{"report_id":"9ef7a5b6-7ae6-4252-932f-a876fd8989aa","version":6,"status":"done","tags":["dhl","logistics","phishing"],"date":"2025-07-09T23:23:21Z","url":{"schema":"https","addr":"certoetiquetas.com.br/wp-content/conn/GlobalSources/?email=3mail@slurpmail.net","fqdn":"certoetiquetas.com.br","domain":"certoetiquetas.com.br","tld":"com.br"},"ip":{"addr":"172.67.184.252","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"certoetiquetas.com.br/wp-content/conn/GlobalSources/?email=3mail@slurpmail.net","fqdn":"certoetiquetas.com.br","domain":"certoetiquetas.com.br","tld":"com.br"},"title":"DHL"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":["openphish"],"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-09-17T23:23:21Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"certoetiquetas.com.br","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2020-11-05","domain_rank":0,"first_seen":"2025-07-09T08:04:58.821604Z","last_seen":"2025-07-09T08:04:58.821604Z","alert_count":16,"request_count":8,"received_data":87010,"sent_data":4347,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-07-09","alert":"Sinkholed","trigger":"certoetiquetas.com.br","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}]},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - DHL","verdict":"phishing","severity":"medium","comment":"Associated with DHL phishing","tags":["dhl","logistics","phishing"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"certoetiquetas.com.br/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js","fqdn":"certoetiquetas.com.br","domain":"certoetiquetas.com.br","tld":"com.br"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9e8f56e8e1806253ba01a95cfc3d392c","sha1":"a8af90d7482e1e99d03de6bf88fed2315c5dd728","sha256":"2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8","sha512":"63f0f6f94fbabadc3f774ccaa6a401696e8a7651a074bc077d214f91da080b36714fd799eb40fed64154972008e34fc733d6ee314ac675727b37b58ffbebebee","ssdeep":"","tlshash":"6021d5743a18107e226a0133e56f66cee1f23715fd17e440408ad89566e4fe5063fed9","size":1239,"data":"","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-04-04T18:45:39.513075Z","times_seen":292359,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"certoetiquetas.com.br/wp-content/conn/GlobalSources/7629827763/02.jpg","fqdn":"certoetiquetas.com.br","domain":"certoetiquetas.com.br","tld":"com.br"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"","requested_by":"https://certoetiquetas.com.br/wp-content/conn/GlobalSources/?email=3mail@slurpmail.net","date":"2025-07-09T23:22:46.063Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"certoetiquetas.com.br","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 01 Jun 2025 21:09:18 GMT","end":"Sat, 30 Aug 2025 22:06:54 GMT"},"fingerprint":{"sha1":"D0:42:FA:99:95:15:9B:A7:06:64:81:B0:04:4F:E2:C0:5B:70:74:83","sha256":"C1:C2:AF:41:E0:5A:4F:A7:DC:69:40:4E:C3:DE:C7:EF:C2:FC:D8:C3:E8:74:EA:C7:D0:B6:7B:1A:5E:4E:21:C5"}}},"request":{"raw":"GET /wp-content/conn/GlobalSources/7629827763/02.jpg HTTP/1.1\r\nHost: certoetiquetas.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://certoetiquetas.com.br/wp-content/conn/GlobalSources/?email=3mail@slurpmail.net\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 09 Jul 2025 23:22:46 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 20648\r\nserver: cloudflare\r\nlast-modified: Tue, 19 Jul 2022 18:20:26 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PFXyxHZB2Vywfm8zjLkFeQZLW8d4PGmV45ndJ5yMtGDRlRNfvC366s1cot62960EeRXtszpxSvwx%2BD29pjAKfEI21Z%2FdmsSsyMD%2FSzLa8hDyo9g%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 95cb90b5df2456a8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":20648,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1584x396, components 3","md5":"b4ffa4c4789b58a42af0cac9739d9fcc","sha1":"c9b5596b90cce84a1f56d4e8a46d413b54b4e1f6","sha256":"f06555d58c6fb19b7b6815ce631ea0958eeaec315dbc64b8dfb08e200c69eed5","sha512":"578fa03310ea09ef834ad8ab753be00c433db07328aa238190fb4f063d00acd9f05139cd4ea29303d9b5cc1274dbc6b534617b9aa2c46df0dfd60916a1d9ffc1","ssdeep":"384:/BkLHnHT2gG4tvQQQQQ4J/Dh51gesv9Lr:/LgGAQQQQQs/DLGZFP","tlshash":"4392be872f63d2fdf57b5bf03d216f1a22d84de82473190bfa8124794a1c279689c2d1","first_seen":"2023-05-03T12:10:55Z","last_seen":"2026-04-03T19:39:00.139431Z","times_seen":2417,"resource_available":false,"data":null}},"time_used":832,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":831,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-07-09","alert":"Sinkholed","trigger":"certoetiquetas.com.br","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - DHL","verdict":"phishing","severity":"medium","comment":"Associated with DHL phishing","tags":["dhl","logistics","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"certoetiquetas.com.br/wp-content/conn/GlobalSources/7629827763/3638384.jpg","fqdn":"certoetiquetas.com.br","domain":"certoetiquetas.com.br","tld":"com.br"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"","requested_by":"https://certoetiquetas.com.br/wp-content/conn/GlobalSources/?email=3mail@slurpmail.net","date":"2025-07-09T23:22:46.065Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"certoetiquetas.com.br","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 01 Jun 2025 21:09:18 GMT","end":"Sat, 30 Aug 2025 22:06:54 GMT"},"fingerprint":{"sha1":"D0:42:FA:99:95:15:9B:A7:06:64:81:B0:04:4F:E2:C0:5B:70:74:83","sha256":"C1:C2:AF:41:E0:5A:4F:A7:DC:69:40:4E:C3:DE:C7:EF:C2:FC:D8:C3:E8:74:EA:C7:D0:B6:7B:1A:5E:4E:21:C5"}}},"request":{"raw":"GET /wp-content/conn/GlobalSources/7629827763/3638384.jpg HTTP/1.1\r\nHost: certoetiquetas.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://certoetiquetas.com.br/wp-content/conn/GlobalSources/?email=3mail@slurpmail.net\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 09 Jul 2025 23:22:46 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 8692\r\nserver: cloudflare\r\nlast-modified: Tue, 19 Jul 2022 14:02:34 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XAWg8meEJ3rSYtPZO0wCVNM0LGFhAonnjr83q0RRVn4vJXRUm0ik2F4UkRK1voekjbLn4sKA7i8O5ajmWFw8RkZpQFfW097W0eoWv6bouuqkp2s%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 95cb90b5df2756a8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8692,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 285x177, components 3","md5":"0909fbc1f7fba01ae0da65a927ceee26","sha1":"999a11986a8f87e1e58c7a8e627df7f3a7080f84","sha256":"9bd85f7569e570b6a8a40701baef5177a78e1daf0d3429ccdd55630224670c2d","sha512":"76fef6c805cca3eb82130fe4034c7b6de143f9576f381e5b46569b736cf853c45d9b9cf13c05da800b73d522836a807c78069398a1909eab41dc7961cd6e9b85","ssdeep":"192:XF2CYsfMmRcX6jHPF4oP3x0F7r5YqorP3eetTjF8wk72/0v8WIc:XMGMmBHd4oP3q7rvgue9ZNc0Wp","tlshash":"1502afb442c71131fe099bf7f37bd631075e63c8ac24625a79dc56f1c84a90abc0e066","first_seen":"2023-05-03T12:10:55Z","last_seen":"2026-04-03T19:39:00.140048Z","times_seen":2421,"resource_available":false,"data":null}},"time_used":632,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":632,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-07-09","alert":"Sinkholed","trigger":"certoetiquetas.com.br","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - DHL","verdict":"phishing","severity":"medium","comment":"Associated with DHL phishing","tags":["dhl","logistics","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"certoetiquetas.com.br/wp-content/conn/GlobalSources/7629827763/xls.png","fqdn":"certoetiquetas.com.br","domain":"certoetiquetas.com.br","tld":"com.br"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"","requested_by":"https://certoetiquetas.com.br/wp-content/conn/GlobalSources/?email=3mail@slurpmail.net","date":"2025-07-09T23:22:46.067Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"certoetiquetas.com.br","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 01 Jun 2025 21:09:18 GMT","end":"Sat, 30 Aug 2025 22:06:54 GMT"},"fingerprint":{"sha1":"D0:42:FA:99:95:15:9B:A7:06:64:81:B0:04:4F:E2:C0:5B:70:74:83","sha256":"C1:C2:AF:41:E0:5A:4F:A7:DC:69:40:4E:C3:DE:C7:EF:C2:FC:D8:C3:E8:74:EA:C7:D0:B6:7B:1A:5E:4E:21:C5"}}},"request":{"raw":"GET /wp-content/conn/GlobalSources/7629827763/xls.png HTTP/1.1\r\nHost: certoetiquetas.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://certoetiquetas.com.br/wp-content/conn/GlobalSources/?email=3mail@slurpmail.net\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 09 Jul 2025 23:22:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 34223\r\nserver: cloudflare\r\nlast-modified: Mon, 11 Jul 2022 20:49:46 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OKpE5%2BW%2FYTLeFSFcVUxn6p8xkjO59Kg2RPrWTsf06W4bKqdFtyeFf9PszGGs1jYlbKUR3Jw0VswOSET6N%2Bc2qgx9eOWAg2lHOKWRf7PL3zzC2g0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 95cb90b5df2b56a8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":34223,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1200 x 1200, 8-bit/color RGBA, non-interlaced","md5":"c52b62164b9b48ace77228cffaea7d18","sha1":"d6c285df2d1b1ec6c1bd7b5fdd2f1575d1631bad","sha256":"d8a1fae00d96feaa8351178773878b3f51cacd4a922200470d6e7cd9e832089a","sha512":"bee084aeb92ddb2a376dacf79298a059d7f67f62cf79ab44c8a842c9054828cc2efa01cff39ca7a46b5bdf372d574c11854af56de7c168477c5cbcd1825f5ef2","ssdeep":"768:jYIIbanOPy8mCP8XPoGsudDEXi1ma2MnkuzWwiAk:jYI8anOHH81Eama22g5","tlshash":"24e29e248d064e58d8b05070385e8b19b37a1a8f730fea11931bed34fd579ba8cc6ed6","first_seen":"2023-05-03T12:10:55Z","last_seen":"2026-04-03T19:39:00.136772Z","times_seen":2418,"resource_available":false,"data":null}},"time_used":822,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":819,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-07-09","alert":"Sinkholed","trigger":"certoetiquetas.com.br","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - DHL","verdict":"phishing","severity":"medium","comment":"Associated with DHL phishing","tags":["dhl","logistics","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"certoetiquetas.com.br/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js","fqdn":"certoetiquetas.com.br","domain":"certoetiquetas.com.br","tld":"com.br"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"","requested_by":"https://certoetiquetas.com.br/wp-content/conn/GlobalSources/?email=3mail@slurpmail.net","date":"2025-07-09T23:22:46.073Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"certoetiquetas.com.br","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 01 Jun 2025 21:09:18 GMT","end":"Sat, 30 Aug 2025 22:06:54 GMT"},"fingerprint":{"sha1":"D0:42:FA:99:95:15:9B:A7:06:64:81:B0:04:4F:E2:C0:5B:70:74:83","sha256":"C1:C2:AF:41:E0:5A:4F:A7:DC:69:40:4E:C3:DE:C7:EF:C2:FC:D8:C3:E8:74:EA:C7:D0:B6:7B:1A:5E:4E:21:C5"}}},"request":{"raw":"GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1\r\nHost: certoetiquetas.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://certoetiquetas.com.br/wp-content/conn/GlobalSources/?email=3mail@slurpmail.net\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 09 Jul 2025 23:22:46 GMT\r\ncontent-type: application/javascript\r\nexpires: Thu, 10 Jul 2025 00:10:46 GMT\r\ncache-control: public\r\nvary: accept-encoding\r\nx-frame-options: DENY\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FVCl1Vom57zRVboUlCltLFW1jtTLy9aHbHui0DeQxonqlQixRpT6C1VHc%2BQpzq13CeFZCtnF2qhxJ7Tmjbs3ipwF4M%2BxtqIB8qn5Qd6YZY0Mxz0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 95cb90b5ef2d56a8-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1239,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1238)","md5":"9e8f56e8e1806253ba01a95cfc3d392c","sha1":"a8af90d7482e1e99d03de6bf88fed2315c5dd728","sha256":"2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8","sha512":"63f0f6f94fbabadc3f774ccaa6a401696e8a7651a074bc077d214f91da080b36714fd799eb40fed64154972008e34fc733d6ee314ac675727b37b58ffbebebee","ssdeep":"","tlshash":"6021d5743a18107e226a0133e56f66cee1f23715fd17e440408ad89566e4fe5063fed9","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-04-04T18:45:39.513075Z","times_seen":292359,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-07-09","alert":"Sinkholed","trigger":"certoetiquetas.com.br","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - DHL","verdict":"phishing","severity":"medium","comment":"Associated with DHL phishing","tags":["dhl","logistics","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"certoetiquetas.com.br/wp-content/conn/GlobalSources/7629827763/1618379409484992.jpg","fqdn":"certoetiquetas.com.br","domain":"certoetiquetas.com.br","tld":"com.br"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"","requested_by":"https://certoetiquetas.com.br/wp-content/conn/GlobalSources/?email=3mail@slurpmail.net","date":"2025-07-09T23:22:46.621Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"certoetiquetas.com.br","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 01 Jun 2025 21:09:18 GMT","end":"Sat, 30 Aug 2025 22:06:54 GMT"},"fingerprint":{"sha1":"D0:42:FA:99:95:15:9B:A7:06:64:81:B0:04:4F:E2:C0:5B:70:74:83","sha256":"C1:C2:AF:41:E0:5A:4F:A7:DC:69:40:4E:C3:DE:C7:EF:C2:FC:D8:C3:E8:74:EA:C7:D0:B6:7B:1A:5E:4E:21:C5"}}},"request":{"raw":"GET /wp-content/conn/GlobalSources/7629827763/1618379409484992.jpg HTTP/1.1\r\nHost: certoetiquetas.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://certoetiquetas.com.br/wp-content/conn/GlobalSources/?email=3mail@slurpmail.net\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 09 Jul 2025 23:22:47 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 3997\r\nserver: cloudflare\r\nlast-modified: Mon, 11 Jul 2022 19:55:32 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=6,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PHHbgZieqXUmOd%2F%2FCj6zBabCMTr0LeQ%2F%2FRFG7HO0On6eX67iIlQ00YxMNijqThcXB24FCvV3q4Dn0A6Ai6cW1OPZpe%2FVopnjS5pVzUjbbYL7Sa4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 95cb90b96a0256a8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3997,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 66x76, components 3","md5":"fe2cdc10f0b14d041ce1d0c391291f2d","sha1":"76ddb8774f67fe7838fc2678514800c9b5203a28","sha256":"109483641b2f69473f1b978e4aec1ba11bb4f52c7ee92cb2c969f92b92925633","sha512":"be700fde797f89cba2632aaa4f705e47e6cf38071c7dcd6ad0a41e59348b899718188326263688df31fd20f3ded784cf1e712ee3c7f7f4b5cbaf5562638e9f92","ssdeep":"","tlshash":"c5815b6bc6831ec18ed6fb7026b3d225edcbd3862a437a05ada695b0b01c629d15861c","first_seen":"2023-05-03T12:10:55Z","last_seen":"2026-04-03T19:39:00.137394Z","times_seen":2421,"resource_available":false,"data":null}},"time_used":618,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":618,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-07-09","alert":"Sinkholed","trigger":"certoetiquetas.com.br","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - DHL","verdict":"phishing","severity":"medium","comment":"Associated with DHL phishing","tags":["dhl","logistics","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"certoetiquetas.com.br/wp-content/conn/GlobalSources/?email=3mail@slurpmail.net","fqdn":"certoetiquetas.com.br","domain":"certoetiquetas.com.br","tld":"com.br"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"","requested_by":"","date":"2025-07-09T23:22:44.881Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"certoetiquetas.com.br","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 01 Jun 2025 21:09:18 GMT","end":"Sat, 30 Aug 2025 22:06:54 GMT"},"fingerprint":{"sha1":"D0:42:FA:99:95:15:9B:A7:06:64:81:B0:04:4F:E2:C0:5B:70:74:83","sha256":"C1:C2:AF:41:E0:5A:4F:A7:DC:69:40:4E:C3:DE:C7:EF:C2:FC:D8:C3:E8:74:EA:C7:D0:B6:7B:1A:5E:4E:21:C5"}}},"request":{"raw":"GET /wp-content/conn/GlobalSources/?email=3mail@slurpmail.net HTTP/1.1\r\nHost: certoetiquetas.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 09 Jul 2025 23:22:45 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yjZ4EObMVj%2FXSmCJ4AECg3fzTJWqMDl4o5jQtcuRdFN%2BDEa7EG3SM52llFau8O0BytuEAOMg8ZP55NOdaD41ltJOHFJo5yDupHZ6h2UvWgqcKfo%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: 95cb90b04914b4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4264,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"fe568ba196d864e6b1b6df315583a422","sha1":"eb90a1b4a35d31a599b20bb2253c50476b38ad79","sha256":"803e164433b9e329187203d6a2164a21532af3ff30b997db437bc299dd0bf4cf","sha512":"5d9ba58691685b27b3f0266e4e9d7a05d35db30fb0e4b25197a95b21eb7bf4a752eb0751814dbc953d2128d83fbb68a11d1e1b9d0fea9fb4c0d993081eafedb6","ssdeep":"96:kjlLC8vlXqOd61w7nX7I1ZSW1fTzbcWXJ:kjlLEm61MX7IDSELzbcWXJ","tlshash":"0f9142b2f3c8c62e60d64147e031bfd550d7f482a33455046e2b287fe68d9f22a132da","first_seen":"2025-07-09T23:23:21.594224Z","last_seen":"2025-07-09T23:23:21.594224Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1226,"timings":{"blocked":281,"dns":255,"connect":1,"send":0,"wait":664,"receive":0,"ssl":21},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-07-09","alert":"Sinkholed","trigger":"certoetiquetas.com.br","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - DHL","verdict":"phishing","severity":"medium","comment":"Associated with DHL phishing","tags":["dhl","logistics","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"certoetiquetas.com.br/wp-content/conn/GlobalSources/7629827763/05.png","fqdn":"certoetiquetas.com.br","domain":"certoetiquetas.com.br","tld":"com.br"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"","requested_by":"https://certoetiquetas.com.br/wp-content/conn/GlobalSources/?email=3mail@slurpmail.net","date":"2025-07-09T23:22:46.059Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"certoetiquetas.com.br","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 01 Jun 2025 21:09:18 GMT","end":"Sat, 30 Aug 2025 22:06:54 GMT"},"fingerprint":{"sha1":"D0:42:FA:99:95:15:9B:A7:06:64:81:B0:04:4F:E2:C0:5B:70:74:83","sha256":"C1:C2:AF:41:E0:5A:4F:A7:DC:69:40:4E:C3:DE:C7:EF:C2:FC:D8:C3:E8:74:EA:C7:D0:B6:7B:1A:5E:4E:21:C5"}}},"request":{"raw":"GET /wp-content/conn/GlobalSources/7629827763/05.png HTTP/1.1\r\nHost: certoetiquetas.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://certoetiquetas.com.br/wp-content/conn/GlobalSources/?email=3mail@slurpmail.net\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 09 Jul 2025 23:22:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 7303\r\nserver: cloudflare\r\nlast-modified: Tue, 19 Jul 2022 18:13:16 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=A3%2F2K%2FBxdXvUQ4cLC%2BCyuhsI3TAIh1nsv2Uhz4NRRc7uF6gXn%2BpMGRMtR48FNRRH8VBiFggM%2FePl0vc8YpS2IJR8Id4OGlNJCAnRSfwg4mAURZU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 95cb90b5cf1d56a8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7303,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 448 x 101, 8-bit/color RGBA, non-interlaced","md5":"42d266ea95ec2155776b17db08bada6e","sha1":"a2885ace20c5a55be720970c3f411e9d5fdaef3a","sha256":"87a90aff7342aebb9bac98e99e9be3833731d16a97e07da7ca1f9b9434d915b8","sha512":"ca037fcfddc0b6acd323897fadbbd481172822c67e098ce829de11db8f15279cb568e0e0d992155455756db55a542129f1fe8579ecc0b509e18a6c70687440ac","ssdeep":"192:utOtNV1Y+ihn2yDVmUCpqe0f4OSvQTs8z:qOtNrY+ih2yBUpqTbTs8z","tlshash":"77e19d87d088e8505e3b8fdaa3d4562e8c07111f11a660fdd25a9b35232f3bbc420de9","first_seen":"2023-05-03T12:10:55Z","last_seen":"2026-04-03T19:39:00.138134Z","times_seen":2419,"resource_available":false,"data":null}},"time_used":644,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":643,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-07-09","alert":"Sinkholed","trigger":"certoetiquetas.com.br","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - DHL","verdict":"phishing","severity":"medium","comment":"Associated with DHL phishing","tags":["dhl","logistics","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"certoetiquetas.com.br/wp-content/conn/GlobalSources/7629827763/en.jpg","fqdn":"certoetiquetas.com.br","domain":"certoetiquetas.com.br","tld":"com.br"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"","requested_by":"https://certoetiquetas.com.br/wp-content/conn/GlobalSources/?email=3mail@slurpmail.net","date":"2025-07-09T23:22:46.062Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"certoetiquetas.com.br","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 01 Jun 2025 21:09:18 GMT","end":"Sat, 30 Aug 2025 22:06:54 GMT"},"fingerprint":{"sha1":"D0:42:FA:99:95:15:9B:A7:06:64:81:B0:04:4F:E2:C0:5B:70:74:83","sha256":"C1:C2:AF:41:E0:5A:4F:A7:DC:69:40:4E:C3:DE:C7:EF:C2:FC:D8:C3:E8:74:EA:C7:D0:B6:7B:1A:5E:4E:21:C5"}}},"request":{"raw":"GET /wp-content/conn/GlobalSources/7629827763/en.jpg HTTP/1.1\r\nHost: certoetiquetas.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://certoetiquetas.com.br/wp-content/conn/GlobalSources/?email=3mail@slurpmail.net\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 09 Jul 2025 23:22:46 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 1454\r\nserver: cloudflare\r\nlast-modified: Thu, 14 Jul 2022 19:07:32 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=viu2U4xRVRHoxKvKVbcpfsfb2qWCyuGpiD5g5pRbmORfdRBehg8yIJK0EUr7dvjWSwdduVCbxbJLaTkauva82ApyNbWQJe1eGrsb7MwufARQgEk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 95cb90b5df1f56a8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1454,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 86x52, components 3","md5":"eef218ee0c269c1d574ca62469a3ccc4","sha1":"58ae3efb00420e5101a1c1a441ee6fd082ed99f9","sha256":"901c8abcc67fe53992c93d741a937ff8e3ab418d114fcd984efe3e341f6a7455","sha512":"ccfc45e049f1d622feb7abf75ef30e3b3e45753251b6804ca9c56acf0760204ed46bb79808973a84e8c7c6ea48055c0f5c56adf8437c020c1b80eaefe6a1fef2","ssdeep":"","tlshash":"c531c62a5b025f209ce141f6a011c7458f6efb4a2ec7a3871979a187f100ef8834c96c","first_seen":"2023-05-03T12:10:55Z","last_seen":"2026-04-03T19:39:00.138809Z","times_seen":2422,"resource_available":false,"data":null}},"time_used":634,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":634,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2025-07-09","alert":"Sinkholed","trigger":"certoetiquetas.com.br","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - DHL","verdict":"phishing","severity":"medium","comment":"Associated with DHL phishing","tags":["dhl","logistics","phishing"],"meta":null}]}}]}