{"report_id":"c085ee0f-e00a-4d4d-b2ff-e27b05311dcd","version":6,"status":"done","tags":[],"date":"2026-06-02T06:03:21Z","url":{"schema":"http","addr":"perfectface.com.br/","fqdn":"perfectface.com.br","domain":"perfectface.com.br","tld":"com.br"},"ip":{"addr":"162.241.2.150","port":0,"asn":19871,"as":"NETWORK-SOLUTIONS-HOSTING","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"perfectface.com.br/cgi-sys/suspendedpage.cgi","fqdn":"perfectface.com.br","domain":"perfectface.com.br","tld":"com.br"},"title":"Hospedagem de Sites | Página não encontrada","dom":{"size":820,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"6394e90f3bd286a32b27c5dc1b31ebe6","sha1":"dcd7388846121b37be65e26ce4d5f0c4734ad601","sha256":"c3a9ae212797efd8ed8d08f9047784cd2af59de995e846cedf04662489028491","sha512":"cf109d433a882393d79e8de16274a0b455daef6580ef510b275790c69843fcdc41b45920b50d6a2aa7b3c88a5bc230897172800472cd85dde72aaf16669b5724","ssdeep":"","tlshash":"fd0152474440110be650aa14bae3f9b9aa4d8546cc8b4ea0f08237bdc2c1895d3d2398","dom_hash":"domhashf2002c1f0b597ef6effe4c6c899c8764","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"perfectface.com.br/","fqdn":"perfectface.com.br","domain":"perfectface.com.br","tld":"com.br"},"ip":{"addr":"162.241.2.150","port":0,"asn":19871,"as":"NETWORK-SOLUTIONS-HOSTING","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-07T06:03:21Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"perfectface.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"perfectface.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"perfectface.com.br","ip":{"addr":"162.241.2.150","port":443,"asn":19871,"as":"NETWORK-SOLUTIONS-HOSTING","country":"United States","country_code":"US"},"domain_registered":"2019-08-10","domain_rank":0,"first_seen":"2019-08-10T16:02:48Z","last_seen":"2025-01-27T08:21:35.812281Z","alert_count":8,"request_count":4,"received_data":4684,"sent_data":1949,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}]},{"fqdn":"www.hostgator.com.br","ip":{"addr":"172.66.40.38","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2005-09-12","domain_rank":1004165,"first_seen":"2015-04-17T05:39:10Z","last_seen":"2026-05-27T20:05:19.014578Z","alert_count":0,"request_count":1,"received_data":2193,"sent_data":412,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"perfectface.com.br/","fqdn":"perfectface.com.br","domain":"perfectface.com.br","tld":"com.br"},"ip":{"addr":"162.241.2.150","port":443,"asn":19871,"as":"NETWORK-SOLUTIONS-HOSTING","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-02T06:02:58.569Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.perfectface.com.br","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Apr 2026 14:53:11 GMT","end":"Wed, 08 Jul 2026 14:53:10 GMT"},"fingerprint":{"sha1":"3D:E4:FA:02:59:70:C5:CD:9E:5A:51:A1:36:FD:8B:74:F8:49:78:6D","sha256":"BB:A1:D2:79:C7:28:A7:27:36:01:05:08:38:59:27:20:0E:9E:8B:3B:78:BD:07:B9:8C:BD:51:C5:6D:E5:E1:AE"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: perfectface.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nlocation: https://perfectface.com.br/cgi-sys/suspendedpage.cgi\r\ncontent-length: 276\r\ncontent-type: text/html; charset=iso-8859-1\r\ndate: Tue, 02 Jun 2026 06:02:59 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":968,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-03T16:55:47.229708Z","times_seen":16084598,"resource_available":true,"data":null}},"time_used":1516,"timings":{"blocked":658,"dns":259,"connect":196,"send":0,"wait":200,"receive":0,"ssl":200},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"perfectface.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"perfectface.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"perfectface.com.br/cgi-sys/suspendedpage.cgi","fqdn":"perfectface.com.br","domain":"perfectface.com.br","tld":"com.br"},"ip":{"addr":"162.241.2.150","port":443,"asn":19871,"as":"NETWORK-SOLUTIONS-HOSTING","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-02T06:02:59.432Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.perfectface.com.br","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Apr 2026 14:53:11 GMT","end":"Wed, 08 Jul 2026 14:53:10 GMT"},"fingerprint":{"sha1":"3D:E4:FA:02:59:70:C5:CD:9E:5A:51:A1:36:FD:8B:74:F8:49:78:6D","sha256":"BB:A1:D2:79:C7:28:A7:27:36:01:05:08:38:59:27:20:0E:9E:8B:3B:78:BD:07:B9:8C:BD:51:C5:6D:E5:E1:AE"}}},"request":{"raw":"GET /cgi-sys/suspendedpage.cgi HTTP/1.1\r\nHost: perfectface.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 612\r\ncontent-type: text/html\r\ndate: Tue, 02 Jun 2026 06:02:59 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":968,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"8bbf98bbf5d0053409a9c63bf321e05d","sha1":"ed99ae34640a66e88f5dd8bd4fc31a306de6c74f","sha256":"6f5d9bc43ee4175845d07b9c482822edbd556ebf9c1556e22859e0d4125b757b","sha512":"0d76f36552c436a10f36ee21c495f83169706e7aff224adb2dfddde9652c79240a06a4b91fec2fbeca44824cd31957b3800d8c5e665ef9b4d744e2a06f3ad22b","ssdeep":"","tlshash":"d411584984851a4ee391af7077f3f6719d4081828c874794f090375bc5c15a5f7a23d0","first_seen":"2023-04-17T17:28:04Z","last_seen":"2026-06-02T06:03:21.753568Z","times_seen":217,"resource_available":true,"data":null}},"time_used":265,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":264,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"perfectface.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"perfectface.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.hostgator.com.br/images/bg_404.jpg","fqdn":"www.hostgator.com.br","domain":"hostgator.com.br","tld":"com.br"},"ip":{"addr":"172.66.40.38","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://perfectface.com.br/cgi-sys/suspendedpage.cgi","date":"2026-06-02T06:02:59.949Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.hostgator.com.br","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 10 Apr 2026 00:00:00 GMT","end":"Sun, 25 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5D:4B:ED:54:C7:32:26:35:6E:9C:3B:19:B3:C2:49:E0:8B:6D:7C:4A","sha256":"F7:7C:7F:9A:20:FD:58:00:BD:67:DC:6C:90:6C:55:6C:FD:AC:7E:70:43:C1:31:C9:4A:21:A6:22:C7:0F:F7:BC"}}},"request":{"raw":"GET /images/bg_404.jpg HTTP/1.1\r\nHost: www.hostgator.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ndate: Tue, 02 Jun 2026 06:03:00 GMT\r\ncontent-type: text/html; charset=UTF-8\r\naccept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA\r\ncf-mitigated: challenge\r\ncontent-security-policy: default-src 'none'; script-src 'nonce-irLxpwYvGNVFkhXSsOs25F' 'unsafe-eval' https://challenges.cloudflare.com; script-src-attr 'none'; style-src 'unsafe-inline'; img-src 'self' https://challenges.cloudflare.com; connect-src 'self' https://challenges.cloudflare.com; frame-src 'self' https://challenges.cloudflare.com blob:; child-src 'self' https://challenges.cloudflare.com blob:; worker-src blob:; form-action http: https:; base-uri 'self'\r\nserver: cloudflare\r\ncritical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA\r\ncross-origin-embedder-policy: require-corp\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: same-origin\r\norigin-agent-cluster: ?1\r\npermissions-policy: accelerometer=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),xr-spatial-tracking=(self)\r\nreferrer-policy: same-origin\r\nserver-timing: chlray;desc=\"a054409d3ac9569d\"\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nset-cookie: __cf_bm=rKoEKhU5xRHZV1u1HS0SWQzwPhAGH6rkkNJgJaASqz8-1780380180.0314093-1.0.1.1-9LhZAKye8X1U7V3Pm31Q6VViLTd28dKN2ixsK0u8FKdP79C9NEw5AbGUAur1AIUezbEGhi900ouaSl2qcU_xTdfh2juVqoojIcgOqk8DcEKdXxaMg915jYvR_aImYboQ; HttpOnly; SameSite=None; Secure; Path=/; Domain=hostgator.com.br; Expires=Tue, 02 Jun 2026 06:33:00 GMT\r\ncontent-encoding: gzip\r\ncf-ray: a054409d3ac9569d-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-03T16:55:47.229708Z","times_seen":16084598,"resource_available":true,"data":null}},"time_used":178,"timings":{"blocked":83,"dns":6,"connect":1,"send":0,"wait":12,"receive":0,"ssl":73},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"perfectface.com.br/favicon.ico","fqdn":"perfectface.com.br","domain":"perfectface.com.br","tld":"com.br"},"ip":{"addr":"162.241.2.150","port":443,"asn":19871,"as":"NETWORK-SOLUTIONS-HOSTING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://perfectface.com.br/cgi-sys/suspendedpage.cgi","date":"2026-06-02T06:03:00.073Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.perfectface.com.br","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Apr 2026 14:53:11 GMT","end":"Wed, 08 Jul 2026 14:53:10 GMT"},"fingerprint":{"sha1":"3D:E4:FA:02:59:70:C5:CD:9E:5A:51:A1:36:FD:8B:74:F8:49:78:6D","sha256":"BB:A1:D2:79:C7:28:A7:27:36:01:05:08:38:59:27:20:0E:9E:8B:3B:78:BD:07:B9:8C:BD:51:C5:6D:E5:E1:AE"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: perfectface.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://perfectface.com.br/cgi-sys/suspendedpage.cgi\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nlocation: https://perfectface.com.br/cgi-sys/suspendedpage.cgi\r\ncontent-length: 276\r\ncontent-type: text/html; charset=iso-8859-1\r\ndate: Tue, 02 Jun 2026 06:03:00 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":968,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-03T16:55:47.229708Z","times_seen":16084598,"resource_available":true,"data":null}},"time_used":200,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":200,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"perfectface.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"perfectface.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"perfectface.com.br/cgi-sys/suspendedpage.cgi","fqdn":"perfectface.com.br","domain":"perfectface.com.br","tld":"com.br"},"ip":{"addr":"162.241.2.150","port":443,"asn":19871,"as":"NETWORK-SOLUTIONS-HOSTING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://perfectface.com.br/cgi-sys/suspendedpage.cgi","date":"2026-06-02T06:03:00.278Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.perfectface.com.br","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Apr 2026 14:53:11 GMT","end":"Wed, 08 Jul 2026 14:53:10 GMT"},"fingerprint":{"sha1":"3D:E4:FA:02:59:70:C5:CD:9E:5A:51:A1:36:FD:8B:74:F8:49:78:6D","sha256":"BB:A1:D2:79:C7:28:A7:27:36:01:05:08:38:59:27:20:0E:9E:8B:3B:78:BD:07:B9:8C:BD:51:C5:6D:E5:E1:AE"}}},"request":{"raw":"GET /cgi-sys/suspendedpage.cgi HTTP/1.1\r\nHost: perfectface.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://perfectface.com.br/cgi-sys/suspendedpage.cgi\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 612\r\ncontent-type: text/html\r\ndate: Tue, 02 Jun 2026 06:03:00 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":968,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"8bbf98bbf5d0053409a9c63bf321e05d","sha1":"ed99ae34640a66e88f5dd8bd4fc31a306de6c74f","sha256":"6f5d9bc43ee4175845d07b9c482822edbd556ebf9c1556e22859e0d4125b757b","sha512":"0d76f36552c436a10f36ee21c495f83169706e7aff224adb2dfddde9652c79240a06a4b91fec2fbeca44824cd31957b3800d8c5e665ef9b4d744e2a06f3ad22b","ssdeep":"","tlshash":"d411584984851a4ee391af7077f3f6719d4081828c874794f090375bc5c15a5f7a23d0","first_seen":"2023-04-17T17:28:04Z","last_seen":"2026-06-02T06:03:21.753568Z","times_seen":217,"resource_available":true,"data":null}},"time_used":281,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":281,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"perfectface.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"perfectface.com.br","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}