Report - www.cluberesgatedepontos.com/cartoes/VewuO/security.php?token=czyV13CJpeksStMEEPGUEGuRMqFxAJHre5bk87byzFKVkTSGddYQNKrPwqrxEjeN3aapJuzTkkV3V5qqiCsOTxbbp4UyPW89p5KpdTHjCadPa9IVj0GHfWB5WWvVNwCaUDfyMasDAlFjbi7aASfRMP

Report Overview

Submitted URL
www.cluberesgatedepontos.com/cartoes/VewuO/security.php?token=czyV13CJpeksStMEEPGUEGuRMqFxAJHre5bk87byzFKVkTSGddYQNKrPwqrxEjeN3aapJuzTkkV3V5qqiCsOTxbbp4UyPW89p5KpdTHjCadPa9IVj0GHfWB5WWvVNwCaUDfyMasDAlFjbi7aASfRMP
IP
188.114.96.1
ASN
#13335 CLOUDFLARENET
Submitted
2023-06-02 12:13:45
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
38

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
tracking-protection.cdn.mozilla.net	9282	1998-01-31	2015-09-17	2023-06-02	1.6 kB	1.9 MB	34.120.158.37
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2023-06-02	446 B	28 kB	104.17.24.14
www.cluberesgatedepontos.com	unknown	2023-03-17	2023-04-02	2023-06-02	12 kB	204 kB	188.114.97.1
ocsp.pki.goog	175	2016-06-13	2018-07-01	2023-06-02	666 B	1.4 kB	142.250.74.131
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2023-06-02	445 B	31 kB	142.250.74.138

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-06-01	medium	www.cluberesgatedepontos.com/cartoes/VewuO/security.php?token=czyV13CJpeksStMEEPGUEGuRMqFxAJHre5bk87byzFKVkTSGddYQNKrPwqrxEjeN3aapJuzTkkV3V5qqiCsOTxbbp4UyPW89p5KpdTHjCadPa9IVj0GHfWB5WWvVNwCaUDfyMasDAlFjbi7aASfRMP

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator
2023-06-02	medium	cluberesgatedepontos.com
2023-06-02	medium	cluberesgatedepontos.com
2023-06-02	medium	cluberesgatedepontos.com
2023-06-02	medium	cluberesgatedepontos.com
2023-06-02	medium	cluberesgatedepontos.com
2023-06-02	medium	cluberesgatedepontos.com
2023-06-02	medium	cluberesgatedepontos.com
2023-06-02	medium	cluberesgatedepontos.com
2023-06-02	medium	cluberesgatedepontos.com
2023-06-02	medium	cluberesgatedepontos.com
2023-06-02	medium	cluberesgatedepontos.com
2023-06-02	medium	cluberesgatedepontos.com
2023-06-02	medium	cluberesgatedepontos.com
2023-06-02	medium	cluberesgatedepontos.com
2023-06-02	medium	cluberesgatedepontos.com
2023-06-02	medium	cluberesgatedepontos.com
2023-06-02	medium	cluberesgatedepontos.com
2023-06-02	medium	cluberesgatedepontos.com

ThreatFox

No alerts detected

JavaScript (8)

	URL	Size	First Seen	Last Seen
	www.cluberesgatedepontos.com/assets/js/jquery.mask.min.js	4.9 kB	2023-03-07	2024-04-20
Pretty URL www.cluberesgatedepontos.com/assets/js/jquery.mask.min.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:44 Last Seen2024-04-20 07:50:38 Times Seen157 Hash ff2c0f430a03e97e4d6fb35d630defe7 ec08e975b75242bd065a1a568da36858a79ccb87 f830833b6661d5fb63e23d3d245e91edc7c52aa547ca19eca7c91c7570483975 Loading...

	unknown	100 B	2023-05-17	2023-06-02
Pretty Introduced by domTimer Embedded in HTML false Observations First Seen2023-05-17 16:40:27 Last Seen2023-06-02 14:13:45 Times Seen4 Hash f6fe6a747f33501e629b0388640dfc2f 34f1f935ab3180edbb434ba52c0d3330bcddb91d 8e3b0afc69465f4808cd1f33898edaf89327ce5cb5b3639235149a765a97e0fc Loading...

	ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js	84 kB	2023-03-07	2024-04-19
Pretty URL ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js IP 142.250.74.138 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-19 20:01:31 Times Seen14019 Hash 32015dd42e9582a80a84736f5d9a44d7 41b4bfbaa96be6d1440db6e78004ade1c134e276 8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3 Loading...

	www.cluberesgatedepontos.com/cartoes/VewuO/security.php?token=czyV13CJpeksStMEEPGUEGuRMqFxAJHre5bk87byzFKVkTSGddYQNKrPwqrxEjeN3aapJuzTkkV3V5qqiCsOTxbbp4UyPW89p5KpdTHjCadPa9IVj0GHfWB5WWvVNwCaUDfyMasDAlFjbi7aASfRMP	0 B	2023-03-07	2024-04-20
Pretty URL www.cluberesgatedepontos.com/cartoes/VewuO/security.php?token=czyV13CJpeksStMEEPGUEGuRMqFxAJHre5bk87byzFKVkTSGddYQNKrPwqrxEjeN3aapJuzTkkV3V5qqiCsOTxbbp4UyPW89p5KpdTHjCadPa9IVj0GHfWB5WWvVNwCaUDfyMasDAlFjbi7aASfRMP IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-20 08:05:16 Times Seen36970523 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.cluberesgatedepontos.com/assets/js/mkscript.js	9.0 kB	2023-03-25	2023-06-02
Pretty URL www.cluberesgatedepontos.com/assets/js/mkscript.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-25 22:45:30 Last Seen2023-06-02 14:14:05 Times Seen17 Hash 22ebb71c2969f472ab951541f96524ca b4227ffb7f9422cb8acccd2e1a3cea0a19ec18ea 0b8e55253e0f3fa76bd7c634e4409965d6b13735abddf41ccde4cbe4c96ae218 Loading...

	www.cluberesgatedepontos.com/assets/js/base.js	886 B	2023-03-25	2023-06-02
Pretty URL www.cluberesgatedepontos.com/assets/js/base.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-25 22:45:30 Last Seen2023-06-02 14:14:05 Times Seen17 Hash a3a3cb13f03cc1d582622d0888b279d1 23f5c459552493f29cca1f99d6406b4a958fbaaa 8b614a4c8005d2f74b623f3573921aa68451b98468c5bf6dbd62301e1ee85055 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js	87 kB	2023-03-07	2024-04-20
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-20 07:45:15 Times Seen105382 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	www.cluberesgatedepontos.com/assets/js/jquery-3.2.1.min.js	87 kB	2023-03-07	2024-04-20
Pretty URL www.cluberesgatedepontos.com/assets/js/jquery-3.2.1.min.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-20 07:50:38 Times Seen61272 Hash c9f5aeeca3ad37bf2aa006139b935f0a 1055018c28ab41087ef9ccefe411606893dabea2 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Loading...

HTTP Transactions (26)

URL IP Response Size

cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

104.17.24.14

200 OK

27 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cluberesgatedepontos.com/cartoes/VewuO/security.php?token=czyV13CJpeksStMEEPGUEGuRMqFxAJHre5bk87byzFKVkTSGddYQNKrPwqrxEjeN3aapJuzTkkV3V5qqiCsOTxbbp4UyPW89p5KpdTHjCadPa9IVj0GHfWB5WWvVNwCaUDfyMasDAlFjbi7aASfRMP
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT

File type
ASCII text, with very long lines (65451)
Size
27 kB (27433 bytes)
Hash
a09e13ee94d51c524b7e2a728c7d4039
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

HTTP Headers

GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cluberesgatedepontos.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 02 Jun 2023 12:13:28 GMT
content-type: application/javascript; charset=utf-8
content-length: 27433
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-1538f"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 676369
expires: Wed, 22 May 2024 12:13:28 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kuOxmwZMvmDfRanTKGqolugoBriJxfaRmEHOC%2FIxrq4n7IlkSdMsBfkIOR3dOKU9i5tBNDJl4Q7x6OYqRXUWyGqEJw%2FvmVZBuSPQ9yyziptg6IAxwQNJ02OVTfyCSxLAnq9tFiZn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7d0f9c4b6f8e0b55-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.cluberesgatedepontos.com/cartoes/VewuO/security.php?token=czyV13CJpeksStMEEPGUEGuRMqFxAJHre5bk87byzFKVkTSGddYQNKrPwqrxEjeN3aapJuzTkkV3V5qqiCsOTxbbp4UyPW89p5KpdTHjCadPa9IVj0GHfWB5WWvVNwCaUDfyMasDAlFjbi7aASfRMP

188.114.97.1

3.7 kB

URL
www.cluberesgatedepontos.com/cartoes/VewuO/security.php?token=czyV13CJpeksStMEEPGUEGuRMqFxAJHre5bk87byzFKVkTSGddYQNKrPwqrxEjeN3aapJuzTkkV3V5qqiCsOTxbbp4UyPW89p5KpdTHjCadPa9IVj0GHfWB5WWvVNwCaUDfyMasDAlFjbi7aASfRMP
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (305), with CRLF line terminators
Size
3.7 kB (3737 bytes)
Hash
817269710e5554bd95581ec3f22045dc
77696521b32030617253bda6940c4bd7feb28c96
291fa64f9a141d96a5be39118aca1070cf68af249b7759f75f4b15a44ab83685

Detections

Analyzer	Verdict	Alert
openphish	Itau Unibanco S.A
quad9	Sinkholed

HTTP Headers

GET /cartoes/VewuO/security.php?token=czyV13CJpeksStMEEPGUEGuRMqFxAJHre5bk87byzFKVkTSGddYQNKrPwqrxEjeN3aapJuzTkkV3V5qqiCsOTxbbp4UyPW89p5KpdTHjCadPa9IVj0GHfWB5WWvVNwCaUDfyMasDAlFjbi7aASfRMP HTTP/1.1
Host: www.cluberesgatedepontos.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 02 Jun 2023 12:13:27 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZAHg5BNyZ3q6f169LFDRyZX%2BPf4yQtYy%2FYYCamZsgLA1sql%2Bk5uP8Kb9Za6IFrbhKUXOFHxVI5HycUxdvbS2g9mImhmkBYHdmCc18C%2BzdamSRpqYUCCfin7hrLNWLlyLZBiS3XKnZgHN24zzc%2Fp4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d0f9c46083fb529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
02593b51cd737e1085e5837a9a47c755
aab410449655b9fddf070f3e25a1a8e5aee59530
0ea607d017e63bf06a742560b582d99802dc477bba715d9890e1d51663e50d99

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Jun 2023 12:13:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js

142.250.74.138

30 kB

URL
ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js
IP
142.250.74.138:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (32180)
Size
30 kB (29707 bytes)
Hash
32015dd42e9582a80a84736f5d9a44d7
41b4bfbaa96be6d1440db6e78004ade1c134e276
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3

HTTP Headers

GET /ajax/libs/jquery/2.1.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cluberesgatedepontos.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29707
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Jun 2023 10:56:24 GMT
expires: Sat, 01 Jun 2024 10:56:24 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 4624
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.cluberesgatedepontos.com/assets/css/bootstrap.css

188.114.97.1

200 OK

83 kB

URL GET HTTP/3
www.cluberesgatedepontos.com/assets/css/bootstrap.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cluberesgatedepontos.com/cartoes/VewuO/security.php?token=czyV13CJpeksStMEEPGUEGuRMqFxAJHre5bk87byzFKVkTSGddYQNKrPwqrxEjeN3aapJuzTkkV3V5qqiCsOTxbbp4UyPW89p5KpdTHjCadPa9IVj0GHfWB5WWvVNwCaUDfyMasDAlFjbi7aASfRMP
Certificate
IssuerGoogle Trust Services LLC
Subjectcluberesgatedepontos.com
Fingerprint35:91:6A:3D:C9:9E:86:88:FE:5A:42:1B:DC:61:0C:BD:E0:11:E7:81
ValidityMon, 15 May 2023 16:24:46 GMT - Sun, 13 Aug 2023 16:24:45 GMT

File type
ASCII text, with very long lines (570)
Size
83 kB (82889 bytes)
Hash
bd551f56ce2be3eba2812e605ab4f5b2
94d6450720dd8deb413760cc9184204b46802e9c
35fbb6dc3891aacaf1ffa07abec2344fdbc454aab533a2a03bcf93577eb7837b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/css/bootstrap.css HTTP/1.1
Host: www.cluberesgatedepontos.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cluberesgatedepontos.com/cartoes/VewuO/security.php?token=czyV13CJpeksStMEEPGUEGuRMqFxAJHre5bk87byzFKVkTSGddYQNKrPwqrxEjeN3aapJuzTkkV3V5qqiCsOTxbbp4UyPW89p5KpdTHjCadPa9IVj0GHfWB5WWvVNwCaUDfyMasDAlFjbi7aASfRMP
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 02 Jun 2023 12:13:28 GMT
content-type: text/css
last-modified: Wed, 14 Dec 2022 16:51:01 GMT
etag: W/"2ef5c-5efcc8a95e740-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 23
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3GythCFNuaoDaan1Zmq5YhHZb5Xbz5XtvnSJGz9KYX8lzcjcDEYAHLg%2BfKdNK3kYjZ%2BSExu1%2FWcEfX2qESRQDWopQAiMoh38lfQAIJvuzznbNHQ%2Bc2OLzYk55ecRFXfGRpgs8O%2FOJvohYdPP71O9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d0f9c4b2dad0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
02593b51cd737e1085e5837a9a47c755
aab410449655b9fddf070f3e25a1a8e5aee59530
0ea607d017e63bf06a742560b582d99802dc477bba715d9890e1d51663e50d99

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Jun 2023 12:13:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

tracking-protection.cdn.mozilla.net/analytics-track-digest256/1683905755

34.120.158.37

10 kB

URL
tracking-protection.cdn.mozilla.net/analytics-track-digest256/1683905755
IP
34.120.158.37:0
ASN
#15169 GOOGLE

File type
data
Size
10 kB (10486 bytes)
Hash
feffee93ee53bd6b02687bb9d9a11425
f9fab28225d6eb2ed2e72ce675d5d5b624383658
3b09c3bc75d40a2dc370d7a9e88433d74de203f31056900b995b497950f2d672

HTTP Headers

GET /analytics-track-digest256/1683905755 HTTP/1.1
Host: tracking-protection.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-amz-id-2: qTXmqRGGh7kr1FVOwBOqMOraFSI1ymXRD8APvj5f0PRrV1DHG0XNX5YIl8nxIlKQc0A9NCssPSIuHKEeZIs/fw==
x-amz-request-id: NECEESR4B36MFTGP
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
content-length: 10486
via: 1.1 google
date: Thu, 01 Jun 2023 15:36:45 GMT
age: 74203
last-modified: Fri, 12 May 2023 15:36:10 GMT
etag: "feffee93ee53bd6b02687bb9d9a11425"
content-type: application/octet-stream
cache-control: public,max-age=86400
alt-svc: clear
X-Firefox-Spdy: h2

tracking-protection.cdn.mozilla.net/content-track-digest256/1683905755

34.120.158.37

15 kB

URL
tracking-protection.cdn.mozilla.net/content-track-digest256/1683905755
IP
34.120.158.37:0
ASN
#15169 GOOGLE

File type
data
Size
15 kB (15350 bytes)
Hash
adff9f8518019ddb5b72e09fa471bd56
2a5cf28dcda107605da2bb4f6e56a07e514a927f
900f414ea63bb7f4e5a33041d77112c309aa8dfebd93681895c596d948ed12bf

HTTP Headers

GET /content-track-digest256/1683905755 HTTP/1.1
Host: tracking-protection.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-amz-id-2: BN0QpV2f4XJMCyRDt6Ltxv15+iqc4go7+Ci5riFPddAcFd0t0LtLk2RRweDoTjWvIFbXOBZ5UTw=
x-amz-request-id: HK17DRNEANCHNYH8
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
content-length: 15350
via: 1.1 google
date: Thu, 01 Jun 2023 15:37:06 GMT
age: 74182
last-modified: Fri, 12 May 2023 15:36:06 GMT
etag: "adff9f8518019ddb5b72e09fa471bd56"
content-type: application/octet-stream
cache-control: public,max-age=86400
alt-svc: clear
X-Firefox-Spdy: h2

tracking-protection.cdn.mozilla.net/google-trackwhite-digest256/1683905755

34.120.158.37

1.5 MB

URL
tracking-protection.cdn.mozilla.net/google-trackwhite-digest256/1683905755
IP
34.120.158.37:0
ASN
#15169 GOOGLE

File type
data
Size
1.5 MB (1476920 bytes)
Hash
501d3f65be5457b0986a2f0b880e88f2
0df631bbe10a12e255c8d323fed084f51ffb842d
e3acbced9ab46ff7a41311445b2bd1f6f70f8716d35131670528417d2c9a6627

HTTP Headers

GET /google-trackwhite-digest256/1683905755 HTTP/1.1
Host: tracking-protection.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-amz-id-2: VSzrHGMkCVNgkzJqQ38pWJdSy0EtAzjkXXunZzlmNpHhxIbfET1AJxRfMKU+mxnUFUlsm6dBUW56Et2k3Sukmw5V5ntMuF+w/aVcjmWSZ4c=
x-amz-request-id: 5CYYYK0BWVG65THV
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
via: 1.1 google
date: Thu, 01 Jun 2023 15:36:59 GMT
age: 74189
last-modified: Fri, 12 May 2023 15:36:17 GMT
etag: "501d3f65be5457b0986a2f0b880e88f2"
content-type: application/octet-stream
content-length: 1476920
cache-control: public,max-age=86400
alt-svc: clear
X-Firefox-Spdy: h2

www.cluberesgatedepontos.com/assets/img/mktopoinfo.png

188.114.97.1

200 OK

3.4 kB

URL GET HTTP/3
www.cluberesgatedepontos.com/assets/img/mktopoinfo.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cluberesgatedepontos.com/cartoes/VewuO/security.php?token=czyV13CJpeksStMEEPGUEGuRMqFxAJHre5bk87byzFKVkTSGddYQNKrPwqrxEjeN3aapJuzTkkV3V5qqiCsOTxbbp4UyPW89p5KpdTHjCadPa9IVj0GHfWB5WWvVNwCaUDfyMasDAlFjbi7aASfRMP
Certificate
IssuerGoogle Trust Services LLC
Subjectcluberesgatedepontos.com
Fingerprint35:91:6A:3D:C9:9E:86:88:FE:5A:42:1B:DC:61:0C:BD:E0:11:E7:81
ValidityMon, 15 May 2023 16:24:46 GMT - Sun, 13 Aug 2023 16:24:45 GMT

File type
PNG image data, 719 x 111, 8-bit/color RGBA, non-interlaced\012- data
Size
3.4 kB (3390 bytes)
Hash
d8812ed7df46847ffbcdd907666fb5ce
aad61745df7020cc8acf6ab397948397a2f363f3
c126d61dca5ec1947fcb802a5fd2b3586224a11b1316100031c693a0bb87d4a4

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/img/mktopoinfo.png HTTP/1.1
Host: www.cluberesgatedepontos.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cluberesgatedepontos.com/assets/css/estilo.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 02 Jun 2023 12:13:28 GMT
content-type: image/png
content-length: 3390
last-modified: Wed, 14 Dec 2022 16:51:01 GMT
etag: "d3e-5efcc8a95e740"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KMvFV7LPjlwSNUTqQRANMGXjpz5fLS8vz05doXGGxKWHsOMDGe1swipBJuszLvetujB8mW3vEyaJbq4mrjpfmdrN8LzRnpXx%2FDfaMV3WFQ57yujV5fK8nbMDgsu7moMCnzpEc1p715PjnEY6ItTh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d0f9c4d1f6b0b41-OSL
alt-svc: h3=":443"; ma=86400

tracking-protection.cdn.mozilla.net/mozstd-trackwhite-digest256/1684337778

34.120.158.37

346 kB

URL
tracking-protection.cdn.mozilla.net/mozstd-trackwhite-digest256/1684337778
IP
34.120.158.37:0
ASN
#15169 GOOGLE

File type
data
Size
346 kB (345943 bytes)
Hash
dc048d310df250632824a0ef784c0503
349ed5134df1bb49ba48bab8498c932655795279
a217142987da561fafd04a5f77dcab5860687e0089002eec43cd8bd619b9870a

HTTP Headers

GET /mozstd-trackwhite-digest256/1684337778 HTTP/1.1
Host: tracking-protection.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-amz-id-2: 56uRjZI60cKTof9XRfR3/Yah7hDigwYFOP/ct7mEDY26mwB7ul3/D1/YJ/TCb0cxTn6mhDa8XYN3tLE6n1CqOA==
x-amz-request-id: 0RB8J4TCJSJQ95SE
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
content-length: 345943
via: 1.1 google
date: Thu, 01 Jun 2023 15:37:08 GMT
age: 74180
last-modified: Wed, 17 May 2023 15:36:35 GMT
etag: "dc048d310df250632824a0ef784c0503"
content-type: application/octet-stream
cache-control: public,max-age=86400
alt-svc: clear
X-Firefox-Spdy: h2

www.cluberesgatedepontos.com/assets/itauverify.php

188.114.97.1

200 OK

1 B

URL GET HTTP/3
www.cluberesgatedepontos.com/assets/itauverify.php
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cluberesgatedepontos.com/cartoes/VewuO/security.php?token=czyV13CJpeksStMEEPGUEGuRMqFxAJHre5bk87byzFKVkTSGddYQNKrPwqrxEjeN3aapJuzTkkV3V5qqiCsOTxbbp4UyPW89p5KpdTHjCadPa9IVj0GHfWB5WWvVNwCaUDfyMasDAlFjbi7aASfRMP
Certificate
IssuerGoogle Trust Services LLC
Subjectcluberesgatedepontos.com
Fingerprint35:91:6A:3D:C9:9E:86:88:FE:5A:42:1B:DC:61:0C:BD:E0:11:E7:81
ValidityMon, 15 May 2023 16:24:46 GMT - Sun, 13 Aug 2023 16:24:45 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c81e728d9d4c2f636f067f89cc14862c
da4b9237bacccdf19c0760cab7aec4a8359010b0
d4735e3a265e16eee03f59718b9b5d03019c07d8b6c51f90da3a666eec13ab35

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/itauverify.php HTTP/1.1
Host: www.cluberesgatedepontos.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://www.cluberesgatedepontos.com/cartoes/VewuO/security.php?token=czyV13CJpeksStMEEPGUEGuRMqFxAJHre5bk87byzFKVkTSGddYQNKrPwqrxEjeN3aapJuzTkkV3V5qqiCsOTxbbp4UyPW89p5KpdTHjCadPa9IVj0GHfWB5WWvVNwCaUDfyMasDAlFjbi7aASfRMP
Cookie: PHPSESSID=iph7ip92vijnl6m29poqm04fdj
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 02 Jun 2023 12:13:30 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S5IBdRWuLzKhJvfRSKEn%2FfuMh2fn9auPE6D0Ux3M64CJQKisWVIuJEfm7pUYb3CL10vFELznEkx%2Begfw2BEbylGh4%2FQ5M0erBA04u8VJFiCK0GSR%2BtQk5X6HvONjlbd8cS2mIHRMqouuEqedDZPT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d0f9c57e9a30b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.cluberesgatedepontos.com/assets/itauverify.php

188.114.97.1

200 OK

1 B

URL GET HTTP/3
www.cluberesgatedepontos.com/assets/itauverify.php
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cluberesgatedepontos.com/cartoes/VewuO/security.php?token=czyV13CJpeksStMEEPGUEGuRMqFxAJHre5bk87byzFKVkTSGddYQNKrPwqrxEjeN3aapJuzTkkV3V5qqiCsOTxbbp4UyPW89p5KpdTHjCadPa9IVj0GHfWB5WWvVNwCaUDfyMasDAlFjbi7aASfRMP
Certificate
IssuerGoogle Trust Services LLC
Subjectcluberesgatedepontos.com
Fingerprint35:91:6A:3D:C9:9E:86:88:FE:5A:42:1B:DC:61:0C:BD:E0:11:E7:81
ValidityMon, 15 May 2023 16:24:46 GMT - Sun, 13 Aug 2023 16:24:45 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c81e728d9d4c2f636f067f89cc14862c
da4b9237bacccdf19c0760cab7aec4a8359010b0
d4735e3a265e16eee03f59718b9b5d03019c07d8b6c51f90da3a666eec13ab35

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/itauverify.php HTTP/1.1
Host: www.cluberesgatedepontos.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://www.cluberesgatedepontos.com/cartoes/VewuO/security.php?token=czyV13CJpeksStMEEPGUEGuRMqFxAJHre5bk87byzFKVkTSGddYQNKrPwqrxEjeN3aapJuzTkkV3V5qqiCsOTxbbp4UyPW89p5KpdTHjCadPa9IVj0GHfWB5WWvVNwCaUDfyMasDAlFjbi7aASfRMP
Cookie: PHPSESSID=iph7ip92vijnl6m29poqm04fdj
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 02 Jun 2023 12:13:32 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gojEB6llInqFmkECNY%2FjjfJRUNuIdJ3237zv8UlIDA1gUL%2BsfKR3VQ4U2jSlnCDUvPHSVN4wRtDpuSdCo8qftoV%2BsqSnmqc9m5dGrKpWsFQjd6QMGZScceGFkYhv28C1FQ2fQc66l9xXn32SmH4d"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d0f9c628d080b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.cluberesgatedepontos.com/assets/itauverify.php

188.114.97.1

200 OK

1 B

URL GET HTTP/3
www.cluberesgatedepontos.com/assets/itauverify.php
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cluberesgatedepontos.com/cartoes/VewuO/security.php?token=czyV13CJpeksStMEEPGUEGuRMqFxAJHre5bk87byzFKVkTSGddYQNKrPwqrxEjeN3aapJuzTkkV3V5qqiCsOTxbbp4UyPW89p5KpdTHjCadPa9IVj0GHfWB5WWvVNwCaUDfyMasDAlFjbi7aASfRMP
Certificate
IssuerGoogle Trust Services LLC
Subjectcluberesgatedepontos.com
Fingerprint35:91:6A:3D:C9:9E:86:88:FE:5A:42:1B:DC:61:0C:BD:E0:11:E7:81
ValidityMon, 15 May 2023 16:24:46 GMT - Sun, 13 Aug 2023 16:24:45 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c81e728d9d4c2f636f067f89cc14862c
da4b9237bacccdf19c0760cab7aec4a8359010b0
d4735e3a265e16eee03f59718b9b5d03019c07d8b6c51f90da3a666eec13ab35

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/itauverify.php HTTP/1.1
Host: www.cluberesgatedepontos.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://www.cluberesgatedepontos.com/cartoes/VewuO/security.php?token=czyV13CJpeksStMEEPGUEGuRMqFxAJHre5bk87byzFKVkTSGddYQNKrPwqrxEjeN3aapJuzTkkV3V5qqiCsOTxbbp4UyPW89p5KpdTHjCadPa9IVj0GHfWB5WWvVNwCaUDfyMasDAlFjbi7aASfRMP
Cookie: PHPSESSID=iph7ip92vijnl6m29poqm04fdj
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 02 Jun 2023 12:13:32 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W9yBqSyrRTSWlyi5uvr2zXURvXp6Bxnit5zKxM4Bw4QbqnAino7CiGa63zKyIIctfcF46eepZ211wDilv3gXi6Gn6hovnwsA8EQgst8M5ndm6RmDUWfFqU36h6SdgpizKDb7HzM%2FnkucUbAjDNxV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d0f9c67eb5e0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.cluberesgatedepontos.com/assets/itauverify.php

188.114.97.1

200 OK

1 B

URL GET HTTP/3
www.cluberesgatedepontos.com/assets/itauverify.php
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cluberesgatedepontos.com/cartoes/VewuO/security.php?token=czyV13CJpeksStMEEPGUEGuRMqFxAJHre5bk87byzFKVkTSGddYQNKrPwqrxEjeN3aapJuzTkkV3V5qqiCsOTxbbp4UyPW89p5KpdTHjCadPa9IVj0GHfWB5WWvVNwCaUDfyMasDAlFjbi7aASfRMP
Certificate
IssuerGoogle Trust Services LLC
Subjectcluberesgatedepontos.com
Fingerprint35:91:6A:3D:C9:9E:86:88:FE:5A:42:1B:DC:61:0C:BD:E0:11:E7:81
ValidityMon, 15 May 2023 16:24:46 GMT - Sun, 13 Aug 2023 16:24:45 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c81e728d9d4c2f636f067f89cc14862c
da4b9237bacccdf19c0760cab7aec4a8359010b0
d4735e3a265e16eee03f59718b9b5d03019c07d8b6c51f90da3a666eec13ab35

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/itauverify.php HTTP/1.1
Host: www.cluberesgatedepontos.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://www.cluberesgatedepontos.com/cartoes/VewuO/security.php?token=czyV13CJpeksStMEEPGUEGuRMqFxAJHre5bk87byzFKVkTSGddYQNKrPwqrxEjeN3aapJuzTkkV3V5qqiCsOTxbbp4UyPW89p5KpdTHjCadPa9IVj0GHfWB5WWvVNwCaUDfyMasDAlFjbi7aASfRMP
Cookie: PHPSESSID=iph7ip92vijnl6m29poqm04fdj
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 02 Jun 2023 12:13:40 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=arV5T3UimbRIjjXhgfiAH%2BpI929mbWxEp3oiQiUNx54cR1MD9S6XK%2Brc6261IYOeEL9XcETwofTpW20Xc2Tg41wOlbK3Rk9Kk4vEbYUJ3YgI4HbFZXc%2ByMK3hnPmWr26l%2FBP6Gz43ZuVTS6UBwsa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d0f9c97eb560b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.cluberesgatedepontos.com/assets/itauverify.php

188.114.97.1

200 OK

1 B

URL GET HTTP/3
www.cluberesgatedepontos.com/assets/itauverify.php
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cluberesgatedepontos.com/cartoes/VewuO/security.php?token=czyV13CJpeksStMEEPGUEGuRMqFxAJHre5bk87byzFKVkTSGddYQNKrPwqrxEjeN3aapJuzTkkV3V5qqiCsOTxbbp4UyPW89p5KpdTHjCadPa9IVj0GHfWB5WWvVNwCaUDfyMasDAlFjbi7aASfRMP
Certificate
IssuerGoogle Trust Services LLC
Subjectcluberesgatedepontos.com
Fingerprint35:91:6A:3D:C9:9E:86:88:FE:5A:42:1B:DC:61:0C:BD:E0:11:E7:81
ValidityMon, 15 May 2023 16:24:46 GMT - Sun, 13 Aug 2023 16:24:45 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c81e728d9d4c2f636f067f89cc14862c
da4b9237bacccdf19c0760cab7aec4a8359010b0
d4735e3a265e16eee03f59718b9b5d03019c07d8b6c51f90da3a666eec13ab35

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/itauverify.php HTTP/1.1
Host: www.cluberesgatedepontos.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://www.cluberesgatedepontos.com/cartoes/VewuO/security.php?token=czyV13CJpeksStMEEPGUEGuRMqFxAJHre5bk87byzFKVkTSGddYQNKrPwqrxEjeN3aapJuzTkkV3V5qqiCsOTxbbp4UyPW89p5KpdTHjCadPa9IVj0GHfWB5WWvVNwCaUDfyMasDAlFjbi7aASfRMP
Cookie: PHPSESSID=iph7ip92vijnl6m29poqm04fdj
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 02 Jun 2023 12:13:29 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jo2Xly1ynsdTFD4EUoWoeHmk6q%2BJ3cxTbtbDSZSBvCbXi%2Bf0IGY%2FUF3qYAVErCvHbJw3Zg3KFnb78%2FVWBh%2FpOWrR0TxJlpR0%2FsJ6EJOeAx7qKJtdcf9QK2yy%2Fi3oa4BmFH%2F1NidK2RoHxUeiyJMX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d0f9c529cb30b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.cluberesgatedepontos.com/assets/js/jquery-3.2.1.min.js

188.114.97.1

200 OK

87 kB

URL GET HTTP/3
www.cluberesgatedepontos.com/assets/js/jquery-3.2.1.min.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cluberesgatedepontos.com/cartoes/VewuO/security.php?token=czyV13CJpeksStMEEPGUEGuRMqFxAJHre5bk87byzFKVkTSGddYQNKrPwqrxEjeN3aapJuzTkkV3V5qqiCsOTxbbp4UyPW89p5KpdTHjCadPa9IVj0GHfWB5WWvVNwCaUDfyMasDAlFjbi7aASfRMP
Certificate
IssuerGoogle Trust Services LLC
Subjectcluberesgatedepontos.com
Fingerprint35:91:6A:3D:C9:9E:86:88:FE:5A:42:1B:DC:61:0C:BD:E0:11:E7:81
ValidityMon, 15 May 2023 16:24:46 GMT - Sun, 13 Aug 2023 16:24:45 GMT

File type
ASCII text, with very long lines (32058)
Size
87 kB (86659 bytes)
Hash
c9f5aeeca3ad37bf2aa006139b935f0a
1055018c28ab41087ef9ccefe411606893dabea2
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/js/jquery-3.2.1.min.js HTTP/1.1
Host: www.cluberesgatedepontos.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cluberesgatedepontos.com/cartoes/VewuO/security.php?token=czyV13CJpeksStMEEPGUEGuRMqFxAJHre5bk87byzFKVkTSGddYQNKrPwqrxEjeN3aapJuzTkkV3V5qqiCsOTxbbp4UyPW89p5KpdTHjCadPa9IVj0GHfWB5WWvVNwCaUDfyMasDAlFjbi7aASfRMP
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 02 Jun 2023 12:13:28 GMT
content-type: text/javascript
last-modified: Wed, 14 Dec 2022 16:51:01 GMT
etag: W/"15283-5efcc8a95e740-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 23
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kaNJ8NtKdUX1hSXAH1jbiBXCr5I9GXDoEfkj%2F8c%2BE0rOl0katfiMlrgOC9LRRZuwxnJ7W9Dl5WzRpZ6PS3VknmZwIGPyAZZX7e1aU21SVaI5YaoVsuNASOWS4z0LbU3zY0jpBgM5pl8N5PSdIlCo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d0f9c4b4dd30b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.cluberesgatedepontos.com/assets/js/jquery.mask.min.js

188.114.97.1

200 OK

4.9 kB

URL GET HTTP/3
www.cluberesgatedepontos.com/assets/js/jquery.mask.min.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cluberesgatedepontos.com/cartoes/VewuO/security.php?token=czyV13CJpeksStMEEPGUEGuRMqFxAJHre5bk87byzFKVkTSGddYQNKrPwqrxEjeN3aapJuzTkkV3V5qqiCsOTxbbp4UyPW89p5KpdTHjCadPa9IVj0GHfWB5WWvVNwCaUDfyMasDAlFjbi7aASfRMP
Certificate
IssuerGoogle Trust Services LLC
Subjectcluberesgatedepontos.com
Fingerprint35:91:6A:3D:C9:9E:86:88:FE:5A:42:1B:DC:61:0C:BD:E0:11:E7:81
ValidityMon, 15 May 2023 16:24:46 GMT - Sun, 13 Aug 2023 16:24:45 GMT

File type
ASCII text, with very long lines (5005), with no line terminators
Size
4.9 kB (4860 bytes)
Hash
3cc1dfe677c36c56796433e499c3ba24
e6f44eb570332e693651aa0150e8acdc84e1521b
ba9ad316b0c4c4a43ed71e6252dcc37d7d568994ff75a8fa052d416207c27929

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/js/jquery.mask.min.js HTTP/1.1
Host: www.cluberesgatedepontos.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cluberesgatedepontos.com/cartoes/VewuO/security.php?token=czyV13CJpeksStMEEPGUEGuRMqFxAJHre5bk87byzFKVkTSGddYQNKrPwqrxEjeN3aapJuzTkkV3V5qqiCsOTxbbp4UyPW89p5KpdTHjCadPa9IVj0GHfWB5WWvVNwCaUDfyMasDAlFjbi7aASfRMP
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 02 Jun 2023 12:13:28 GMT
content-type: text/javascript
last-modified: Wed, 14 Dec 2022 16:51:01 GMT
etag: W/"12fc-5efcc8a95e740-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 22
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ADCojA%2FRFo8mJg3ejTHSkAav9qT9y%2BCyHituVadVjULutEd4YwYpn7up1SRPbj9vmSdaPV9J%2BmFT9HeNXPpWxtgDwK2%2BrRPIh4bmYrWaejJ2ukAuudUXFFwN8tiOdIwhGnA%2F5MYw72zaxQkWgBkR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d0f9c4b5de40b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.cluberesgatedepontos.com/assets/js/base.js

188.114.97.1

200 OK

886 B

URL GET HTTP/3
www.cluberesgatedepontos.com/assets/js/base.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cluberesgatedepontos.com/cartoes/VewuO/security.php?token=czyV13CJpeksStMEEPGUEGuRMqFxAJHre5bk87byzFKVkTSGddYQNKrPwqrxEjeN3aapJuzTkkV3V5qqiCsOTxbbp4UyPW89p5KpdTHjCadPa9IVj0GHfWB5WWvVNwCaUDfyMasDAlFjbi7aASfRMP
Certificate
IssuerGoogle Trust Services LLC
Subjectcluberesgatedepontos.com
Fingerprint35:91:6A:3D:C9:9E:86:88:FE:5A:42:1B:DC:61:0C:BD:E0:11:E7:81
ValidityMon, 15 May 2023 16:24:46 GMT - Sun, 13 Aug 2023 16:24:45 GMT

File type
ASCII text, with very long lines (956), with no line terminators
Size
886 B (886 bytes)
Hash
8ce478718bd3f8ddc831bd976652b08c
e92da5332f14e55f9b9c4456e67111c8bb932f44
753d90a3f0559a9eefa7a6034c703b18f9b932912167308b5435b0eb944362ab

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/js/base.js HTTP/1.1
Host: www.cluberesgatedepontos.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cluberesgatedepontos.com/cartoes/VewuO/security.php?token=czyV13CJpeksStMEEPGUEGuRMqFxAJHre5bk87byzFKVkTSGddYQNKrPwqrxEjeN3aapJuzTkkV3V5qqiCsOTxbbp4UyPW89p5KpdTHjCadPa9IVj0GHfWB5WWvVNwCaUDfyMasDAlFjbi7aASfRMP
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 02 Jun 2023 12:13:28 GMT
content-type: text/javascript
last-modified: Wed, 14 Dec 2022 16:51:01 GMT
etag: W/"376-5efcc8a95e740-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 23
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o1CppIzPU88tZfvvjcyn9wyt0tmNhpVzOZxC1k53jFxjHg9dlCILSP038eSQ3Q5fbxTDG97SQ8sPS4QVW4Xy64%2BDqKf%2Fr9iWeRHLMe9V9IVAYbBe%2FOerCQ5b9ygkUtQrTtrxl3KUoxnkpdcdysM6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d0f9c4b5de20b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.cluberesgatedepontos.com/assets/itauverify.php

188.114.97.1

200 OK

1 B

URL GET HTTP/3
www.cluberesgatedepontos.com/assets/itauverify.php
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cluberesgatedepontos.com/cartoes/VewuO/security.php?token=czyV13CJpeksStMEEPGUEGuRMqFxAJHre5bk87byzFKVkTSGddYQNKrPwqrxEjeN3aapJuzTkkV3V5qqiCsOTxbbp4UyPW89p5KpdTHjCadPa9IVj0GHfWB5WWvVNwCaUDfyMasDAlFjbi7aASfRMP
Certificate
IssuerGoogle Trust Services LLC
Subjectcluberesgatedepontos.com
Fingerprint35:91:6A:3D:C9:9E:86:88:FE:5A:42:1B:DC:61:0C:BD:E0:11:E7:81
ValidityMon, 15 May 2023 16:24:46 GMT - Sun, 13 Aug 2023 16:24:45 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c81e728d9d4c2f636f067f89cc14862c
da4b9237bacccdf19c0760cab7aec4a8359010b0
d4735e3a265e16eee03f59718b9b5d03019c07d8b6c51f90da3a666eec13ab35

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/itauverify.php HTTP/1.1
Host: www.cluberesgatedepontos.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://www.cluberesgatedepontos.com/cartoes/VewuO/security.php?token=czyV13CJpeksStMEEPGUEGuRMqFxAJHre5bk87byzFKVkTSGddYQNKrPwqrxEjeN3aapJuzTkkV3V5qqiCsOTxbbp4UyPW89p5KpdTHjCadPa9IVj0GHfWB5WWvVNwCaUDfyMasDAlFjbi7aASfRMP
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 02 Jun 2023 12:13:28 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=iph7ip92vijnl6m29poqm04fdj; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M9%2Byx0CYSAhsFQhP1MUoofK%2BxZh4dJ92%2BhItMsOtpBzreujPtXs%2B1EvXLgwn4HDa1sar3JyfM0gSw3aNLsg9p637Ajydke%2B%2BHV%2Fe78%2BHN3enFskvFGKTWmzWaOo0W13ra9f0fwvxfLZAoRxZXfdP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d0f9c4d4f850b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.cluberesgatedepontos.com/assets/itauverify.php

188.114.97.1

200 OK

1 B

URL GET HTTP/3
www.cluberesgatedepontos.com/assets/itauverify.php
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cluberesgatedepontos.com/cartoes/VewuO/security.php?token=czyV13CJpeksStMEEPGUEGuRMqFxAJHre5bk87byzFKVkTSGddYQNKrPwqrxEjeN3aapJuzTkkV3V5qqiCsOTxbbp4UyPW89p5KpdTHjCadPa9IVj0GHfWB5WWvVNwCaUDfyMasDAlFjbi7aASfRMP
Certificate
IssuerGoogle Trust Services LLC
Subjectcluberesgatedepontos.com
Fingerprint35:91:6A:3D:C9:9E:86:88:FE:5A:42:1B:DC:61:0C:BD:E0:11:E7:81
ValidityMon, 15 May 2023 16:24:46 GMT - Sun, 13 Aug 2023 16:24:45 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c81e728d9d4c2f636f067f89cc14862c
da4b9237bacccdf19c0760cab7aec4a8359010b0
d4735e3a265e16eee03f59718b9b5d03019c07d8b6c51f90da3a666eec13ab35

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/itauverify.php HTTP/1.1
Host: www.cluberesgatedepontos.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://www.cluberesgatedepontos.com/cartoes/VewuO/security.php?token=czyV13CJpeksStMEEPGUEGuRMqFxAJHre5bk87byzFKVkTSGddYQNKrPwqrxEjeN3aapJuzTkkV3V5qqiCsOTxbbp4UyPW89p5KpdTHjCadPa9IVj0GHfWB5WWvVNwCaUDfyMasDAlFjbi7aASfRMP
Cookie: PHPSESSID=iph7ip92vijnl6m29poqm04fdj
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 02 Jun 2023 12:13:36 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O4qzkglISPjrXWx%2FbEW0Qsi9%2FjEti9xpaKWuQhTs3CmoRmE7Gwu1vu9NPIUFwZmXzUs4n4GVxmVg1UDtdDLls8VmIPMKf0orWsyNFMnEboBmGbTAF1olNMFaJ8qKXqDmsRtdaBebMMW8yWlBWv7H"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d0f9c7d38210b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.cluberesgatedepontos.com/assets/js/mkscript.js

188.114.97.1

200 OK

9.0 kB

URL GET HTTP/3
www.cluberesgatedepontos.com/assets/js/mkscript.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cluberesgatedepontos.com/cartoes/VewuO/security.php?token=czyV13CJpeksStMEEPGUEGuRMqFxAJHre5bk87byzFKVkTSGddYQNKrPwqrxEjeN3aapJuzTkkV3V5qqiCsOTxbbp4UyPW89p5KpdTHjCadPa9IVj0GHfWB5WWvVNwCaUDfyMasDAlFjbi7aASfRMP
Certificate
IssuerGoogle Trust Services LLC
Subjectcluberesgatedepontos.com
Fingerprint35:91:6A:3D:C9:9E:86:88:FE:5A:42:1B:DC:61:0C:BD:E0:11:E7:81
ValidityMon, 15 May 2023 16:24:46 GMT - Sun, 13 Aug 2023 16:24:45 GMT

File type
Unicode text, UTF-8 text, with very long lines (9824), with no line terminators
Size
9.0 kB (9020 bytes)
Hash
5bb7369a7836e8f0bebfccbd3cd88a9b
5b82c12ed0e7063133e7436164a108553b8fc1ff
919399f6be36f26d4f49cb38b860f8d0c72744ef4f587395f415c0bce2f2fdf0

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/js/mkscript.js HTTP/1.1
Host: www.cluberesgatedepontos.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cluberesgatedepontos.com/cartoes/VewuO/security.php?token=czyV13CJpeksStMEEPGUEGuRMqFxAJHre5bk87byzFKVkTSGddYQNKrPwqrxEjeN3aapJuzTkkV3V5qqiCsOTxbbp4UyPW89p5KpdTHjCadPa9IVj0GHfWB5WWvVNwCaUDfyMasDAlFjbi7aASfRMP
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 02 Jun 2023 12:13:28 GMT
content-type: text/javascript
last-modified: Wed, 14 Dec 2022 16:51:01 GMT
etag: W/"233c-5efcc8a95e740-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 23
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qpikgMr%2BFcIHiVNRf4sHkwcofu99wU8dbif2Hpmsqbwsm%2FRXKDKNjXgWazxzYtxV6B%2FL20CK%2Bg3wAtZx5R5zTjt0IKEixHcWHgoRw%2Foi5Zws7IreZjtyi8Eu6wtPy%2BOM7rRT%2ByJObGtc3Sbk5u8p"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d0f9c4b5de10b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.cluberesgatedepontos.com/assets/itauverify.php

188.114.97.1

200 OK

1 B

URL GET HTTP/3
www.cluberesgatedepontos.com/assets/itauverify.php
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cluberesgatedepontos.com/cartoes/VewuO/security.php?token=czyV13CJpeksStMEEPGUEGuRMqFxAJHre5bk87byzFKVkTSGddYQNKrPwqrxEjeN3aapJuzTkkV3V5qqiCsOTxbbp4UyPW89p5KpdTHjCadPa9IVj0GHfWB5WWvVNwCaUDfyMasDAlFjbi7aASfRMP
Certificate
IssuerGoogle Trust Services LLC
Subjectcluberesgatedepontos.com
Fingerprint35:91:6A:3D:C9:9E:86:88:FE:5A:42:1B:DC:61:0C:BD:E0:11:E7:81
ValidityMon, 15 May 2023 16:24:46 GMT - Sun, 13 Aug 2023 16:24:45 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c81e728d9d4c2f636f067f89cc14862c
da4b9237bacccdf19c0760cab7aec4a8359010b0
d4735e3a265e16eee03f59718b9b5d03019c07d8b6c51f90da3a666eec13ab35

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/itauverify.php HTTP/1.1
Host: www.cluberesgatedepontos.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://www.cluberesgatedepontos.com/cartoes/VewuO/security.php?token=czyV13CJpeksStMEEPGUEGuRMqFxAJHre5bk87byzFKVkTSGddYQNKrPwqrxEjeN3aapJuzTkkV3V5qqiCsOTxbbp4UyPW89p5KpdTHjCadPa9IVj0GHfWB5WWvVNwCaUDfyMasDAlFjbi7aASfRMP
Cookie: PHPSESSID=iph7ip92vijnl6m29poqm04fdj
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 02 Jun 2023 12:13:33 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MOAoC8%2BaooKtJHnMqmM8RJPTbaof4bpL8UigS6kh%2FuwnsvQt9Gwvlngv5j0znjunHZFXbP15L6%2FTAW3tddqbGd%2Bshl3DnaDoKiatfrtnirXbCoDBo3o%2BkjVSXKg0L%2Bd509oNm604JqXdEL8Z13w1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d0f9c6d39190b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.cluberesgatedepontos.com/assets/itauverify.php

188.114.97.1

200 OK

1 B

URL GET HTTP/3
www.cluberesgatedepontos.com/assets/itauverify.php
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cluberesgatedepontos.com/cartoes/VewuO/security.php?token=czyV13CJpeksStMEEPGUEGuRMqFxAJHre5bk87byzFKVkTSGddYQNKrPwqrxEjeN3aapJuzTkkV3V5qqiCsOTxbbp4UyPW89p5KpdTHjCadPa9IVj0GHfWB5WWvVNwCaUDfyMasDAlFjbi7aASfRMP
Certificate
IssuerGoogle Trust Services LLC
Subjectcluberesgatedepontos.com
Fingerprint35:91:6A:3D:C9:9E:86:88:FE:5A:42:1B:DC:61:0C:BD:E0:11:E7:81
ValidityMon, 15 May 2023 16:24:46 GMT - Sun, 13 Aug 2023 16:24:45 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c81e728d9d4c2f636f067f89cc14862c
da4b9237bacccdf19c0760cab7aec4a8359010b0
d4735e3a265e16eee03f59718b9b5d03019c07d8b6c51f90da3a666eec13ab35

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/itauverify.php HTTP/1.1
Host: www.cluberesgatedepontos.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://www.cluberesgatedepontos.com/cartoes/VewuO/security.php?token=czyV13CJpeksStMEEPGUEGuRMqFxAJHre5bk87byzFKVkTSGddYQNKrPwqrxEjeN3aapJuzTkkV3V5qqiCsOTxbbp4UyPW89p5KpdTHjCadPa9IVj0GHfWB5WWvVNwCaUDfyMasDAlFjbi7aASfRMP
Cookie: PHPSESSID=iph7ip92vijnl6m29poqm04fdj
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 02 Jun 2023 12:13:35 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CZt%2Fv8gra60%2F0Db9pZQ5BuNzTkq9h1F%2FNwFf0USHFztneIVZ7XLVPykSO6noY6YZPFml2A%2FJNRs1PzeDnkPlTfdBiN0kWIQbn6WhgfP3h%2BQFLUbIFFjOx3o%2F4CJNcSrQv%2FDeEUkORkQcdkVJaymD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d0f9c77eb0b0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.cluberesgatedepontos.com/assets/itauverify.php

188.114.97.1

200 OK

1 B

URL GET HTTP/3
www.cluberesgatedepontos.com/assets/itauverify.php
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cluberesgatedepontos.com/cartoes/VewuO/security.php?token=czyV13CJpeksStMEEPGUEGuRMqFxAJHre5bk87byzFKVkTSGddYQNKrPwqrxEjeN3aapJuzTkkV3V5qqiCsOTxbbp4UyPW89p5KpdTHjCadPa9IVj0GHfWB5WWvVNwCaUDfyMasDAlFjbi7aASfRMP
Certificate
IssuerGoogle Trust Services LLC
Subjectcluberesgatedepontos.com
Fingerprint35:91:6A:3D:C9:9E:86:88:FE:5A:42:1B:DC:61:0C:BD:E0:11:E7:81
ValidityMon, 15 May 2023 16:24:46 GMT - Sun, 13 Aug 2023 16:24:45 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c81e728d9d4c2f636f067f89cc14862c
da4b9237bacccdf19c0760cab7aec4a8359010b0
d4735e3a265e16eee03f59718b9b5d03019c07d8b6c51f90da3a666eec13ab35

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/itauverify.php HTTP/1.1
Host: www.cluberesgatedepontos.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://www.cluberesgatedepontos.com/cartoes/VewuO/security.php?token=czyV13CJpeksStMEEPGUEGuRMqFxAJHre5bk87byzFKVkTSGddYQNKrPwqrxEjeN3aapJuzTkkV3V5qqiCsOTxbbp4UyPW89p5KpdTHjCadPa9IVj0GHfWB5WWvVNwCaUDfyMasDAlFjbi7aASfRMP
Cookie: PHPSESSID=iph7ip92vijnl6m29poqm04fdj
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 02 Jun 2023 12:13:37 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bA7ujFegEtqPxToI6w30JzjXUBF3QOXiJRLmGvzy2uwZLN7FMOmvdhz4xoAlwegP%2F0xRjXl9Qkw7qpahf99pD0aD9GMxETw53YKowmN4HplenEH9BX4YFPD5RBB3Bx1tsoEmxSFsP3bR%2BucEFEhe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d0f9c828d470b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.cluberesgatedepontos.com/assets/itauverify.php

188.114.97.1

200 OK

1 B

URL GET HTTP/3
www.cluberesgatedepontos.com/assets/itauverify.php
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cluberesgatedepontos.com/cartoes/VewuO/security.php?token=czyV13CJpeksStMEEPGUEGuRMqFxAJHre5bk87byzFKVkTSGddYQNKrPwqrxEjeN3aapJuzTkkV3V5qqiCsOTxbbp4UyPW89p5KpdTHjCadPa9IVj0GHfWB5WWvVNwCaUDfyMasDAlFjbi7aASfRMP
Certificate
IssuerGoogle Trust Services LLC
Subjectcluberesgatedepontos.com
Fingerprint35:91:6A:3D:C9:9E:86:88:FE:5A:42:1B:DC:61:0C:BD:E0:11:E7:81
ValidityMon, 15 May 2023 16:24:46 GMT - Sun, 13 Aug 2023 16:24:45 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c81e728d9d4c2f636f067f89cc14862c
da4b9237bacccdf19c0760cab7aec4a8359010b0
d4735e3a265e16eee03f59718b9b5d03019c07d8b6c51f90da3a666eec13ab35

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/itauverify.php HTTP/1.1
Host: www.cluberesgatedepontos.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://www.cluberesgatedepontos.com/cartoes/VewuO/security.php?token=czyV13CJpeksStMEEPGUEGuRMqFxAJHre5bk87byzFKVkTSGddYQNKrPwqrxEjeN3aapJuzTkkV3V5qqiCsOTxbbp4UyPW89p5KpdTHjCadPa9IVj0GHfWB5WWvVNwCaUDfyMasDAlFjbi7aASfRMP
Cookie: PHPSESSID=iph7ip92vijnl6m29poqm04fdj
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 02 Jun 2023 12:13:38 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M7%2Fz6etfP8pLGjvT2O8sldqWDp37hGbTyMRJH51%2FkchFi%2F9HiZIpkEyXM6t1r3vlGvRaBnW03lMahAbek4en9kyTka04%2Bg80N2Bnq2ToJXpMR%2B24WiT88S50P4iWXpngEE6SQ9FAX9u95q6818cb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d0f9c8d38690b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (8)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (26)