| 190.196.23.132/estilo.bb.com.br/app/login.php | 190.196.23.132 | 301 Moved Permanently | 186 B |
URL User Request GET HTTP/1.1190.196.23.132/estilo.bb.com.br/app/login.php IP190.196.23.132:80 ASN#14259 Gtd Internet S.A.
File typeHTML document, Unicode text, UTF-8 text Hash5ec82ab9075a5f5f701eb215f34aac67 f4edbb65ce98c7e6ecee91d9931364f791c72b61 3d65c27db4d2ecdef737a4a3c56d7beafd1f811042807cac2edc9753c568e82b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /estilo.bb.com.br/app/login.php HTTP/1.1
Host: 190.196.23.132
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
Location: https://www.caf-sa.cl/estilo.bb.com.br/app/login.php
Server:
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Security-Policy: default-src https: 'unsafe-eval' 'unsafe-inline'; object-src 'none'
Referrer-Policy: strict-origin
Permissions-Policy: fullscreen=()
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: (same-site|same-origin|cross-origin)
Expect-CT: max-age=0, report-uri="https://baninter.report-uri.com/r/d/ct/reportOnly"
Date: Sat, 04 May 2024 23:13:10 GMT
Content-Length: 186
|
|
| www.caf-sa.cl/estilo.bb.com.br/app/login.php | 190.196.23.132 | 302 Found | 170 B |
URL User Request GET HTTP/2www.caf-sa.cl/estilo.bb.com.br/app/login.php IP190.196.23.132:443 ASN#14259 Gtd Internet S.A.
CertificateIssuerGlobalSign nv-sa Subjectwww.baninterfactoring.cl FingerprintAC:67:68:7C:8A:E7:0B:19:A4:44:2A:5D:1C:65:A5:1F:C6:BA:ED:5B ValidityThu, 25 May 2023 20:17:02 GMT - Mon, 24 Jun 2024 15:36:05 GMT
File typeHTML document, Unicode text, UTF-8 text Hash8b074e451ab0e25fe0b55ae154a14d0d b39f6ef04257c79e1b6ad579494f27c575b337f8 16dd1f2fb58048564cd55635ddbbd2f264f144b0856fa580a960f5cb0b2fd06d
GET /estilo.bb.com.br/app/login.php HTTP/1.1
Host: www.caf-sa.cl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
location: https://www.caf-sa.cl/mantencion.htm
server:
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: Strict-Transport-Security: max-age=16070400; includeSubDomains
content-security-policy: default-src https: 'unsafe-eval' 'unsafe-inline'; object-src 'none'
referrer-policy: strict-origin
permissions-policy: fullscreen=()
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: (same-site|same-origin|cross-origin)
expect-ct: max-age=0, report-uri="https://baninter.report-uri.com/r/d/ct/reportOnly"
date: Sat, 04 May 2024 23:13:11 GMT
content-length: 170
X-Firefox-Spdy: h2
|
|
| www.caf-sa.cl/mantencion.htm | 190.196.23.132 | 200 OK | 112 B |
URL User Request GET HTTP/2www.caf-sa.cl/mantencion.htm IP190.196.23.132:443 ASN#14259 Gtd Internet S.A.
CertificateIssuerGlobalSign nv-sa Subjectwww.baninterfactoring.cl FingerprintAC:67:68:7C:8A:E7:0B:19:A4:44:2A:5D:1C:65:A5:1F:C6:BA:ED:5B ValidityThu, 25 May 2023 20:17:02 GMT - Mon, 24 Jun 2024 15:36:05 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash814698bb9b5e8a372e5e049850a6d431 4a3b219489aa1c759f7545c376143467fa884b7d 91a0567e8addaa64eec5b3f0ee43a506459faa4690c8250cf75ceba4ec8d2bd0
GET /mantencion.htm HTTP/1.1
Host: www.caf-sa.cl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Wed, 15 Dec 2021 12:51:31 GMT
accept-ranges: bytes
etag: "63eec7cb2f1d71:0"
server:
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: Strict-Transport-Security: max-age=16070400; includeSubDomains
content-security-policy: default-src https: 'unsafe-eval' 'unsafe-inline'; object-src 'none'
referrer-policy: strict-origin
permissions-policy: fullscreen=()
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: (same-site|same-origin|cross-origin)
expect-ct: max-age=0, report-uri="https://baninter.report-uri.com/r/d/ct/reportOnly"
date: Sat, 04 May 2024 23:13:11 GMT
content-length: 112
X-Firefox-Spdy: h2
|
|
| www.caf-sa.cl/favicon.ico | 190.196.23.132 | 302 Found | 170 B |
URL GET HTTP/2www.caf-sa.cl/favicon.ico IP190.196.23.132:443 ASN#14259 Gtd Internet S.A.
Requested byhttps://www.caf-sa.cl/mantencion.htm CertificateIssuerGlobalSign nv-sa Subjectwww.baninterfactoring.cl FingerprintAC:67:68:7C:8A:E7:0B:19:A4:44:2A:5D:1C:65:A5:1F:C6:BA:ED:5B ValidityThu, 25 May 2023 20:17:02 GMT - Mon, 24 Jun 2024 15:36:05 GMT
File typeHTML document, Unicode text, UTF-8 text Hash8b074e451ab0e25fe0b55ae154a14d0d b39f6ef04257c79e1b6ad579494f27c575b337f8 16dd1f2fb58048564cd55635ddbbd2f264f144b0856fa580a960f5cb0b2fd06d
GET /favicon.ico HTTP/1.1
Host: www.caf-sa.cl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.caf-sa.cl/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
location: https://www.caf-sa.cl/mantencion.htm
server:
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: Strict-Transport-Security: max-age=16070400; includeSubDomains
content-security-policy: default-src https: 'unsafe-eval' 'unsafe-inline'; object-src 'none'
referrer-policy: strict-origin
permissions-policy: fullscreen=()
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: (same-site|same-origin|cross-origin)
expect-ct: max-age=0, report-uri="https://baninter.report-uri.com/r/d/ct/reportOnly"
date: Sat, 04 May 2024 23:13:11 GMT
content-length: 170
X-Firefox-Spdy: h2
|
|
| www.caf-sa.cl/mantencion.htm | 190.196.23.132 | 200 OK | 112 B |
URL User Request GET HTTP/2www.caf-sa.cl/mantencion.htm IP190.196.23.132:443 ASN#14259 Gtd Internet S.A.
CertificateIssuerGlobalSign nv-sa Subjectwww.baninterfactoring.cl FingerprintAC:67:68:7C:8A:E7:0B:19:A4:44:2A:5D:1C:65:A5:1F:C6:BA:ED:5B ValidityThu, 25 May 2023 20:17:02 GMT - Mon, 24 Jun 2024 15:36:05 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash814698bb9b5e8a372e5e049850a6d431 4a3b219489aa1c759f7545c376143467fa884b7d 91a0567e8addaa64eec5b3f0ee43a506459faa4690c8250cf75ceba4ec8d2bd0
GET /mantencion.htm HTTP/1.1
Host: www.caf-sa.cl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.caf-sa.cl/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Wed, 15 Dec 2021 12:51:31 GMT
accept-ranges: bytes
etag: "63eec7cb2f1d71:0"
server:
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: Strict-Transport-Security: max-age=16070400; includeSubDomains
content-security-policy: default-src https: 'unsafe-eval' 'unsafe-inline'; object-src 'none'
referrer-policy: strict-origin
permissions-policy: fullscreen=()
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: (same-site|same-origin|cross-origin)
expect-ct: max-age=0, report-uri="https://baninter.report-uri.com/r/d/ct/reportOnly"
date: Sat, 04 May 2024 23:13:11 GMT
content-length: 112
X-Firefox-Spdy: h2
|
|