUAAAAAFc6TCjw0pq2qDKQ3dzHHlqOh3J9&co=aHR0cHM6Ly9kZmUtcG9ydGFsLnN2cnMucnMuZ292LmJyOjQ0Mw..&hl=en&v=Km9gKuG06He-isPsP6saG8cn&size=normal&cb=s73be4qilswr IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:27:32 Last Seen2023-03-08 20:27:32 Times Seen1 Hash 53fe08219936871283f4c52ee9f13c6c 5658112e0f0b27ea1802cf91986328559651298b 1062502212b2fc8c182421c1adf2df23bb942a454aa7058f9f49d476211b5e33 Loading...

	dfe-portal.svrs.rs.gov.br/NFE/CCC	1.4 kB	2023-03-07	2023-03-14
Pretty URL dfe-portal.svrs.rs.gov.br/NFE/CCC IP 200.233.4.174 ASN #7465 Cia de Processamento de Dados do RGS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:23:23 Last Seen2023-03-14 02:32:40 Times Seen1 Hash 3125a03f639765ec8d519dc3f9d40342 1b21d98a50e3fdc44a4431a2df3949c9d792c012 b8c7802ca53601490e0ae8551ec9c5394fcd4a6fc2c5066a0cf55c959513c9f6 Loading...

	dfe-portal.svrs.rs.gov.br/Scripts/master.js	398 B	2023-03-07	2023-12-05
Pretty URL dfe-portal.svrs.rs.gov.br/Scripts/master.js IP 200.233.4.174 ASN #7465 Cia de Processamento de Dados do RGS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:23 Last Seen2023-12-05 15:33:48 Times Seen7 Hash 8a33d4ac1b4fd56156138e51c4d99b25 06b3a1e3becbbeee143fee12c25122e9c6eb0a9d a53822b343e2565537790edd1459620145934ca64bd019e08eded1138f5db07a Loading...

	www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js	409 kB	2023-03-08	2023-03-17
Pretty URL www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js IP 142.250.74.163 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:03 Last Seen2023-03-17 23:14:58 Times Seen1 Hash b2507198388fcc94ca9e94ed4c5561c5 8853fc86f1c616bd20a73e3e24442036fd90fd2f 02c7565a86d6d3a80295b85161d78fc88d8c79a0e314c0c7777570237a365ed0 Loading...

	dfe-portal.svrs.rs.gov.br/NFE/CCC	1.1 kB	2023-03-07	2023-03-14
Pretty URL dfe-portal.svrs.rs.gov.br/NFE/CCC IP 200.233.4.174 ASN #7465 Cia de Processamento de Dados do RGS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:23 Last Seen2023-03-14 02:32:40 Times Seen1 Hash 3c46697751f701e7fefd781eeff2ffe4 9def71c876114936504e05cf3eb77620a0eadb80 86f1c888f88038eaaa831ed3313c3a0d929f17410931b2b1ed90e66218ab445f Loading...

	dfe-portal.svrs.rs.gov.br/NFE/CCC	111 B	2023-03-07	2023-08-22
Pretty URL dfe-portal.svrs.rs.gov.br/NFE/CCC IP 200.233.4.174 ASN #7465 Cia de Processamento de Dados do RGS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:23 Last Seen2023-08-22 16:18:50 Times Seen3 Hash c956d3d73b68cfa9d2223bf9b71b600b 1479a62e503c82872731c54195088d5cd4f70ff8 4e9426f47b3d2caf14cc43de7d240ea0d565d19cfb54a31857108018b6206fc5 Loading...

	dfe-portal.svrs.rs.gov.br/Scripts/datepicker/datepicker.min.js	18 kB	2023-03-07	2023-11-27
Pretty URL dfe-portal.svrs.rs.gov.br/Scripts/datepicker/datepicker.min.js IP 200.233.4.174 ASN #7465 Cia de Processamento de Dados do RGS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:23 Last Seen2023-11-27 09:42:34 Times Seen8 Hash 0bb96afbfa6ca45b1b956a4329a6d3eb 56ca41c596b55d02bc0825dc250915f7c4cb5ac9 51751e1f9d9494e4c61bde44869db0029371e7cef86288dc460bb68dda83e8c2 Loading...

	dfe-portal.svrs.rs.gov.br/Scripts/datepicker/datepicker.pt-BR.js	805 B	2023-03-07	2023-08-22
Pretty URL dfe-portal.svrs.rs.gov.br/Scripts/datepicker/datepicker.pt-BR.js IP 200.233.4.174 ASN #7465 Cia de Processamento de Dados do RGS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:23 Last Seen2023-08-22 16:18:50 Times Seen3 Hash 2ea6fb07ef0fb314a996f47f60d3d4a7 2b0361c28fb151255c974490fef581a9b7be68c3 fa2f4dcd84dfb236884fd1a5178b9ee0ae8885d1ecc859c5ad52fcd099e8bf7d Loading...

	dfe-portal.svrs.rs.gov.br/Scripts/banner-rotativo.js	3.5 kB	2023-03-07	2023-12-05
Pretty URL dfe-portal.svrs.rs.gov.br/Scripts/banner-rotativo.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:23 Last Seen2023-12-05 15:33:48 Times Seen7 Hash a97d9610feb9773f8fe0ba71b67fa0e1 d146cbe630f5d30d8b92b96712d8b6fcae9f6689 2e497db4685bacf9b8de7d5a7deeb85dff23fb40ca85581b6ff2c49d06d1ea1a Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LcPrHYUAAAAAFc6TCjw0pq2qDKQ3dzHHlqOh3J9&co=aHR0cHM6Ly9kZmUtcG9ydGFsLnN2cnMucnMuZ292LmJyOjQ0Mw..&hl=en&v=Km9gKuG06He-isPsP6saG8cn&size=normal&cb=s73be4qilswr	69 B	2023-03-07	2024-04-19
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LcPrHYUAAAAAFc6TCjw0pq2qDKQ3dzHHlqOh3J9&co=aHR0cHM6Ly9kZmUtcG9ydGFsLnN2cnMucnMuZ292LmJyOjQ0Mw..&hl=en&v=Km9gKuG06He-isPsP6saG8cn&size=normal&cb=s73be4qilswr IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-04-19 19:19:39 Times Seen99080 Hash 45ecf7458f42da80ac248ad42d610372 a5b3edf8328769bc754e6e616a957ceed4fdadd7 75867e75b209895995014b43c3d711476e3437481e5fbec91a4da674302558bf Loading...

	dfe-portal.svrs.rs.gov.br/Scripts/bootstrap.min.js	37 kB	2023-03-07	2024-04-15
Pretty URL dfe-portal.svrs.rs.gov.br/Scripts/bootstrap.min.js IP 200.233.4.174 ASN #7465 Cia de Processamento de Dados do RGS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:23 Last Seen2024-04-15 01:14:53 Times Seen120 Hash e47e17c7d6dc2f22796754334f06ef8e 41ebcc61fce73f5a439a4053ade4156a146e98ec 17f848ddb1c769bad8d41c8c80768509dd692550f4da08928dee94de11eaa3aa Loading...

	unknown	0 B	2023-03-07	2024-04-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-19 19:28:13 Times Seen36966043 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.google.com/recaptcha/api.js	850 B	2023-03-08	2023-03-17
Pretty URL www.google.com/recaptcha/api.js IP 216.58.207.228 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:03 Last Seen2023-03-17 23:14:58 Times Seen1 Hash a6d9f11246866ef6247a51ae9116cf53 1ba0ec4e57dd5d3845edb729fea44e6f709c7aca 60eac53947f6a289ca775891e56b3a4a1084cb8763fe2bf4220b759a58761f1d Loading...

	dfe-portal.svrs.rs.gov.br/Scripts/jquery-3.2.1.min.js	87 kB	2023-03-07	2024-04-19
Pretty URL dfe-portal.svrs.rs.gov.br/Scripts/jquery-3.2.1.min.js IP 200.233.4.174 ASN #7465 Cia de Processamento de Dados do RGS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-19 18:58:30 Times Seen61088 Hash c9f5aeeca3ad37bf2aa006139b935f0a 1055018c28ab41087ef9ccefe411606893dabea2 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Loading...

	dfe-portal.svrs.rs.gov.br/Scripts/owl.carousel.js	24 kB	2023-03-07	2024-04-19
Pretty URL dfe-portal.svrs.rs.gov.br/Scripts/owl.carousel.js IP 200.233.4.174 ASN #7465 Cia de Processamento de Dados do RGS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:24 Last Seen2024-04-19 09:11:17 Times Seen1211 Hash 8c52f27fcac36c7667f8fb846e1e94d5 e5862559db659ffd530c91452d668c5e7b3f0f2d 6c1e31700f68d1666de6b0992e89d413434707718bf729a472404029845bdbad Loading...

		Size	First Seen	Last Seen
	#1 Eval - d5d5ec7bc74f9844c4e903b3fc2cf4c3	16 kB	2023-03-08	2023-05-14
Pretty Observations First Seen2023-03-08 20:11:46 Last Seen2023-05-14 04:54:44 Times Seen8 Hash d5d5ec7bc74f9844c4e903b3fc2cf4c3 b979b6f1b379c1baab62232d11b97b8b81d04d7e a6ea689f7d9dad611f9b9128b7a88274629505eea048bdc0bfcf03552fec5d36 Loading...

	#2 Eval - 1d703c047033349b6491aaf4f23b1434	22 B	2023-03-08	2023-05-14
Pretty Observations First Seen2023-03-08 20:11:46 Last Seen2023-05-14 04:54:44 Times Seen9 Hash 1d703c047033349b6491aaf4f23b1434 1ba0b07cc847dff06a3711415664ac26d989c12f 96bc32102142a2b26979b51faca0349f415898ceeba6ca594e7498b337aa0808 Loading...

	#3 Eval - 40e897993bc34139909f84b8edde50ae	22 B	2023-03-08	2023-05-14
Pretty Observations First Seen2023-03-08 20:11:46 Last Seen2023-05-14 04:54:44 Times Seen8 Hash 40e897993bc34139909f84b8edde50ae 5799d143ea010ef9492560599de8933c46f99ab5 1bb4b16c7de163ff866b60976156d8c769e3cd8f2b5bdea3c85e854c986003d6 Loading...

	#4 Eval - 117baf149bb678779e2683e5d5d49c64	62 B	2023-03-08	2023-05-14
Pretty Observations First Seen2023-03-08 20:11:46 Last Seen2023-05-14 04:54:44 Times Seen9 Hash 117baf149bb678779e2683e5d5d49c64 a30fde40b2ed16853375dddcd25e51949ffb28a5 656ddb7093a608f140df5a991c579e27ad31e247a6ded28fa406e948965cf12a Loading...

	#5 Eval - 91fa115a8e9eb31a0396f7004edfd6bb	21 kB	2023-03-08	2023-03-09
Pretty Observations First Seen2023-03-08 20:27:32 Last Seen2023-03-09 05:35:53 Times Seen1 Hash 91fa115a8e9eb31a0396f7004edfd6bb 23a157cb3b3a0a1263b0ac866a01840f84569c73 be1136d2cbeac07362b8b91d0f79f25b4a1e9716b15b06c8f4a7e3e60cd1ae07 Loading...

HTTP Transactions (64)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5ceaca9fd4ad000cb435820812fc69c8
8168397aaf7b572c89a9c83f46c0b65e4ac509f2
9c4e52e7e17158307d752db0bc3d1fbedae4f305cc301fd73b260f73ab796492

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C4E52E7E17158307D752DB0BC3D1FBEDAE4F305CC301FD73B260F73AB796492"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6869
Expires: Tue, 06 Dec 2022 20:56:15 GMT
Date: Tue, 06 Dec 2022 19:01:46 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
f83c5e33ba42e312ee398848bbb711f5
caa1fd23b1fbbe883292ded04404c1cfd861eb09
106d08fba45f1e13f85b4b5abc456594878494238933e54b6a06e21ed8a52bc9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3586
Cache-Control: max-age=145758
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 19:01:46 GMT
Etag: "638f19f6-1d7"
Expires: Thu, 08 Dec 2022 11:31:04 GMT
Last-Modified: Tue, 06 Dec 2022 10:31:18 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 06 Dec 2022 18:18:40 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2586
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a0abf10fb7e96c1c98dacf2f013a68b4
acdd839bce85eadc78a8e821e32e00a958d5c0c8
b85d98f8df05431777d96c767ce4c152302ec3f653cdf6e61c8c3fa9574f3255

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B85D98F8DF05431777D96C767CE4C152302EC3F653CDF6E61C8C3FA9574F3255"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8476
Expires: Tue, 06 Dec 2022 21:23:02 GMT
Date: Tue, 06 Dec 2022 19:01:46 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: B4rwlglaPCh3j5VClGh3B3SQgDEGppwwPjhPYi758t/H+s9DaqqjKMl6GHkSBWgPQJWH0GsnKsI=
x-amz-request-id: 6X3789552BQF0Y16
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 06 Dec 2022 18:47:12 GMT
age: 874
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 19:01:47 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

consultasintegra.fazenda.mg.gov.br/sintegra/ctrl/SINTEGRA/SINTEGRA/CONSULTA_707

45.183.222.190

302 Moved Temporarily

0 B

URL HTTP/1.0
consultasintegra.fazenda.mg.gov.br/sintegra/ctrl/SINTEGRA/SINTEGRA/CONSULTA_707
IP
45.183.222.190:0
ASN
#269406 Secretaria De Estado De Fazenda De Minas Gerais

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sintegra/ctrl/SINTEGRA/SINTEGRA/CONSULTA_707 HTTP/1.1
Host: consultasintegra.fazenda.mg.gov.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.0 302 Moved Temporarily
Location: https://dfe-portal.svrs.rs.gov.br/NFE/CCC
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 06 Dec 2022 18:08:58 GMT
cache-control: public,max-age=3600
age: 3169
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
0f7dcaa590e32cfd1c075255188d5f06
d4bb4954fefdb3b59560b54adf500e806e252e39
195795c2511b31519134f5eb4442d8708918ecaff72f8e821a5473ad7c97c448

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3596
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 19:01:47 GMT
Last-Modified: Tue, 06 Dec 2022 18:01:51 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

35.162.142.194

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.162.142.194:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: WUNt6tMALryiUYKrNSsozQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: RlsUlOeQBVqDSKs/iz0W3MjiN+o=

ocsp2.globalsign.com/gsalphasha2g2

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsalphasha2g2
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1423 bytes)
Hash
aec14ede4ea23018d73e6c34304ccb7f
a7ab5d8c6b4b47e2c892be8f78d5dee4dba18d65
81bbac126857272e6d5877462a884f673482ab3a9666fab86aee6c3162916f25

HTTP Headers

POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 19:01:48 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Sat, 10 Dec 2022 17:25:44 GMT
ETag: "a7ab5d8c6b4b47e2c892be8f78d5dee4dba18d65"
Last-Modified: Tue, 06 Dec 2022 17:25:45 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 775745ad3da2b4fa-OSL

dfe-portal.svrs.rs.gov.br/NFE/CCC

200.233.4.174

200 OK

7.2 kB

URL HTTP/2
dfe-portal.svrs.rs.gov.br/NFE/CCC
IP
200.233.4.174:0
ASN
#7465 Cia de Processamento de Dados do RGS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (357), with CRLF line terminators
Size
7.2 kB (7176 bytes)
Hash
3da4a0133383e0d4a8261e5e663b67fc
5878935da6c9912741767b3d50d04a3fb83f2e29
761a2151ac9daf63ec489994b472a5ce80359ccec1db3e346184bfd2cca40103

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /NFE/CCC HTTP/1.1
Host: dfe-portal.svrs.rs.gov.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
cache-control: private
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-aspnetmvc-version: 5.2
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-frame-options: ALLOW-FROM https://www.sefaz.rs.gov.br/
date: Tue, 06 Dec 2022 19:01:47 GMT
content-length: 7176
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5006b8e985c5838b7fd2f2b558a65bc4
183ff15e0faedf346305fd6fe1c70c9c7a1eef4a
fcbfec9f5fd0e10d44778c1df64d8612281cd39881cdfd0aa8ca30d13655655a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 19:01:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/recaptcha/api.js

216.58.207.228

200 OK

553 B

URL HTTP/2
www.google.com/recaptcha/api.js
IP
216.58.207.228:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (850), with no line terminators
Size
553 B (553 bytes)
Hash
1309ff133720d219cc98090d66a051ed
b96fc5a893e42be16d687d7abdecdb13d348a019
358683c66634ea5ee3021c93111d8621d583880bcbbfadf3ec2ff87a15ea1038

HTTP Headers

GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfe-portal.svrs.rs.gov.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
expires: Tue, 06 Dec 2022 19:01:48 GMT
date: Tue, 06 Dec 2022 19:01:48 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 553
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ee6bfe50f8e4b9c142f971a55496ac26
8c3fd42aaa7fa3ebdedc4f7b0271b8caae166e64
4582e8e1ada92a279cbc5d82904c7fd27b9d4b95bc06c7a8b3c13168978f0b33

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 19:01:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

dfe-portal.svrs.rs.gov.br/Content/font-awesome/css/font-awesome.min.css

200.233.4.174

200 OK

5.4 kB

URL HTTP/2
dfe-portal.svrs.rs.gov.br/Content/font-awesome/css/font-awesome.min.css
IP
200.233.4.174:0
ASN
#7465 Cia de Processamento de Dados do RGS

File type
ASCII text, with very long lines (23577)
Size
5.4 kB (5385 bytes)
Hash
fddedce5f59c32cdc14a3eada7612e63
33075e2f7d6284c5df64dfd500fe67b7daa55a17
b219fc10dc0ab453becca7bdf46920a480a128f534bb1be5fa3c7052c911fe36

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /Content/font-awesome/css/font-awesome.min.css HTTP/1.1
Host: dfe-portal.svrs.rs.gov.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfe-portal.svrs.rs.gov.br/NFE/CCC
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-encoding: gzip
last-modified: Mon, 03 Dec 2018 11:45:49 GMT
accept-ranges: bytes
etag: "80143cbcfd8ad41:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-frame-options: ALLOW-FROM https://www.sefaz.rs.gov.br/
date: Tue, 06 Dec 2022 19:01:47 GMT
content-length: 5385
X-Firefox-Spdy: h2

dfe-portal.svrs.rs.gov.br/Content/css/bootstrap-matriz.min.css

200.233.4.174

200 OK

20 kB

URL HTTP/2
dfe-portal.svrs.rs.gov.br/Content/css/bootstrap-matriz.min.css
IP
200.233.4.174:0
ASN
#7465 Cia de Processamento de Dados do RGS

File type
ASCII text, with very long lines (65536), with no line terminators
Size
20 kB (19678 bytes)
Hash
8fd13856adadb3b4156637f57f98b6e0
036331cef55d9d396f8b1cc347a7607546ef9846
2704ba007571c0b4c72ec4fec2a50c9fbbefe24ffdd479812af29a76132b6c95

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /Content/css/bootstrap-matriz.min.css HTTP/1.1
Host: dfe-portal.svrs.rs.gov.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfe-portal.svrs.rs.gov.br/NFE/CCC
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-encoding: gzip
last-modified: Thu, 21 Feb 2019 12:58:01 GMT
accept-ranges: bytes
etag: "80d25a13e5c9d41:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-frame-options: ALLOW-FROM https://www.sefaz.rs.gov.br/
date: Tue, 06 Dec 2022 19:01:47 GMT
content-length: 19678
X-Firefox-Spdy: h2

dfe-portal.svrs.rs.gov.br/Content/css/bootstrap-override.css

200.233.4.174

200 OK

1.8 kB

URL HTTP/2
dfe-portal.svrs.rs.gov.br/Content/css/bootstrap-override.css
IP
200.233.4.174:0
ASN
#7465 Cia de Processamento de Dados do RGS

File type
Unicode text, UTF-8 text
Size
1.8 kB (1776 bytes)
Hash
373ced030b3a5f3ff1776e71e0c02aea
993b375ec18e31d457e4f51e9c9c0a28fffcd561
3ccd0b75754937ca8a9d69046414da13dfece209be65290f3b45c364e5dbf8dd

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /Content/css/bootstrap-override.css HTTP/1.1
Host: dfe-portal.svrs.rs.gov.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfe-portal.svrs.rs.gov.br/NFE/CCC
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-encoding: gzip
last-modified: Mon, 03 Dec 2018 11:45:47 GMT
accept-ranges: bytes
etag: "80e7abbfd8ad41:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-frame-options: ALLOW-FROM https://www.sefaz.rs.gov.br/
date: Tue, 06 Dec 2022 19:01:47 GMT
content-length: 1776
X-Firefox-Spdy: h2

dfe-portal.svrs.rs.gov.br/Content/css/Nfe.css

200.233.4.174

200 OK

11 kB

URL HTTP/2
dfe-portal.svrs.rs.gov.br/Content/css/Nfe.css
IP
200.233.4.174:0
ASN
#7465 Cia de Processamento de Dados do RGS

File type
Unicode text, UTF-8 (with BOM) text
Size
11 kB (11041 bytes)
Hash
9c9bc83eb1df8051debc51a0d62ba8af
3d94ca4c16d80154aba6d03ce787868df11d4716
85f3f252ecf1016be3501d25200569d1e43abdb3ea682cc2a4fb06220c252cc1

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /Content/css/Nfe.css HTTP/1.1
Host: dfe-portal.svrs.rs.gov.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfe-portal.svrs.rs.gov.br/NFE/CCC
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-encoding: gzip
last-modified: Tue, 21 May 2019 14:03:07 GMT
accept-ranges: bytes
etag: "80df46eaddfd51:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-frame-options: ALLOW-FROM https://www.sefaz.rs.gov.br/
date: Tue, 06 Dec 2022 19:01:47 GMT
content-length: 11041
X-Firefox-Spdy: h2

dfe-portal.svrs.rs.gov.br/Scripts/summernote/summernote-lite.css

200.233.4.174

200 OK

5.5 kB

URL HTTP/2
dfe-portal.svrs.rs.gov.br/Scripts/summernote/summernote-lite.css
IP
200.233.4.174:0
ASN
#7465 Cia de Processamento de Dados do RGS

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (1501), with CRLF line terminators
Size
5.5 kB (5466 bytes)
Hash
0dea68267951180a347ed6d0ac367adb
3fdbe326c157705213b0f9ab008fd09760f0520e
2e6c77fec7f2e82c52f5820941bcf5ebbb08fc30d0065fc3950ed831359146bd

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /Scripts/summernote/summernote-lite.css HTTP/1.1
Host: dfe-portal.svrs.rs.gov.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfe-portal.svrs.rs.gov.br/NFE/CCC
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-encoding: gzip
last-modified: Mon, 26 Nov 2018 11:55:25 GMT
accept-ranges: bytes
etag: "8074aaea7e85d41:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-frame-options: ALLOW-FROM https://www.sefaz.rs.gov.br/
date: Tue, 06 Dec 2022 19:01:47 GMT
content-length: 5466
X-Firefox-Spdy: h2

dfe-portal.svrs.rs.gov.br/Scripts/datepicker/datepicker.min.css

200.233.4.174

200 OK

935 B

URL HTTP/2
dfe-portal.svrs.rs.gov.br/Scripts/datepicker/datepicker.min.css
IP
200.233.4.174:0
ASN
#7465 Cia de Processamento de Dados do RGS

File type
ASCII text, with very long lines (3327)
Size
935 B (935 bytes)
Hash
f22d96c9f47441ffe4376982a29def22
c198d3cf448e8862953cca4d3c9dedd2c70e43f1
daa2191dc4c5ed29dde372f65e2f07805c2e770724c6e4e4f4f01ef0e8964ae6

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /Scripts/datepicker/datepicker.min.css HTTP/1.1
Host: dfe-portal.svrs.rs.gov.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfe-portal.svrs.rs.gov.br/NFE/CCC
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-encoding: gzip
last-modified: Tue, 27 Nov 2018 15:10:34 GMT
accept-ranges: bytes
etag: "0d12f586386d41:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-frame-options: ALLOW-FROM https://www.sefaz.rs.gov.br/
date: Tue, 06 Dec 2022 19:01:47 GMT
content-length: 935
X-Firefox-Spdy: h2

dfe-portal.svrs.rs.gov.br/Content/css/owl.carousel.css

200.233.4.174

200 OK

712 B

URL HTTP/2
dfe-portal.svrs.rs.gov.br/Content/css/owl.carousel.css
IP
200.233.4.174:0
ASN
#7465 Cia de Processamento de Dados do RGS

File type
ASCII text, with CRLF line terminators
Size
712 B (712 bytes)
Hash
ad125d8b6cd15683d7e6aaa028d02fc4
4261883a863c030163d9b504ec982900dfec1f56
4ee70ef3ec4b86a648bdbb586c3d0500c15c50a4acb70474e304264b5d00dce8

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /Content/css/owl.carousel.css HTTP/1.1
Host: dfe-portal.svrs.rs.gov.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfe-portal.svrs.rs.gov.br/NFE/CCC
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-encoding: gzip
last-modified: Mon, 03 Dec 2018 11:45:47 GMT
accept-ranges: bytes
etag: "ced53bbfd8ad41:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-frame-options: ALLOW-FROM https://www.sefaz.rs.gov.br/
date: Tue, 06 Dec 2022 19:01:47 GMT
content-length: 712
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c10bc583c46449dc192a809398b4e814
ff0f7ad905d32d7f3d01e4054552d0ad551503a5
defd2b2559e55c9c6c0f8be9b23c53c4e781a736feae3dd73b4d203b69cfcc57

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 19:01:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c10bc583c46449dc192a809398b4e814
ff0f7ad905d32d7f3d01e4054552d0ad551503a5
defd2b2559e55c9c6c0f8be9b23c53c4e781a736feae3dd73b4d203b69cfcc57

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 19:01:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7280
Expires: Tue, 06 Dec 2022 21:03:09 GMT
Date: Tue, 06 Dec 2022 19:01:49 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7280
Expires: Tue, 06 Dec 2022 21:03:09 GMT
Date: Tue, 06 Dec 2022 19:01:49 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7280
Expires: Tue, 06 Dec 2022 21:03:09 GMT
Date: Tue, 06 Dec 2022 19:01:49 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7280
Expires: Tue, 06 Dec 2022 21:03:09 GMT
Date: Tue, 06 Dec 2022 19:01:49 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7280
Expires: Tue, 06 Dec 2022 21:03:09 GMT
Date: Tue, 06 Dec 2022 19:01:49 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffaf0de04-19bf-4944-9ac5-5178afafb192.jpeg

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffaf0de04-19bf-4944-9ac5-5178afafb192.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11352 bytes)
Hash
7f2c354a00ab51d4a41221b6bf191c10
01ceb7233fe05ad8dff3a0a43eef879ea2b83ec4
7d3c8417e1db0db41ceb8b4bf3f506864392dd1ad29319a06a8a6055f6f2ed12

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffaf0de04-19bf-4944-9ac5-5178afafb192.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11352
x-amzn-requestid: 7c3fc7bb-eb1f-46ec-8e92-b6ffc6261848
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSwuF1ToAMFiIA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64d1-7c53152a279f00595b9886bd;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:25 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aYf5d6wAJlPSXVwF5uQXUb1g_65z-v6tInk7IF64bBV-w31d3MKeIQ==
via: 1.1 b6d577696b14c86cbfeb5b3459f38c50.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:22:23 GMT
age: 74366
etag: "01ceb7233fe05ad8dff3a0a43eef879ea2b83ec4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a1b8c21-bea6-4053-8dea-90393eea45b7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8656 bytes)
Hash
30d72693680b3ac91c0eee4d47a26196
cd923a5a3810bfe86be2eca4b97c739d76756d93
69ca9e172f6b0c5bf158022d533701b89282630deaa0ce7df27ed459c9bfe75e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a1b8c21-bea6-4053-8dea-90393eea45b7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8656
x-amzn-requestid: cfc71f7f-d1c6-47c9-8107-864701dbf3c3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSwkEHmIAMFUnw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64d0-6705510852d26ae24b3e5ea4;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:24 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zTGiKMan3uG3edx5AsFabNE4eG_dmzrIIOFCWcOxYN0UgSCGTNTtxw==
via: 1.1 c9b161639a9353c2354b895548ea9fca.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:22:25 GMT
age: 74364
etag: "cd923a5a3810bfe86be2eca4b97c739d76756d93"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11224 bytes)
Hash
b15136d60fd0a5e0f657a4f5c75d540f
36082b7329d473829178f280cb71a83b1531e486
79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11224
x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUINEwdoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT
x-amz-cf-pop: YVR50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGtiCE9C3j0BUruNaFN2j1mKxCSouLmocmTXpmLMBJaLNyVwkXu1gQ==
via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:23:09 GMT
age: 74320
etag: "36082b7329d473829178f280cb71a83b1531e486"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feff698a5-ffc4-43ea-b7a3-b681cafeb108.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12830 bytes)
Hash
5d72fb8d20c29763234c2817b119d11b
d4924ec714f5157bcb2fddcb5f768188a3dd37dc
e9aa59142e0673ed3f58b36beaca48213c678dbe4655f9c4b64581cb0f6f22f6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feff698a5-ffc4-43ea-b7a3-b681cafeb108.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12830
x-amzn-requestid: 66f5f2fa-8472-4484-bbea-20ece7e98b1f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcsxGDyIAMFX4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e51-146167697890d9312ce3dbac;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:49 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WMeay1i2pxnboCB3Qcwb2ray4tnyEzO89tQrHCfGdI3s9kJsMWvzBw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 04:19:52 GMT
age: 52917
etag: "d4924ec714f5157bcb2fddcb5f768188a3dd37dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70fb9d31-10e5-4323-9fbd-ed451a00e6b1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10594 bytes)
Hash
7e1b54923ba506fde6b21c5bfb51ccc8
366aa3ab0790c496ea51bc08d1f2ff3358530d9e
a993ca6dc9a1f854f4542f9221e4f90060825ea863974b5163a9d3e284dc4663

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70fb9d31-10e5-4323-9fbd-ed451a00e6b1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10594
x-amzn-requestid: eee9f193-eef5-44bf-997a-877fa206749e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSyIHpGoAMF1fw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64da-0a9190f7698dbf2f73bb1575;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: f-KQCOuDl461V8MBPsSOj1ILCU91Q0pCSENaldkMHR2oZdrEUnHeaA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:03:16 GMT
age: 75513
etag: "366aa3ab0790c496ea51bc08d1f2ff3358530d9e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faeae6973-c3cb-4597-8dcc-f36e4cd35fda.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11469 bytes)
Hash
5529617b0748f2d8c82ef99c1ac116a8
a862b74508113ae72b56b9b3de0c75ba559b9032
376a82ae4a5b80f59fb746be79bca569b03a74c345845c7bbf15189964b0bb96

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faeae6973-c3cb-4597-8dcc-f36e4cd35fda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11469
x-amzn-requestid: f60a3f0d-38f7-4f82-bdd5-9e31814ab1d9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSuZGAXIAMFwuA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64c2-5b4b99e779a0aaa71a311a1c;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: El70-nSITf6MuEV19s_OMrwTcWIKO-u4JsghVUSzolero071AVGvjg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:38:28 GMT
age: 77001
etag: "a862b74508113ae72b56b9b3de0c75ba559b9032"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c10bc583c46449dc192a809398b4e814
ff0f7ad905d32d7f3d01e4054552d0ad551503a5
defd2b2559e55c9c6c0f8be9b23c53c4e781a736feae3dd73b4d203b69cfcc57

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 19:01:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

dfe-portal.svrs.rs.gov.br/Scripts/jquery-3.2.1.min.js

200.233.4.174

200 OK

30 kB

URL HTTP/2
dfe-portal.svrs.rs.gov.br/Scripts/jquery-3.2.1.min.js
IP
200.233.4.174:0
ASN
#7465 Cia de Processamento de Dados do RGS

File type
ASCII text, with very long lines (32058)
Size
30 kB (30217 bytes)
Hash
ce0a426ce1e09f068caec06014c96608
66cfa0bfe2b2a177683743a178a1d54d62a72ca5
c9386f78a001dd7c580322eb66dd70b24ca35ebe80b7f513bf0250334036535a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /Scripts/jquery-3.2.1.min.js HTTP/1.1
Host: dfe-portal.svrs.rs.gov.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfe-portal.svrs.rs.gov.br/NFE/CCC
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 08 Nov 2018 13:26:50 GMT
accept-ranges: bytes
etag: "0898bb46677d41:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-frame-options: ALLOW-FROM https://www.sefaz.rs.gov.br/
date: Tue, 06 Dec 2022 19:01:47 GMT
content-length: 30217
X-Firefox-Spdy: h2

dfe-portal.svrs.rs.gov.br/Scripts/bootstrap.min.js

200.233.4.174

200 OK

9.9 kB

URL HTTP/2
dfe-portal.svrs.rs.gov.br/Scripts/bootstrap.min.js
IP
200.233.4.174:0
ASN
#7465 Cia de Processamento de Dados do RGS

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (32033), with CRLF line terminators
Size
9.9 kB (9860 bytes)
Hash
70187de2bc1485f7de7032a366dc7c2a
82b2fb36794511b038f474ed731613daa071b140
eca2e16a10dfd8f432f59937432584a0bb9ce16da3f1e30b40aba8e4d88f944a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /Scripts/bootstrap.min.js HTTP/1.1
Host: dfe-portal.svrs.rs.gov.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfe-portal.svrs.rs.gov.br/NFE/CCC
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 08 Nov 2018 13:26:50 GMT
accept-ranges: bytes
etag: "0898bb46677d41:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-frame-options: ALLOW-FROM https://www.sefaz.rs.gov.br/
date: Tue, 06 Dec 2022 19:01:47 GMT
content-length: 9860
X-Firefox-Spdy: h2

dfe-portal.svrs.rs.gov.br/Scripts/summernote/summernote-lite.js

200.233.4.174

200 OK

54 kB

URL HTTP/2
dfe-portal.svrs.rs.gov.br/Scripts/summernote/summernote-lite.js
IP
200.233.4.174:0
ASN
#7465 Cia de Processamento de Dados do RGS

File type
ASCII text
Size
54 kB (53653 bytes)
Hash
e81e4065b94ce161191a89949a096360
69fc5c6cc85f153a0c4fbec4c95682aab093d060
03324105ff9f100b15233afdf454024e39185eff5a815147c1135d977f3a7690

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /Scripts/summernote/summernote-lite.js HTTP/1.1
Host: dfe-portal.svrs.rs.gov.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfe-portal.svrs.rs.gov.br/NFE/CCC
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 26 Nov 2018 11:55:25 GMT
accept-ranges: bytes
etag: "8074aaea7e85d41:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-frame-options: ALLOW-FROM https://www.sefaz.rs.gov.br/
date: Tue, 06 Dec 2022 19:01:47 GMT
content-length: 53653
X-Firefox-Spdy: h2

dfe-portal.svrs.rs.gov.br/Scripts/datepicker/datepicker.min.js

200.233.4.174

200 OK

5.9 kB

URL HTTP/2
dfe-portal.svrs.rs.gov.br/Scripts/datepicker/datepicker.min.js
IP
200.233.4.174:0
ASN
#7465 Cia de Processamento de Dados do RGS

File type
ASCII text, with very long lines (17816)
Size
5.9 kB (5913 bytes)
Hash
54d0d6085d4c8323f4395f439b3b3825
95f58b36a20f8a159f98736b97cca55c9e51025b
3bfe5a081691efd6afc009c50fae4ff9fc3d62463b17bde5509def4363a93f77

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /Scripts/datepicker/datepicker.min.js HTTP/1.1
Host: dfe-portal.svrs.rs.gov.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfe-portal.svrs.rs.gov.br/NFE/CCC
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Tue, 27 Nov 2018 15:10:34 GMT
accept-ranges: bytes
etag: "0d12f586386d41:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-frame-options: ALLOW-FROM https://www.sefaz.rs.gov.br/
date: Tue, 06 Dec 2022 19:01:48 GMT
content-length: 5913
X-Firefox-Spdy: h2

dfe-portal.svrs.rs.gov.br/Scripts/datepicker/datepicker.pt-BR.js

200.233.4.174

200 OK

583 B

URL HTTP/2
dfe-portal.svrs.rs.gov.br/Scripts/datepicker/datepicker.pt-BR.js
IP
200.233.4.174:0
ASN
#7465 Cia de Processamento de Dados do RGS

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
583 B (583 bytes)
Hash
d0262daf9ae9826f583391cf67b359a3
774a95d7383c8fcde819eb802c28ee306c304d2b
c287017945c540fa9909b295225468d26057a436ad88587e475036b55a903865

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /Scripts/datepicker/datepicker.pt-BR.js HTTP/1.1
Host: dfe-portal.svrs.rs.gov.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfe-portal.svrs.rs.gov.br/NFE/CCC
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Tue, 27 Nov 2018 15:10:34 GMT
accept-ranges: bytes
etag: "fc3378586386d41:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-frame-options: ALLOW-FROM https://www.sefaz.rs.gov.br/
date: Tue, 06 Dec 2022 19:01:48 GMT
content-length: 583
X-Firefox-Spdy: h2

dfe-portal.svrs.rs.gov.br/Content/img/banner-placa-Fate.png

200.233.4.174

200 OK

24 kB

URL HTTP/2
dfe-portal.svrs.rs.gov.br/Content/img/banner-placa-Fate.png
IP
200.233.4.174:0
ASN
#7465 Cia de Processamento de Dados do RGS

File type
PNG image data, 200 x 131, 8-bit/color RGBA, non-interlaced\012- data
Size
24 kB (23527 bytes)
Hash
6d16777a66749c7742f77f7ad6815949
3cdc574e0ff489213a131e111396fcdf30e9d973
13896b7bfaeb1db453c09ee738c4926c2d4a490704c178e92e9ae4317e2709d9

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /Content/img/banner-placa-Fate.png HTTP/1.1
Host: dfe-portal.svrs.rs.gov.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfe-portal.svrs.rs.gov.br/NFE/CCC
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Tue, 19 Feb 2019 13:13:55 GMT
accept-ranges: bytes
etag: "f36675f754c8d41:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-frame-options: ALLOW-FROM https://www.sefaz.rs.gov.br/
date: Tue, 06 Dec 2022 19:01:48 GMT
content-length: 23527
X-Firefox-Spdy: h2

dfe-portal.svrs.rs.gov.br/Scripts/bootstrap.320.min.js

200.233.4.174

200 OK

8.5 kB

URL HTTP/2
dfe-portal.svrs.rs.gov.br/Scripts/bootstrap.320.min.js
IP
200.233.4.174:0
ASN
#7465 Cia de Processamento de Dados do RGS

File type
ASCII text, with very long lines (31650)
Size
8.5 kB (8534 bytes)
Hash
2ab60e353c7bb5b1d8c9ca7a8f90e4d2
b1a39ea074ec63545460164eb005d85d9c60d10e
cdd2517a825ef8265bbd373406d9fcdc83425cf45c6e4970f12ca3dcbe1d965f

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /Scripts/bootstrap.320.min.js HTTP/1.1
Host: dfe-portal.svrs.rs.gov.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfe-portal.svrs.rs.gov.br/NFE/CCC
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 08 Nov 2018 13:26:50 GMT
accept-ranges: bytes
etag: "0898bb46677d41:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-frame-options: ALLOW-FROM https://www.sefaz.rs.gov.br/
date: Tue, 06 Dec 2022 19:01:48 GMT
content-length: 8534
X-Firefox-Spdy: h2

dfe-portal.svrs.rs.gov.br/Scripts/owl.carousel.js

200.233.4.174

200 OK

6.5 kB

URL HTTP/2
dfe-portal.svrs.rs.gov.br/Scripts/owl.carousel.js
IP
200.233.4.174:0
ASN
#7465 Cia de Processamento de Dados do RGS

File type
ASCII text, with very long lines (635), with CRLF line terminators
Size
6.5 kB (6490 bytes)
Hash
977b749199b2940f75aa20465af7a3ea
26ffaf3b91521762749ba48fe19e05826f64de39
92e7cad8d960b8385d19af86acdcc0b854aa6fbfbdba01ba8779034fcdb2901d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /Scripts/owl.carousel.js HTTP/1.1
Host: dfe-portal.svrs.rs.gov.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfe-portal.svrs.rs.gov.br/NFE/CCC
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 08 Nov 2018 13:26:50 GMT
accept-ranges: bytes
etag: "0898bb46677d41:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-frame-options: ALLOW-FROM https://www.sefaz.rs.gov.br/
date: Tue, 06 Dec 2022 19:01:48 GMT
content-length: 6490
X-Firefox-Spdy: h2

dfe-portal.svrs.rs.gov.br/Scripts/master.js

200.233.4.174

200 OK

261 B

URL HTTP/2
dfe-portal.svrs.rs.gov.br/Scripts/master.js
IP
200.233.4.174:0
ASN
#7465 Cia de Processamento de Dados do RGS

File type
ASCII text, with CRLF line terminators
Size
261 B (261 bytes)
Hash
0d3da3f4756616677a9d1440ebdeb5ab
6e31469f287bf0bbc3266e735474bdf7acf81e30
b3374d7ed9fdfc89d0b562387f84de91148975aa5fb5867de3c807f4d4c50ddd

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /Scripts/master.js HTTP/1.1
Host: dfe-portal.svrs.rs.gov.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfe-portal.svrs.rs.gov.br/NFE/CCC
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 08 Nov 2018 13:26:50 GMT
accept-ranges: bytes
etag: "e472e1b46677d41:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-frame-options: ALLOW-FROM https://www.sefaz.rs.gov.br/
date: Tue, 06 Dec 2022 19:01:48 GMT
content-length: 261
X-Firefox-Spdy: h2

dfe-portal.svrs.rs.gov.br/Content/css/print.css

200.233.4.174

200 OK

1.0 kB

URL HTTP/2
dfe-portal.svrs.rs.gov.br/Content/css/print.css
IP
200.233.4.174:0
ASN
#7465 Cia de Processamento de Dados do RGS

File type
CSV text\012- , Unicode text, UTF-8 text, with CRLF line terminators
Size
1.0 kB (1023 bytes)
Hash
caaab1d04b9635ad5499d33c1b28e111
6a835805f22e31f153293b905c02859b99cda025
19ec1a9feea658096a7acffabfd7491cd3a6d08a8ac580be36b7732e76f56a74

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /Content/css/print.css HTTP/1.1
Host: dfe-portal.svrs.rs.gov.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfe-portal.svrs.rs.gov.br/NFE/CCC
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-encoding: gzip
last-modified: Mon, 03 Dec 2018 11:45:47 GMT
accept-ranges: bytes
etag: "954a52bbfd8ad41:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-frame-options: ALLOW-FROM https://www.sefaz.rs.gov.br/
date: Tue, 06 Dec 2022 19:01:48 GMT
content-length: 1023
X-Firefox-Spdy: h2

dfe-portal.svrs.rs.gov.br/Content/css/contraste.css

200.233.4.174

200 OK

4.4 kB

URL HTTP/2
dfe-portal.svrs.rs.gov.br/Content/css/contraste.css
IP
200.233.4.174:0
ASN
#7465 Cia de Processamento de Dados do RGS

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
4.4 kB (4403 bytes)
Hash
e6c3711dc8c5cff190547e223a886ac1
e2f572645fd3a810f29a9a47bbd71e76889c482d
e0ff75324543bc7c41a62087367674f88f892bfb65c01ac5f2b4c83c91a03aa4

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /Content/css/contraste.css HTTP/1.1
Host: dfe-portal.svrs.rs.gov.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfe-portal.svrs.rs.gov.br/NFE/CCC
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-encoding: gzip
last-modified: Mon, 03 Dec 2018 11:45:47 GMT
accept-ranges: bytes
etag: "80e7abbfd8ad41:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-frame-options: ALLOW-FROM https://www.sefaz.rs.gov.br/
date: Tue, 06 Dec 2022 19:01:48 GMT
content-length: 4403
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e24f2da4ed2e3cd07b0999a67550d634
6e2277e734fd0015849c3554dd2cf2ae289c2cf2
74dc14d7d9ba8bba4a162680e59801af1d7c2995639df51f32ff2f3d4d0b0051

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 19:01:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e24f2da4ed2e3cd07b0999a67550d634
6e2277e734fd0015849c3554dd2cf2ae289c2cf2
74dc14d7d9ba8bba4a162680e59801af1d7c2995639df51f32ff2f3d4d0b0051

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 19:01:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.163

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dfe-portal.svrs.rs.gov.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:34:08 GMT
expires: Thu, 30 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 516461
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e24f2da4ed2e3cd07b0999a67550d634
6e2277e734fd0015849c3554dd2cf2ae289c2cf2
74dc14d7d9ba8bba4a162680e59801af1d7c2995639df51f32ff2f3d4d0b0051

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 19:01:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

142.250.74.163

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dfe-portal.svrs.rs.gov.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 14:07:32 GMT
expires: Thu, 30 Nov 2023 14:07:32 GMT
cache-control: public, max-age=31536000
age: 536057
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

142.250.74.163

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15700, version 1.0\012- data
Size
16 kB (15700 bytes)
Hash
3d7f7413fca69bff4d231ebdc50aaab0
cb18e7943b6a8a0e3672d7242197c19a226b92e8
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36

HTTP Headers

GET /s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dfe-portal.svrs.rs.gov.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15700
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 18:51:51 GMT
expires: Thu, 30 Nov 2023 18:51:51 GMT
cache-control: public, max-age=31536000
age: 518998
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e24f2da4ed2e3cd07b0999a67550d634
6e2277e734fd0015849c3554dd2cf2ae289c2cf2
74dc14d7d9ba8bba4a162680e59801af1d7c2995639df51f32ff2f3d4d0b0051

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 19:01:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

dfe-portal.svrs.rs.gov.br/Content/img/logos/logoNFE.png

200.233.4.174

200 OK

194 kB

URL HTTP/2
dfe-portal.svrs.rs.gov.br/Content/img/logos/logoNFE.png
IP
200.233.4.174:0
ASN
#7465 Cia de Processamento de Dados do RGS

File type
PNG image data, 1500 x 1155, 8-bit/color RGBA, non-interlaced\012- data
Size
194 kB (194238 bytes)
Hash
55ab48706970402f7daf43333f4f64a9
6807e85db589b7f402a639f969ea7a96b63224e8
d6a64f0626d76c08d9541585ea072d5d96dceaf05762e7c82b8aec3b28e0bac5

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /Content/img/logos/logoNFE.png HTTP/1.1
Host: dfe-portal.svrs.rs.gov.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfe-portal.svrs.rs.gov.br/Content/css/Nfe.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Mon, 03 Dec 2018 11:45:50 GMT
accept-ranges: bytes
etag: "9950abdfd8ad41:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-frame-options: ALLOW-FROM https://www.sefaz.rs.gov.br/
date: Tue, 06 Dec 2022 19:01:48 GMT
content-length: 194238
X-Firefox-Spdy: h2

dfe-portal.svrs.rs.gov.br/Content/img/logos/logo_Receita_branco.png

200.233.4.174

200 OK

13 kB

URL HTTP/2
dfe-portal.svrs.rs.gov.br/Content/img/logos/logo_Receita_branco.png
IP
200.233.4.174:0
ASN
#7465 Cia de Processamento de Dados do RGS

File type
PNG image data, 567 x 567, 8-bit/color RGBA, interlaced\012- data
Size
13 kB (13187 bytes)
Hash
e6837fdfc68765104e2d2e8ffd9e8b68
209137a712ad1549eaa5219a8b54fd491c5ec8e5
dfab09575c2adb94f921044877ae6e2e57c6b594cd4bab98594e43e7f03fb555

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /Content/img/logos/logo_Receita_branco.png HTTP/1.1
Host: dfe-portal.svrs.rs.gov.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfe-portal.svrs.rs.gov.br/NFE/CCC
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Mon, 03 Dec 2018 11:45:50 GMT
accept-ranges: bytes
etag: "9210fbbcfd8ad41:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-frame-options: ALLOW-FROM https://www.sefaz.rs.gov.br/
date: Tue, 06 Dec 2022 19:01:48 GMT
content-length: 13187
X-Firefox-Spdy: h2

dfe-portal.svrs.rs.gov.br/Content/img/logos/logo_Procergs.png

200.233.4.174

200 OK

2.0 kB

URL HTTP/2
dfe-portal.svrs.rs.gov.br/Content/img/logos/logo_Procergs.png
IP
200.233.4.174:0
ASN
#7465 Cia de Processamento de Dados do RGS

File type
PNG image data, 101 x 28, 8-bit/color RGBA, non-interlaced\012- data
Size
2.0 kB (1966 bytes)
Hash
85a08c752b765b6b34f4214ad6332a1f
ffb61086ad34a0fb4b58b6d313224178b1c35ba7
405be546a61de647781103a7dd5011b316456b3c32cb84baf588eb65735aa3f0

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /Content/img/logos/logo_Procergs.png HTTP/1.1
Host: dfe-portal.svrs.rs.gov.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfe-portal.svrs.rs.gov.br/NFE/CCC
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Mon, 03 Dec 2018 11:45:50 GMT
accept-ranges: bytes
etag: "8719f7bcfd8ad41:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-frame-options: ALLOW-FROM https://www.sefaz.rs.gov.br/
date: Tue, 06 Dec 2022 19:01:48 GMT
content-length: 1966
X-Firefox-Spdy: h2

dfe-portal.svrs.rs.gov.br/Content/font-awesome/fonts/fontawesome-webfont.woff2?v=4.3.0

200.233.4.174

200 OK

57 kB

URL HTTP/2
dfe-portal.svrs.rs.gov.br/Content/font-awesome/fonts/fontawesome-webfont.woff2?v=4.3.0
IP
200.233.4.174:0
ASN
#7465 Cia de Processamento de Dados do RGS

File type
Web Open Font Format (Version 2), TrueType, length 56780, version 4.197\012- data
Size
57 kB (56780 bytes)
Hash
97493d3f11c0a3bd5cbd959f5d19b699
1075231650f579955905bb2f6527148a8e2b4b16
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /Content/font-awesome/fonts/fontawesome-webfont.woff2?v=4.3.0 HTTP/1.1
Host: dfe-portal.svrs.rs.gov.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://dfe-portal.svrs.rs.gov.br/Content/font-awesome/css/font-awesome.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/font-woff2
last-modified: Mon, 03 Dec 2018 11:45:49 GMT
accept-ranges: bytes
etag: "1a74c2bcfd8ad41:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-frame-options: ALLOW-FROM https://www.sefaz.rs.gov.br/
date: Tue, 06 Dec 2022 19:01:48 GMT
content-length: 56780
X-Firefox-Spdy: h2

dfe-portal.svrs.rs.gov.br/Content/fonts/glyphicons-halflings-regular.woff

200.233.4.174

200 OK

23 kB

URL HTTP/2
dfe-portal.svrs.rs.gov.br/Content/fonts/glyphicons-halflings-regular.woff
IP
200.233.4.174:0
ASN
#7465 Cia de Processamento de Dados do RGS

File type
Web Open Font Format, TrueType, length 23424, version 1.0\012- data
Size
23 kB (23424 bytes)
Hash
fa2772327f55d8198301fdb8bcfc8158
278e49a86e634da6f2a02f3b47dd9d2a8f26210f
a26394f7ede100ca118eff2eda08596275a9839b959c226e15439557a5a80742

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /Content/fonts/glyphicons-halflings-regular.woff HTTP/1.1
Host: dfe-portal.svrs.rs.gov.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://dfe-portal.svrs.rs.gov.br/Content/css/bootstrap-matriz.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: font/x-woff
last-modified: Mon, 03 Dec 2018 11:45:50 GMT
accept-ranges: bytes
etag: "8aee9bcfd8ad41:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-frame-options: ALLOW-FROM https://www.sefaz.rs.gov.br/
date: Tue, 06 Dec 2022 19:01:48 GMT
content-length: 23424
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js

142.250.74.163

200 OK

163 kB

URL HTTP/2
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (730)
Size
163 kB (162976 bytes)
Hash
79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6

HTTP Headers

GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfe-portal.svrs.rs.gov.br
Connection: keep-alive
Referer: https://dfe-portal.svrs.rs.gov.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 17:40:10 GMT
expires: Wed, 06 Dec 2023 17:40:10 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 4899
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

dfe-portal.svrs.rs.gov.br/Content/img/favicon.ico

200.233.4.174

200 OK

1.2 kB

URL HTTP/2
dfe-portal.svrs.rs.gov.br/Content/img/favicon.ico
IP
200.233.4.174:0
ASN
#7465 Cia de Processamento de Dados do RGS

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
1.2 kB (1150 bytes)
Hash
be9301abbe70c205775ddb5932436ec3
4fdbc629f60c30bad2654100cb264eaa8b9e845b
631cd1cd568fbe1c68970b76e5ad0807e4616731c5a6182575154645140d5f06

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /Content/img/favicon.ico HTTP/1.1
Host: dfe-portal.svrs.rs.gov.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfe-portal.svrs.rs.gov.br/NFE/CCC
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/x-icon
last-modified: Mon, 03 Dec 2018 11:45:50 GMT
accept-ranges: bytes
etag: "a2c7efbcfd8ad41:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-frame-options: ALLOW-FROM https://www.sefaz.rs.gov.br/
date: Tue, 06 Dec 2022 19:01:49 GMT
content-length: 1150
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.163

200 OK

15 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Dec 2022 12:31:58 GMT
expires: Sun, 03 Dec 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 282592
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:100,300,500,500italic,400italic,300italic,400|Roboto+Condensed:400,300,400italic,300italic

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Roboto:100,300,500,500italic,400italic,300italic,400|Roboto+Condensed:400,300,400italic,300italic
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Roboto:100,300,500,500italic,400italic,300italic,400|Roboto+Condensed:400,300,400italic,300italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfe-portal.svrs.rs.gov.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Dec 2022 19:01:49 GMT
date: Tue, 06 Dec 2022 19:01:49 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Merriweather:400,300

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Merriweather:400,300
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Merriweather:400,300 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfe-portal.svrs.rs.gov.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Dec 2022 19:01:49 GMT
date: Tue, 06 Dec 2022 19:01:49 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (22)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations