{"report_id":"c8c12c4c-621f-4885-a4cd-973a6b794fbb","version":6,"status":"done","tags":[],"date":"2026-05-06T17:27:38Z","url":{"schema":"https","addr":"pgmei-simples.top","fqdn":"pgmei-simples.top","domain":"pgmei-simples.top","tld":"top"},"ip":{"addr":"37.148.132.19","port":0,"asn":44928,"as":"Trixit Holding B.V.","country":"The Netherlands","country_code":"NL"},"final":{"url":{"schema":"https","addr":"pgmei-simples.top/","fqdn":"pgmei-simples.top","domain":"pgmei-simples.top","tld":"top"},"title":"PGMEI - Programa Gerador de DAS do Microempreendedor Individual","dom":{"size":4453,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"00b44352a4b28aeb4ccbf1d9181a3565","sha1":"1f8babbd701e4905f188a3eece38ea2facf8ad95","sha256":"c80754e8242e71488ab8c2103302cbc91fc0b516b7534d2f34c3ef99662c738b","sha512":"fc9a26da7b3cba759d3df861bb8142efe0b28842e9b38a1b68fe501218fb769ed73cb44c9622de85d945b3ce62e99ba2b82dc4d403f3d45128361aae1daae828","ssdeep":"48:TwTcdOMJEqGrjbG3LnIQONxAYaM9hPwIuaPR7JD:AcdXaxbuLPONxAY5jPwIuaPR7Z","tlshash":"d19133315cf446b7018298856ae1be1ebed0da03da1f8a5471fc47d09fcbe86d8a3258","dom_hash":"domhash212aa743191593cc3d8a6339d049cbc3","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"pgmei-simples.top","fqdn":"pgmei-simples.top","domain":"pgmei-simples.top","tld":"top"},"ip":{"addr":"37.148.132.19","port":0,"asn":44928,"as":"Trixit Holding B.V.","country":"The Netherlands","country_code":"NL"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-10T17:27:38Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"pgmei-simples.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"pgmei-simples.top","ip":{"addr":"37.148.132.19","port":443,"asn":44928,"as":"Trixit Holding B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2026-03-31","domain_rank":0,"first_seen":"2026-05-06T17:27:38.385022Z","last_seen":"2026-05-06T17:27:38.385022Z","alert_count":7,"request_count":7,"received_data":64012,"sent_data":3472,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.28.3","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"spin.js","description":"Configurable JavaScript/CSS spinner that can be used as a resolution-independent loading indicator","website":"https://spin.js.org/","common_platform_enumeration":"","icon":"spin.js.png","categories":["JavaScript graphics"]},{"name":"Spin.js:2.3.2","description":"Spin.js is a configurable JavaScript/CSS spinner serving as a resolution-independent loading indicator.","website":"https://spin.js.org","common_platform_enumeration":"","icon":"SpinJS.svg","categories":["JavaScript libraries"]},{"name":"cdnjs","description":"cdnjs is a free distributed JS library delivery service.","website":"https://cdnjs.com","common_platform_enumeration":"","icon":"cdnjs.svg","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"PHP:8.1.31","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2026-05-03T22:34:13.116124Z","alert_count":0,"request_count":3,"received_data":20131,"sent_data":1361,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"www8.receita.fazenda.gov.br","ip":{"addr":"189.9.84.33","port":443,"asn":10954,"as":"SERVICO FEDERAL DE PROCESSAMENTO DE DADOS - SERPRO","country":"Brazil","country_code":"BR"},"domain_registered":"1995-08-28","domain_rank":14844,"first_seen":"2017-01-31T13:27:01Z","last_seen":"2026-04-01T22:35:37.659227Z","alert_count":0,"request_count":1,"received_data":60751,"sent_data":514,"comment":"","tags":null,"fingerprints":[{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/Ladda/1.0.6/ladda.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"570b5f9f363c7415d9a4b8c0e9c79888","sha1":"431101339829718a9d2dc86ed86cb382983997d8","sha256":"c6aafa740975d72ce8f6cb1516e568a6c14d07f596c853dbf6c34ea2586ae374","sha512":"7caf247dc9586324543752b37592d526b01cf8b99db19607fb4169dd33f830f27370b524dc56d0a5f5926cbfeec61edc9aa6eea2027be693262fad9288dc167a","ssdeep":"96:p7Ivfd7aE2phTZr4CX+TueClNlR2qV9DbGx8DUT7YUUU/7mnZbZfy468dTlNHO:pkv72pFZr4CxtlNlRcx2UT7v7mnZbZfi","tlshash":"71a155047041757726a707d70c3bd11be0b2b9be924a0863e598cc69f9d8f4b2575dbc","size":5040,"data":"","first_seen":"2023-03-08T01:18:40Z","last_seen":"2026-05-23T08:15:43.072319Z","times_seen":54,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/spin.js/2.3.2/spin.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"545405225c13b2f42ab103fca31a49b1","sha1":"f91e2b661f4feb976b5e260bdc2366763ad13562","sha256":"3e27aa13441d103329a705eb4f349942bead5855f75b92a4c91572175ccddde8","sha512":"36c0d07c15dee0f427f05509ced4f7e8d5d08974229bc505601dde2a67a2fb3fc4bf698c68d8049617314905a8ad89f7c32701db3e25ed4f0157f90e2920e362","ssdeep":"96:nr3zL4VHN+pMw1EEyjQU8vWeJWVPoDyfSUri:nrDL49N+phXW8vWv2","tlshash":"bb91b55cf3c1b15f66232195b5afc58f213814867c1e88a8d564d6c99e70db820fbf9c","size":4277,"data":"","first_seen":"2023-03-07T01:10:50Z","last_seen":"2026-06-13T09:28:23.652755Z","times_seen":4327,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pgmei-simples.top/assets/js/login.js?v=1778088437","fqdn":"pgmei-simples.top","domain":"pgmei-simples.top","tld":"top"},"ip":{"addr":"37.148.132.19","port":443,"asn":44928,"as":"Trixit Holding B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"3c8b3d371368ec78b4c9eda624f272a0","sha1":"df62753db1fd69c2d5dd2fb903fe8b9ff49995ac","sha256":"2f99f7db1190388b20173ffc772694bd7b07c6dfd7e1374a0ad6ed1e03f65282","sha512":"fd340b479ef883f033a48fc7b20ce01f8cfbb2c065d1b9aeec66b44321da9152498e0607ae54d083e61d80df5b0a07d60562568529387d82d572ab9328e4e9f7","ssdeep":"192:CYScoCqGvdvOGjh14PN0+WGBxywOULqyhAtHQCzTWjDSjZrnsXyOy3h0:7ggvdvOOsPLzBM/zSHmrA","tlshash":"5862754926b30022097770bc578be62635359083254addd63e5e8b049f86f25abf2fed","size":15874,"data":"","first_seen":"2026-05-06T17:27:42.982268Z","last_seen":"2026-05-06T17:29:41.211203Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pgmei-simples.top/security/security.js","fqdn":"pgmei-simples.top","domain":"pgmei-simples.top","tld":"top"},"ip":{"addr":"37.148.132.19","port":443,"asn":44928,"as":"Trixit Holding B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"7a8b3b1f3ba72b7b71d55ba162171572","sha1":"ad97d179e28a74aa2a7e5d38c18804af33aad2ec","sha256":"1d54328bdef770717576df364551a46500b2441de6d37a6545783fd7bf220fd3","sha512":"04811193a6588304eef195e59cf51fb1dae8d540be6dd6ae155f04c787ea667b114c2b2b8bba1ff6115cb6826c3970d423754776bd03c3cdfb90d68bee804562","ssdeep":"192:GBpwqK4KLH4WFFvMYqxMfQUpeVWYmnC/WYZ:hn4KhqxMfPTJC","tlshash":"8ef1413a66d329a4b057f13e5bab91452171b117300eca447e0dbb40afdca3406a6ff9","size":7658,"data":"","first_seen":"2026-05-06T17:27:42.977318Z","last_seen":"2026-05-06T17:29:41.209435Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"pgmei-simples.top/assets/css/style.css","fqdn":"pgmei-simples.top","domain":"pgmei-simples.top","tld":"top"},"ip":{"addr":"37.148.132.19","port":443,"asn":44928,"as":"Trixit Holding B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://pgmei-simples.top/","date":"2026-05-06T17:27:17.743Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pgmei-simples.top","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 31 Mar 2026 21:25:14 GMT","end":"Mon, 29 Jun 2026 21:25:13 GMT"},"fingerprint":{"sha1":"D2:58:18:21:61:FB:00:F7:C9:56:0C:B7:85:89:22:CE:E8:93:83:3B","sha256":"09:4F:39:AC:06:B7:FC:F7:30:B0:9A:A2:91:E8:39:3B:05:A1:A7:2A:05:8B:04:01:DB:21:59:6A:E5:CB:A3:14"}}},"request":{"raw":"GET /assets/css/style.css HTTP/1.1\r\nHost: pgmei-simples.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pgmei-simples.top/\r\nCookie: PHPSESSID=bd62c0fea25ef1c68c635222cb3b54f0\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.3\r\nDate: Wed, 06 May 2026 17:27:17 GMT\r\nContent-Type: text/css\r\nLast-Modified: Thu, 27 Nov 2025 02:29:20 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"6927b780-4eee\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.3","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":20206,"size_decoded":0,"mime_type":"text/css","magic":"assembler source, ASCII text, with very long lines (830)","md5":"69ccdd637ea5d2db9bb84761e103945a","sha1":"10d426a2bd6f87a2af5c2692ce8f2fa0e146f716","sha256":"39858706f3b399a64905a9453ebdcad616a6a030ce48dec71fd70a4666178645","sha512":"108a342f67213989d67daa7d2c7a65d0f7613e2f18188cbe3834974fd809ba38e38c5128acd934c0171faa12d8a02217ff435e3e28e1e0c7f3dcf912fc6079ff","ssdeep":"192:ztZqSLkL86edDSSZ3FH979H+RFTRkdNILy9oG6U0WOoQYcS2+hJttQhwI:5NAyFdQRoDoNZ+tg","tlshash":"81924f6adaa3198abc13a57c27eb6a853331c003c609dd7e3e9d7364cf4a3d458b1745","first_seen":"2026-05-06T17:27:42.97382Z","last_seen":"2026-05-06T17:29:41.204571Z","times_seen":2,"resource_available":false,"data":null}},"time_used":189,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":189,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"pgmei-simples.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/Ladda/1.0.6/ladda-themeless.min.css","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://pgmei-simples.top/","date":"2026-05-06T17:27:17.746Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Mar 2026 00:38:49 GMT","end":"Fri, 12 Jun 2026 01:38:45 GMT"},"fingerprint":{"sha1":"7A:4A:F6:D6:63:62:70:CA:51:C5:5A:06:41:17:71:BF:9D:2C:C9:42","sha256":"7F:F5:F5:FE:73:1F:E7:AF:1A:82:5B:59:EE:E8:E9:65:D6:87:68:61:8C:11:1E:94:4A:9A:C4:14:BD:4B:04:BA"}}},"request":{"raw":"GET /ajax/libs/Ladda/1.0.6/ladda-themeless.min.css HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pgmei-simples.top/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 06 May 2026 17:27:17 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 952\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb03cf0-1e73\"\r\nlast-modified: Mon, 04 May 2020 16:04:00 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: MISS\r\nexpires: Mon, 26 Apr 2027 17:27:17 GMT\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VMlmg6%2FZK1Sxz6MrMqSV9WA9d701o2i%2BSkyJxctlqYzBvwE8mXFHOuy0P%2B0XodeBHNTS5y7jEJkopqx5CPozKQjK7nj1ooRbysx0CKKN7FiVTiYWywuJPpwzxQQlM9brzafCx5bt\"}]}\r\ncf-ray: 9f79b1e008060daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7795,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (7678)","md5":"d40440c3f359379a9202a4f3cc1c8fbf","sha1":"e26750f3c0b9a6375b1d3da99e8f6b1689c0cdaf","sha256":"e04f45d5086f1c8899f65fb70debfec191723f7190257997a91f936348493433","sha512":"10e63df53519ec00a508dbdb9efae1b4c5c3b96cf15015d5ed2168bebb87bd87f675bbd1079c9afa38033e4e5b3b24ed6436ea147dcf4ee4d697f0fbfbb306b0","ssdeep":"96:/7C7Byr4+5NMCR46Gb1lYRECaTudnwva7:/7RdauzdnyO","tlshash":"5ff168c83c1a4bdd81a3074557ce713c6867b16353c19f8a762926eaf1b39cd3029b9e","first_seen":"2023-04-15T22:51:55Z","last_seen":"2026-06-12T09:36:27.595594Z","times_seen":197,"resource_available":false,"data":null}},"time_used":137,"timings":{"blocked":21,"dns":2,"connect":1,"send":0,"wait":88,"receive":0,"ssl":22},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pgmei-simples.top/assets/img/logo-simples.png","fqdn":"pgmei-simples.top","domain":"pgmei-simples.top","tld":"top"},"ip":{"addr":"37.148.132.19","port":443,"asn":44928,"as":"Trixit Holding B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pgmei-simples.top/","date":"2026-05-06T17:27:17.747Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pgmei-simples.top","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 31 Mar 2026 21:25:14 GMT","end":"Mon, 29 Jun 2026 21:25:13 GMT"},"fingerprint":{"sha1":"D2:58:18:21:61:FB:00:F7:C9:56:0C:B7:85:89:22:CE:E8:93:83:3B","sha256":"09:4F:39:AC:06:B7:FC:F7:30:B0:9A:A2:91:E8:39:3B:05:A1:A7:2A:05:8B:04:01:DB:21:59:6A:E5:CB:A3:14"}}},"request":{"raw":"GET /assets/img/logo-simples.png HTTP/1.1\r\nHost: pgmei-simples.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pgmei-simples.top/\r\nCookie: PHPSESSID=bd62c0fea25ef1c68c635222cb3b54f0\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.3\r\nDate: Wed, 06 May 2026 17:27:18 GMT\r\nContent-Type: image/png\r\nLast-Modified: Sat, 08 Nov 2025 03:10:50 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"690eb4ba-692\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.3","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1682,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 30 x 31, 8-bit/color RGBA, non-interlaced","md5":"57585f4b62e38aa51c8822a64060d3ac","sha1":"a6c53a2921920a6016ad7e4b401e468a24fc6cef","sha256":"a7c4629164b1914424511badd7c12e6a80f1ded3b49278286e44d77575966d2b","sha512":"da718a9d0a319bb25cf18c2b3d766c1970f1e17c68ae0e4ca4f001dca3b48292075710690649fe9dd48de4852d2f1de7eaa9e9a5dfa5c9834529ddadb38b9fce","ssdeep":"","tlshash":"5b3118b1ce33f918d00409ff1be1010ab2bd21985248061cb45b4f6658b50088029a22","first_seen":"2025-07-05T12:52:33.563574Z","last_seen":"2026-06-03T08:30:45.368999Z","times_seen":18,"resource_available":false,"data":null}},"time_used":956,"timings":{"blocked":382,"dns":10,"connect":185,"send":0,"wait":186,"receive":0,"ssl":190},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"pgmei-simples.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/spin.js/2.3.2/spin.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pgmei-simples.top/","date":"2026-05-06T17:27:17.751Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Mar 2026 00:38:49 GMT","end":"Fri, 12 Jun 2026 01:38:45 GMT"},"fingerprint":{"sha1":"7A:4A:F6:D6:63:62:70:CA:51:C5:5A:06:41:17:71:BF:9D:2C:C9:42","sha256":"7F:F5:F5:FE:73:1F:E7:AF:1A:82:5B:59:EE:E8:E9:65:D6:87:68:61:8C:11:1E:94:4A:9A:C4:14:BD:4B:04:BA"}}},"request":{"raw":"GET /ajax/libs/spin.js/2.3.2/spin.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pgmei-simples.top/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 06 May 2026 17:27:17 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 1827\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb03fd6-10b5\"\r\nlast-modified: Mon, 04 May 2020 16:16:22 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 1756810\r\nexpires: Mon, 26 Apr 2027 17:27:17 GMT\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ND7mEyoafFHhXwOe%2BJx%2F7j4qTIPVdr1ZGcMFEmbMBO%2FmT4IjatTXm2w9K4yFH%2B2drcQra%2BKhfGTwYlUWN0Lh4H1FUFQh9idbMQ5w%2FcwcnNDYCGSCwEinfuZWopF5J7kjZuDJA69T\"}]}\r\ncf-ray: 9f79b1e0181f0daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4277,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (4247)","md5":"545405225c13b2f42ab103fca31a49b1","sha1":"f91e2b661f4feb976b5e260bdc2366763ad13562","sha256":"3e27aa13441d103329a705eb4f349942bead5855f75b92a4c91572175ccddde8","sha512":"36c0d07c15dee0f427f05509ced4f7e8d5d08974229bc505601dde2a67a2fb3fc4bf698c68d8049617314905a8ad89f7c32701db3e25ed4f0157f90e2920e362","ssdeep":"96:nr3zL4VHN+pMw1EEyjQU8vWeJWVPoDyfSUri:nrDL49N+phXW8vWv2","tlshash":"bb91b55cf3c1b15f66232195b5afc58f213814867c1e88a8d564d6c99e70db820fbf9c","first_seen":"2023-03-07T01:10:50Z","last_seen":"2026-06-13T09:28:23.652755Z","times_seen":4327,"resource_available":true,"data":null}},"time_used":56,"timings":{"blocked":20,"dns":4,"connect":1,"send":0,"wait":6,"receive":0,"ssl":22},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pgmei-simples.top/security/security.js","fqdn":"pgmei-simples.top","domain":"pgmei-simples.top","tld":"top"},"ip":{"addr":"37.148.132.19","port":443,"asn":44928,"as":"Trixit Holding B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pgmei-simples.top/","date":"2026-05-06T17:27:17.755Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pgmei-simples.top","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 31 Mar 2026 21:25:14 GMT","end":"Mon, 29 Jun 2026 21:25:13 GMT"},"fingerprint":{"sha1":"D2:58:18:21:61:FB:00:F7:C9:56:0C:B7:85:89:22:CE:E8:93:83:3B","sha256":"09:4F:39:AC:06:B7:FC:F7:30:B0:9A:A2:91:E8:39:3B:05:A1:A7:2A:05:8B:04:01:DB:21:59:6A:E5:CB:A3:14"}}},"request":{"raw":"GET /security/security.js HTTP/1.1\r\nHost: pgmei-simples.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pgmei-simples.top/\r\nCookie: PHPSESSID=bd62c0fea25ef1c68c635222cb3b54f0\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.3\r\nDate: Wed, 06 May 2026 17:27:18 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nLast-Modified: Tue, 31 Mar 2026 20:28:36 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"69cc2e74-1dea\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.3","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7658,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"7a8b3b1f3ba72b7b71d55ba162171572","sha1":"ad97d179e28a74aa2a7e5d38c18804af33aad2ec","sha256":"1d54328bdef770717576df364551a46500b2441de6d37a6545783fd7bf220fd3","sha512":"04811193a6588304eef195e59cf51fb1dae8d540be6dd6ae155f04c787ea667b114c2b2b8bba1ff6115cb6826c3970d423754776bd03c3cdfb90d68bee804562","ssdeep":"192:GBpwqK4KLH4WFFvMYqxMfQUpeVWYmnC/WYZ:hn4KhqxMfPTJC","tlshash":"8ef1413a66d329a4b057f13e5bab91452171b117300eca447e0dbb40afdca3406a6ff9","first_seen":"2026-05-06T17:27:42.977318Z","last_seen":"2026-05-06T17:29:41.209435Z","times_seen":2,"resource_available":true,"data":null}},"time_used":918,"timings":{"blocked":359,"dns":1,"connect":183,"send":0,"wait":184,"receive":0,"ssl":188},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"pgmei-simples.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www8.receita.fazenda.gov.br/SimplesNacional/Aplicacoes/ATSPO/pgmei.app/Content/img/bkg_header_entes.png","fqdn":"www8.receita.fazenda.gov.br","domain":"fazenda.gov.br","tld":"gov.br"},"ip":{"addr":"189.9.84.33","port":443,"asn":10954,"as":"SERVICO FEDERAL DE PROCESSAMENTO DE DADOS - SERPRO","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pgmei-simples.top/","date":"2026-05-06T17:27:17.938Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www8.receita.fazenda.gov.br","organization":"SERVICO FEDERAL DE PROCESSAMENTO DE DADOS (SERPRO)"},"issuer":{"commonName":"Sectigo RSA Organization Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Wed, 30 Apr 2025 00:00:00 GMT","end":"Wed, 20 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2B:CE:78:D8:21:14:6D:19:B3:08:67:1A:F5:2B:B4:F7:F6:00:81:0A","sha256":"14:3B:15:C1:60:D6:41:F6:17:32:E8:1D:B1:DB:74:45:C0:0C:66:0A:8D:4C:E6:66:A7:64:BD:25:6E:F2:CA:09"}}},"request":{"raw":"GET /SimplesNacional/Aplicacoes/ATSPO/pgmei.app/Content/img/bkg_header_entes.png HTTP/1.1\r\nHost: www8.receita.fazenda.gov.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pgmei-simples.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Mon, 30 Jun 2025 11:56:36 GMT\r\naccept-ranges: bytes\r\netag: \"032b27b6e9db1:0\"\r\nserver: Microsoft-IIS/10.0\r\ncontent-security-policy: frame-ancestors 'self' https://*.receita.fazenda.gov.br\r\nset-cookie: ARRAffinity=d1bfa57b91c613be7af957fbf6310211de0473869a6b58e15100337aeed2f9eb;Path=/;Domain=www8.receita.fazenda.gov.br\r\nx-powered-by: ASP.NET, ARR/2.5, ASP.NET\r\ndate: Wed, 06 May 2026 17:27:18 GMT\r\ncontent-length: 60253\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":60253,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1440 x 111, 8-bit/color RGBA, non-interlaced","md5":"b5c5b220c02e919260ed3e7fd2afe2ea","sha1":"11ff49dac45d6244afb31bb10fae66cb86a8db6e","sha256":"442c6e381176198fc4c9f71a1ec7888467adab82dc717e9316e07132d860702c","sha512":"4187b6056bd373944fc814a856b80226178c6f17d74545ba5b0143719e836b4876964a4f70f86755d687a529ec822fede68aea4c2cea3f4b35a03b10fce4dc07","ssdeep":"1536:kjo2lrJf1r89F7bOp0bCUmNgDJB6BAsiAgq:kjf1fw7bO2DJqAsiA9","tlshash":"364302e5bca9859369ef518142fc63f57c79c86e29a8ce0c0338f776223f5856059868","first_seen":"2025-07-05T12:52:33.55368Z","last_seen":"2026-06-03T08:30:45.365011Z","times_seen":18,"resource_available":false,"data":null}},"time_used":2205,"timings":{"blocked":804,"dns":188,"connect":198,"send":0,"wait":201,"receive":394,"ssl":418},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pgmei-simples.top/favicon.ico","fqdn":"pgmei-simples.top","domain":"pgmei-simples.top","tld":"top"},"ip":{"addr":"37.148.132.19","port":443,"asn":44928,"as":"Trixit Holding B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pgmei-simples.top/","date":"2026-05-06T17:27:18.420Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pgmei-simples.top","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 31 Mar 2026 21:25:14 GMT","end":"Mon, 29 Jun 2026 21:25:13 GMT"},"fingerprint":{"sha1":"D2:58:18:21:61:FB:00:F7:C9:56:0C:B7:85:89:22:CE:E8:93:83:3B","sha256":"09:4F:39:AC:06:B7:FC:F7:30:B0:9A:A2:91:E8:39:3B:05:A1:A7:2A:05:8B:04:01:DB:21:59:6A:E5:CB:A3:14"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: pgmei-simples.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pgmei-simples.top/\r\nCookie: PHPSESSID=bd62c0fea25ef1c68c635222cb3b54f0\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.3\r\nDate: Wed, 06 May 2026 17:27:18 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/8.1.31\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.3","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"spin.js","description":"Configurable JavaScript/CSS spinner that can be used as a resolution-independent loading indicator","website":"https://spin.js.org/","common_platform_enumeration":"","icon":"spin.js.png","categories":["JavaScript graphics"]},{"name":"Spin.js:2.3.2","description":"Spin.js is a configurable JavaScript/CSS spinner serving as a resolution-independent loading indicator.","website":"https://spin.js.org","common_platform_enumeration":"","icon":"SpinJS.svg","categories":["JavaScript libraries"]},{"name":"cdnjs","description":"cdnjs is a free distributed JS library delivery service.","website":"https://cdnjs.com","common_platform_enumeration":"","icon":"cdnjs.svg","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"PHP:8.1.31","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":4255,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"f3a46657a28e9f3fcbef6c4df0813193","sha1":"d2be58040e40c5f149ea617fd892613633e6ab58","sha256":"6ae406933a01e2378818daaee676d22e08c33902655a8e08f9a66a7f7c541a1c","sha512":"1f29db8f7013b7f3a4f7d5db6c0ecf50760c83ecc9f17f38ebde446b790f032ad530acebfe4089cd3cbce262897075bc069a0c74da9901df9c0be617687a557a","ssdeep":"48:dwTnqGrjbG3LnIQONxAYSMvhPw/ySaPRQJNM:CnxbuLPONxAYBpPw/FaPRQDM","tlshash":"a89110714cf846a70192a4896ae1ae0e7fd0da03d61f8a44b1fc47c09fcbe86d997618","first_seen":"2026-05-06T17:27:42.979288Z","last_seen":"2026-05-06T17:27:42.979288Z","times_seen":1,"resource_available":false,"data":null}},"time_used":190,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":189,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"pgmei-simples.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pgmei-simples.top/","fqdn":"pgmei-simples.top","domain":"pgmei-simples.top","tld":"top"},"ip":{"addr":"37.148.132.19","port":443,"asn":44928,"as":"Trixit Holding B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-06T17:27:16.856Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pgmei-simples.top","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 31 Mar 2026 21:25:14 GMT","end":"Mon, 29 Jun 2026 21:25:13 GMT"},"fingerprint":{"sha1":"D2:58:18:21:61:FB:00:F7:C9:56:0C:B7:85:89:22:CE:E8:93:83:3B","sha256":"09:4F:39:AC:06:B7:FC:F7:30:B0:9A:A2:91:E8:39:3B:05:A1:A7:2A:05:8B:04:01:DB:21:59:6A:E5:CB:A3:14"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: pgmei-simples.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.3\r\nDate: Wed, 06 May 2026 17:27:17 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/8.1.31\r\nSet-Cookie: PHPSESSID=bd62c0fea25ef1c68c635222cb3b54f0; path=/\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.3","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"spin.js","description":"Configurable JavaScript/CSS spinner that can be used as a resolution-independent loading indicator","website":"https://spin.js.org/","common_platform_enumeration":"","icon":"spin.js.png","categories":["JavaScript graphics"]},{"name":"Spin.js:2.3.2","description":"Spin.js is a configurable JavaScript/CSS spinner serving as a resolution-independent loading indicator.","website":"https://spin.js.org","common_platform_enumeration":"","icon":"SpinJS.svg","categories":["JavaScript libraries"]},{"name":"cdnjs","description":"cdnjs is a free distributed JS library delivery service.","website":"https://cdnjs.com","common_platform_enumeration":"","icon":"cdnjs.svg","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"PHP:8.1.31","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":4255,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"621ec725df6ce750112f2eb27a182851","sha1":"d66167ff1d418879890edda507f1aea8e39e51f1","sha256":"e0940bd181ab6c16bd5e58771d535dc8677f3d982c4d5ee0a7caa329b23e42d8","sha512":"82382c99d62bf76005e927a73b4a977822cd51591c4b4bafd3ade0e30691eb1314f09ca06397026e1969a056c28ceb2a927a137932a9b4798c7fe06eace823cc","ssdeep":"48:dwTnqGrjbG3LnIQONxAYSMvhPw/ySaPR7JNM:CnxbuLPONxAYBpPw/FaPR7DM","tlshash":"3f9110714cf846a70192a4896ae1ae0e7fd0da03d61f8a44b1fc47c09fcbe86d997618","first_seen":"2026-05-06T17:27:42.980211Z","last_seen":"2026-05-06T17:27:42.980211Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1125,"timings":{"blocked":464,"dns":84,"connect":188,"send":0,"wait":192,"receive":0,"ssl":194},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"pgmei-simples.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pgmei-simples.top/assets/img/marca_Simples_entes.png","fqdn":"pgmei-simples.top","domain":"pgmei-simples.top","tld":"top"},"ip":{"addr":"37.148.132.19","port":443,"asn":44928,"as":"Trixit Holding B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pgmei-simples.top/","date":"2026-05-06T17:27:17.748Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pgmei-simples.top","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 31 Mar 2026 21:25:14 GMT","end":"Mon, 29 Jun 2026 21:25:13 GMT"},"fingerprint":{"sha1":"D2:58:18:21:61:FB:00:F7:C9:56:0C:B7:85:89:22:CE:E8:93:83:3B","sha256":"09:4F:39:AC:06:B7:FC:F7:30:B0:9A:A2:91:E8:39:3B:05:A1:A7:2A:05:8B:04:01:DB:21:59:6A:E5:CB:A3:14"}}},"request":{"raw":"GET /assets/img/marca_Simples_entes.png HTTP/1.1\r\nHost: pgmei-simples.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pgmei-simples.top/\r\nCookie: PHPSESSID=bd62c0fea25ef1c68c635222cb3b54f0\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.3\r\nDate: Wed, 06 May 2026 17:27:18 GMT\r\nContent-Type: image/png\r\nLast-Modified: Sat, 08 Nov 2025 03:10:50 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"690eb4ba-1f72\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.3","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8050,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 167 x 49, 8-bit/color RGBA, non-interlaced","md5":"15a70b882915003675e56406d7cd3d42","sha1":"051f12dc02337cc57c7935a8dd3c5bdc81f2bd0c","sha256":"a46ea0fe46e124ae14e969c41dc7240672f52309e483416484f7249beafe441d","sha512":"2f8eee79a1a3fe85b176b506db6fa4738f01478270267dea18989b178b7f7544fd13dd819c50700b2d24b58be68a6fa44cbf467af1ad9f75ad216d089dfa46c8","ssdeep":"192:dB7YmFzi4/0t/KXnqOWxXSjIS6C5hCjaQZLy:DRzAQXqO8S3bCjrFy","tlshash":"fef1bf5b96a9dc0e93af5ad500625033525fad204ee5f0a418db4548257a2af50af2d3","first_seen":"2025-07-05T12:52:33.573181Z","last_seen":"2026-05-29T18:19:20.311734Z","times_seen":17,"resource_available":false,"data":null}},"time_used":960,"timings":{"blocked":383,"dns":9,"connect":188,"send":0,"wait":187,"receive":1,"ssl":190},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"pgmei-simples.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/Ladda/1.0.6/ladda.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pgmei-simples.top/","date":"2026-05-06T17:27:17.753Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Mar 2026 00:38:49 GMT","end":"Fri, 12 Jun 2026 01:38:45 GMT"},"fingerprint":{"sha1":"7A:4A:F6:D6:63:62:70:CA:51:C5:5A:06:41:17:71:BF:9D:2C:C9:42","sha256":"7F:F5:F5:FE:73:1F:E7:AF:1A:82:5B:59:EE:E8:E9:65:D6:87:68:61:8C:11:1E:94:4A:9A:C4:14:BD:4B:04:BA"}}},"request":{"raw":"GET /ajax/libs/Ladda/1.0.6/ladda.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pgmei-simples.top/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 06 May 2026 17:27:17 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 1638\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb03cf0-13b0\"\r\nlast-modified: Mon, 04 May 2020 16:04:00 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 1415796\r\nexpires: Mon, 26 Apr 2027 17:27:17 GMT\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aoO0hcPctUDKED0z5YYPaUiZ2ISJrzJPuD%2FagbQCtxraAJ%2BjVzFn8E0iaxtTVqcm4306DtfBySnJMCJzon2Me1twlJEbMeZyIfQn%2FABCvtugjuyO0JG2rKlmQ8Qrf9KxIrR%2BUUlE\"}]}\r\ncf-ray: 9f79b1e018300daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5040,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (4893)","md5":"570b5f9f363c7415d9a4b8c0e9c79888","sha1":"431101339829718a9d2dc86ed86cb382983997d8","sha256":"c6aafa740975d72ce8f6cb1516e568a6c14d07f596c853dbf6c34ea2586ae374","sha512":"7caf247dc9586324543752b37592d526b01cf8b99db19607fb4169dd33f830f27370b524dc56d0a5f5926cbfeec61edc9aa6eea2027be693262fad9288dc167a","ssdeep":"96:p7Ivfd7aE2phTZr4CX+TueClNlR2qV9DbGx8DUT7YUUU/7mnZbZfy468dTlNHO:pkv72pFZr4CxtlNlRcx2UT7v7mnZbZfi","tlshash":"71a155047041757726a707d70c3bd11be0b2b9be924a0863e598cc69f9d8f4b2575dbc","first_seen":"2023-03-08T01:18:40Z","last_seen":"2026-05-23T08:15:43.072319Z","times_seen":54,"resource_available":true,"data":null}},"time_used":53,"timings":{"blocked":21,"dns":1,"connect":5,"send":0,"wait":6,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pgmei-simples.top/assets/js/login.js?v=1778088437","fqdn":"pgmei-simples.top","domain":"pgmei-simples.top","tld":"top"},"ip":{"addr":"37.148.132.19","port":443,"asn":44928,"as":"Trixit Holding B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pgmei-simples.top/","date":"2026-05-06T17:27:17.753Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pgmei-simples.top","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 31 Mar 2026 21:25:14 GMT","end":"Mon, 29 Jun 2026 21:25:13 GMT"},"fingerprint":{"sha1":"D2:58:18:21:61:FB:00:F7:C9:56:0C:B7:85:89:22:CE:E8:93:83:3B","sha256":"09:4F:39:AC:06:B7:FC:F7:30:B0:9A:A2:91:E8:39:3B:05:A1:A7:2A:05:8B:04:01:DB:21:59:6A:E5:CB:A3:14"}}},"request":{"raw":"GET /assets/js/login.js?v=1778088437 HTTP/1.1\r\nHost: pgmei-simples.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pgmei-simples.top/\r\nCookie: PHPSESSID=bd62c0fea25ef1c68c635222cb3b54f0\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.3\r\nDate: Wed, 06 May 2026 17:27:18 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nLast-Modified: Mon, 30 Mar 2026 19:50:06 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"69cad3ee-3e06\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.3","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15878,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Unicode text, UTF-8 text","md5":"3c8b3d371368ec78b4c9eda624f272a0","sha1":"df62753db1fd69c2d5dd2fb903fe8b9ff49995ac","sha256":"2f99f7db1190388b20173ffc772694bd7b07c6dfd7e1374a0ad6ed1e03f65282","sha512":"fd340b479ef883f033a48fc7b20ce01f8cfbb2c065d1b9aeec66b44321da9152498e0607ae54d083e61d80df5b0a07d60562568529387d82d572ab9328e4e9f7","ssdeep":"192:CYScoCqGvdvOGjh14PN0+WGBxywOULqyhAtHQCzTWjDSjZrnsXyOy3h0:7ggvdvOOsPLzBM/zSHmrA","tlshash":"5862754926b30022097770bc578be62635359083254addd63e5e8b049f86f25abf2fed","first_seen":"2026-05-06T17:27:42.982268Z","last_seen":"2026-05-06T17:29:41.211203Z","times_seen":2,"resource_available":true,"data":null}},"time_used":363,"timings":{"blocked":173,"dns":0,"connect":0,"send":0,"wait":190,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"pgmei-simples.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}