{"report_id":"de570306-b2a0-41be-826e-1ccd366519e1","version":6,"status":"done","tags":["microsoft","phishing"],"date":"2026-06-03T10:13:17Z","url":{"schema":"http","addr":"ststransportes.com/mails.ststransportes.com/caamarra.html","fqdn":"ststransportes.com","domain":"ststransportes.com","tld":"com"},"ip":{"addr":"209.42.29.7","port":0,"asn":35575,"as":"Vaioni Group Ltd","country":"United Kingdom","country_code":"GB"},"final":{"url":{"schema":"https","addr":"ststransportes.com/mails.ststransportes.com/caamarra.html","fqdn":"ststransportes.com","domain":"ststransportes.com","tld":"com"},"title":"Outlook","dom":{"size":53565,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (14272)","md5":"58a0cdab54ddea57da70055a64e63b81","sha1":"94985b8ed7fb534912ae5555cf1d2dadfc4d41a2","sha256":"846d1eb33169efad02337d32013d2fa7eb4da09a5556dcbb328b95835a578176","sha512":"e9a4e4a3ca69adfe234f2dff0d22a49fb23a3d5fba27f3bf44ff94a5811a0b9cc3a690aab89a58dc91959e6bba2571c89a175dd6b652b3df4f1e4af2d22d6dca","ssdeep":"768:wMriwuJmtz7e05NnfvijaD2xnhUzpt0vuvynO9aipduJiBclUtcY:jtzK05NiaD2xhgtHSO9TYgc+cY","tlshash":"47338e3f69961d332827607417abb2c67b6e8413824ed9247d7c571cef419a2417ebcc","dom_hash":"domhash4f93fb96264e8a1d446c116ed0aecf12","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"ststransportes.com/mails.ststransportes.com/caamarra.html","fqdn":"ststransportes.com","domain":"ststransportes.com","tld":"com"},"ip":{"addr":"209.42.29.7","port":0,"asn":35575,"as":"Vaioni Group Ltd","country":"United Kingdom","country_code":"GB"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-08T10:13:17Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":2,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-03","alert":"Phishing Block","trigger":"ststransportes.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"ststransportes.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Resource associated with Microsoft phishing","tags":["microsoft","phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Resource associated with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]},"summary":[{"fqdn":"ststransportes.com","ip":{"addr":"209.42.29.7","port":443,"asn":35575,"as":"Vaioni Group Ltd","country":"United Kingdom","country_code":"GB"},"domain_registered":"2020-11-04","domain_rank":0,"first_seen":"2026-06-03T04:19:07.850935Z","last_seen":"2026-06-03T04:19:07.850935Z","alert_count":3,"request_count":1,"received_data":55807,"sent_data":525,"comment":"","tags":null,"fingerprints":[{"name":"Outlook Web App:15.2.1544","description":"Outlook on the web is an information manager web app. It includes a web-based email client, a calendar tool, a contact manager, and a task manager.","website":"https://help.outlook.com","common_platform_enumeration":"cpe:2.3:a:microsoft:outlook_web_access:*:*:*:*:*:*:*:*","icon":"Outlook.svg","categories":["Webmail"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}]},{"fqdn":"ce.camara.leg.br","ip":{"addr":"200.219.133.191","port":443,"asn":10897,"as":"Camara dos Deputados","country":"Brazil","country_code":"BR"},"domain_registered":"2012-03-09","domain_rank":2325543,"first_seen":"2026-06-03T04:19:07.854922Z","last_seen":"2026-06-03T04:19:07.854922Z","alert_count":0,"request_count":3,"received_data":107373,"sent_data":1592,"comment":"","tags":null,"fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Resource associated with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"ststransportes.com/mails.ststransportes.com/caamarra.html","fqdn":"ststransportes.com","domain":"ststransportes.com","tld":"com"},"ip":{"addr":"209.42.29.7","port":443,"asn":35575,"as":"Vaioni Group Ltd","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"8e2bc1b488831cdc5841d3abfb0ba6bb","sha1":"50aed9715e2a5c3018ae336875294f64a202eaf2","sha256":"b7cd8d9758300e4190d07cfc88be4aabadff6e837e68d93eb73648dbcd89351b","sha512":"05c4c12df45551e8279a5d866076ae4febff08dfe5b389f611e7c1fc1ac20e97d70ccdc6c192d2796654a86566bb9af7dd716b7d33acd9e55a42bd1173b44c07","ssdeep":"384:/p/t8tz4HAo99QeRwiWSM7iFi5NJsl8oWGixlY:/Jmtz7e05NnfvU","tlshash":"3b52943dac9d18321973b239075fb28af3668917930cdd143c2e93a4bf40576857ead6","size":14415,"data":"","first_seen":"2023-03-07T01:02:58Z","last_seen":"2026-06-06T03:05:59.547085Z","times_seen":2909,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ststransportes.com/mails.ststransportes.com/caamarra.html","fqdn":"ststransportes.com","domain":"ststransportes.com","tld":"com"},"ip":{"addr":"209.42.29.7","port":443,"asn":35575,"as":"Vaioni Group Ltd","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"97eb9cc59146b048bdf9f61b499bf16f","sha1":"3bcf316328c997d9768a59393894a989052e5198","sha256":"d656711ef4d2a655d04b516c9dbafbe90bc4b24b57b0c3bc3c197ef4d287b641","sha512":"68b17a6d7c9421262ea279fbec333bd928a2f9b463f1a0353220b907283ea3dec40fb54190e89aceac48fbb1ad9c6d144258b2d614a288758c336e4e9d6382da","ssdeep":"","tlshash":"7d21864ef224133778196937a7db8097b7a98e37c21ced2690ad0cbb388640e107e533","size":1393,"data":"","first_seen":"2023-03-07T01:02:58Z","last_seen":"2026-06-06T03:05:59.547674Z","times_seen":2699,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ststransportes.com/mails.ststransportes.com/caamarra.html","fqdn":"ststransportes.com","domain":"ststransportes.com","tld":"com"},"ip":{"addr":"209.42.29.7","port":443,"asn":35575,"as":"Vaioni Group Ltd","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"0800d703810d0de4e426e5a9e433f58d","sha1":"fcc2dc2d717150549403be6f1c237e46f9df937b","sha256":"e6c31df4ff208b55745306425b4380cba7e8652dd29b72658bb8978e299147f1","sha512":"17ae110a1ca1e19d50d6abf8d3722dec195287b14cb51d16a0a456c74f4ad2c3c24282f8df345843cfd955f863d1bd5bee2332d3fa15a524396ce73325df825c","ssdeep":"","tlshash":"4f31d76a7447092039aef63d126b67883938c003450699003e7cd61a6f36ec7c4a9eee","size":1762,"data":"","first_seen":"2026-06-03T04:19:11.786779Z","last_seen":"2026-06-03T10:13:19.385389Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ststransportes.com/mails.ststransportes.com/caamarra.html","fqdn":"ststransportes.com","domain":"ststransportes.com","tld":"com"},"ip":{"addr":"209.42.29.7","port":443,"asn":35575,"as":"Vaioni Group Ltd","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"24f6a9c606199b766addcdaf630a6f4a","sha1":"e25cfd579629e6e410927500f3e9a728261c0553","sha256":"e74b3de0ef4501689fdd96e8ecf0f120e7761bb3d9bfe6544e38790c0d386bf0","sha512":"a074c42aa263064b61aef817bf15c5b13d4c3702d068f6d6e79697f8ed723470aa4bf8dcd50b1eb886534d8af9b6bea4807a6a4e4b15fe786d3f111d73ea6141","ssdeep":"","tlshash":"ed70000b020002c0a22a820f0880002022200003a03a0c20200000a0022002c2002220","size":19,"data":"","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-06-06T03:05:59.548853Z","times_seen":4708,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ststransportes.com/mails.ststransportes.com/caamarra.html","fqdn":"ststransportes.com","domain":"ststransportes.com","tld":"com"},"ip":{"addr":"209.42.29.7","port":443,"asn":35575,"as":"Vaioni Group Ltd","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"3012703a3a5c709a38f2cba896e8e5e6","sha1":"d574b12ce7043b1ee47eb6934c39f19379fcf0ec","sha256":"2c65e217804431e380651ce713d311bd5b5a5fb81cebc58392505cb35c854cdc","sha512":"7ca0891d8d30781341b26e92353fda805a4383605a93bd41a402b1724c3712b345b0b354366952c5927de326e1e075f4198c50f82085127b36e07cc6dbf3cb8a","ssdeep":"","tlshash":"59c0486a6a4206a41ab6b65d32af22013b8280435b05f88cb87de1028b10a838878f8c","size":137,"data":"","first_seen":"2023-03-07T01:02:54Z","last_seen":"2026-06-06T03:05:59.549403Z","times_seen":5221,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ststransportes.com/mails.ststransportes.com/caamarra.html","fqdn":"ststransportes.com","domain":"ststransportes.com","tld":"com"},"ip":{"addr":"209.42.29.7","port":443,"asn":35575,"as":"Vaioni Group Ltd","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"db8216e217de9a14420fa187142b00b5","sha1":"50f9fdaa34b7caa061db879baa23a7d75f048e9e","sha256":"ebc3102ee92075887df69ec8c18ca2c24015e728566d302598a63c06697754ed","sha512":"6f40947f7a23bee134b9d48603ae1350677e7a2017883aeb86173bb320e0b8ffc8a5755a216580fe60a93b6251baf0a5ed7dc31875d938143148818ed3c0e6a7","ssdeep":"","tlshash":"1ba0020c04af42510e1be93d2566cc4851535453a1a69715780c03469f418a485b1ad5","size":68,"data":"","first_seen":"2023-03-07T01:02:58Z","last_seen":"2026-06-06T03:05:59.55003Z","times_seen":3841,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"ststransportes.com/mails.ststransportes.com/caamarra.html","fqdn":"ststransportes.com","domain":"ststransportes.com","tld":"com"},"ip":{"addr":"209.42.29.7","port":443,"asn":35575,"as":"Vaioni Group Ltd","country":"United Kingdom","country_code":"GB"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-03T10:12:56.132Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.maus.ststransportes.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Mon, 01 Jun 2026 23:52:21 GMT","end":"Sun, 30 Aug 2026 23:52:20 GMT"},"fingerprint":{"sha1":"D0:62:64:A7:E0:07:48:4C:BC:51:BD:5C:A3:49:92:84:1D:EB:35:3E","sha256":"2A:66:A9:A2:9A:6C:46:D6:F6:7D:AA:4D:06:64:D5:32:FE:3C:24:1E:CA:FD:4D:FE:4D:FE:53:ED:61:32:26:B0"}}},"request":{"raw":"GET /mails.ststransportes.com/caamarra.html HTTP/1.1\r\nHost: ststransportes.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html\r\nlast-modified: Mon, 01 Jun 2026 11:00:10 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding,User-Agent\r\ncontent-length: 22928\r\ndate: Wed, 03 Jun 2026 10:12:56 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Outlook Web App:15.2.1544","description":"Outlook on the web is an information manager web app. It includes a web-based email client, a calendar tool, a contact manager, and a task manager.","website":"https://help.outlook.com","common_platform_enumeration":"cpe:2.3:a:microsoft:outlook_web_access:*:*:*:*:*:*:*:*","icon":"Outlook.svg","categories":["Webmail"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":55364,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (14274), with CRLF line terminators","md5":"3dd707e488b5a65fa2c28a5a84623d58","sha1":"f308421eedf9661beab493ef7a25b36ee3766c2c","sha256":"8864f7093ca74bf9d1f6b878a098ca3c94f7a398c97d061f2e45741a172cf71e","sha512":"a97960acd55761f84c57ddaf80166fc4c613badcf2c814273577edd94b3838a2691727612814a503a58420e7b0e82551330f7e8fd070d70270d755ce6cd0d1fd","ssdeep":"768:oAj9QS4/y71GirLX9ciGwPqzz+mMdFUzpt0vuvynO9aipdu+GoclbrcO:vGinX9cRzz+mSgtHSO9TY8c5cO","tlshash":"bf439d7fa80515372b33923567b7724aff254413474aca247cfc571aafb18a5822aecc","first_seen":"2026-06-03T04:19:11.776575Z","last_seen":"2026-06-03T10:13:19.375366Z","times_seen":2,"resource_available":true,"data":null}},"time_used":883,"timings":{"blocked":301,"dns":12,"connect":139,"send":0,"wait":279,"receive":1,"ssl":148},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-03","alert":"Phishing Block","trigger":"ststransportes.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"ststransportes.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Resource associated with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"ce.camara.leg.br/owa/auth/15.2.1544/themes/resources/segoeui-semilight.ttf","fqdn":"ce.camara.leg.br","domain":"camara.leg.br","tld":"leg.br"},"ip":{"addr":"200.219.133.191","port":443,"asn":10897,"as":"Camara dos Deputados","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://ststransportes.com/mails.ststransportes.com/caamarra.html","date":"2026-06-03T10:12:56.929Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.camara.gov.br","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 23:32:56 GMT","end":"Fri, 14 Aug 2026 23:32:55 GMT"},"fingerprint":{"sha1":"8D:91:83:B2:99:ED:09:B4:CD:5E:18:8A:6F:22:66:9C:23:02:B0:13","sha256":"B8:07:8B:D9:19:93:6D:CF:82:AA:D4:D5:10:A7:7E:56:ED:98:6B:B6:0A:A5:CC:49:1A:4C:1A:3A:36:5E:7E:64"}}},"request":{"raw":"GET /owa/auth/15.2.1544/themes/resources/segoeui-semilight.ttf HTTP/1.1\r\nHost: ce.camara.leg.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://ststransportes.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ststransportes.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: envoy\r\ndate: Wed, 03 Jun 2026 10:12:57 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 41560\r\naccept-ranges: bytes\r\ncache-control: public,max-age=2592000\r\netag: \"80264632e033da1:0\"\r\nlast-modified: Thu, 21 Dec 2023 07:34:57 GMT\r\nrequest-id: 98ef6356-2e1c-4a91-a3b1-05f65eeabb70\r\nx-powered-by: ASP.NET\r\nx-envoy-upstream-service-time: 12\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":41560,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, 16 tables, 1st \"OS/2\", 11 names, Microsoft, language 0x409, � 2010 Microsoft Corporation. All Rights Reserved.RegularSegoe UI SemilightVersion 1.00 build 16","md5":"6c26c24aabe31040657665b1e0d9505c","sha1":"b3bdc48643752665e3e5798a192b27432a87d234","sha256":"2d508a6e8979bba74b6fdf804c01a09a620c781e0fea73a8eefda904f5bcab25","sha512":"96bd759271df842f333b8085650dbf2006fe8e35b9485afc91b5de5b88d158d6147f594475fb4b5d086fa1b93720e935a346ba7d343171e6cbf8e08d4c7396ee","ssdeep":"768:FF6XesIz0ymUHmLg0e8sSM7tq2v40ezxHJLrLFKaXhU:zlHmLFejlbqfrLFKB","tlshash":"c0138e6b63b0bb05f2a664b888b507f10aa53c0523a28b4f245dc077d6dd677dad1f0b","first_seen":"2023-04-17T17:35:42Z","last_seen":"2026-06-07T23:40:58.890381Z","times_seen":4000,"resource_available":false,"data":null}},"time_used":2364,"timings":{"blocked":946,"dns":476,"connect":228,"send":0,"wait":468,"receive":2,"ssl":241},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ce.camara.leg.br/owa/auth/15.2.1544/themes/resources/segoeui-regular.ttf","fqdn":"ce.camara.leg.br","domain":"camara.leg.br","tld":"leg.br"},"ip":{"addr":"200.219.133.191","port":443,"asn":10897,"as":"Camara dos Deputados","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://ststransportes.com/mails.ststransportes.com/caamarra.html","date":"2026-06-03T10:12:56.918Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.camara.gov.br","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 23:32:56 GMT","end":"Fri, 14 Aug 2026 23:32:55 GMT"},"fingerprint":{"sha1":"8D:91:83:B2:99:ED:09:B4:CD:5E:18:8A:6F:22:66:9C:23:02:B0:13","sha256":"B8:07:8B:D9:19:93:6D:CF:82:AA:D4:D5:10:A7:7E:56:ED:98:6B:B6:0A:A5:CC:49:1A:4C:1A:3A:36:5E:7E:64"}}},"request":{"raw":"GET /owa/auth/15.2.1544/themes/resources/segoeui-regular.ttf HTTP/1.1\r\nHost: ce.camara.leg.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://ststransportes.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ststransportes.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: envoy\r\ndate: Wed, 03 Jun 2026 10:12:58 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 56760\r\naccept-ranges: bytes\r\ncache-control: public,max-age=2592000\r\netag: \"0bdde32e033da1:0\"\r\nlast-modified: Thu, 21 Dec 2023 07:34:58 GMT\r\nrequest-id: a6663a85-13e2-4985-974a-c601ce629ca3\r\nx-powered-by: ASP.NET\r\nx-envoy-upstream-service-time: 10\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":56760,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, 18 tables, 1st \"LTSH\", 11 names, Microsoft, language 0x409, � 2010 Microsoft Corporation. All Rights Reserved.RegularSegoe UI RegularVersion 0.81 Build 159S","md5":"8af990b6ad3ba192c2dd6a193890bf5f","sha1":"4db5bf117ff8f1392fab3b438216d7cff4ae4976","sha256":"c147c2ec76a8ab8bd5082f1f4d3f80a43c689165cb164cdd812e44048fe38708","sha512":"9eb10b5965ec7f272d854d46778d3f61f07edf9e13b5b6b6184f52fb1bdeaf552756e54f7abd0b2422cfb76aa9917fc3db42e0cd713cc7651c2650b6d9417c0d","ssdeep":"768:V6VwA2/UhWmTcrZslrc1pMEEfTsjRvlJ2LQ5XUAat0bJlZy+mO1F3iIezxHJLrLr:GwdMTwN1Dw6tewUZtyVy+mI7qfrLFKpi","tlshash":"66437d7ad3b4eb1ee5b471b4ccf453b101b1b82587654aba274b8533e84893ac361f4e","first_seen":"2023-04-17T17:35:42Z","last_seen":"2026-06-07T23:40:58.889577Z","times_seen":3959,"resource_available":false,"data":null}},"time_used":2622,"timings":{"blocked":962,"dns":489,"connect":233,"send":0,"wait":691,"receive":3,"ssl":240},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ce.camara.leg.br/owa/auth/15.2.1544/themes/resources/favicon.ico","fqdn":"ce.camara.leg.br","domain":"camara.leg.br","tld":"leg.br"},"ip":{"addr":"200.219.133.191","port":443,"asn":10897,"as":"Camara dos Deputados","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ststransportes.com/mails.ststransportes.com/caamarra.html","date":"2026-06-03T10:12:57.147Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.camara.gov.br","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 16 May 2026 23:32:56 GMT","end":"Fri, 14 Aug 2026 23:32:55 GMT"},"fingerprint":{"sha1":"8D:91:83:B2:99:ED:09:B4:CD:5E:18:8A:6F:22:66:9C:23:02:B0:13","sha256":"B8:07:8B:D9:19:93:6D:CF:82:AA:D4:D5:10:A7:7E:56:ED:98:6B:B6:0A:A5:CC:49:1A:4C:1A:3A:36:5E:7E:64"}}},"request":{"raw":"GET /owa/auth/15.2.1544/themes/resources/favicon.ico HTTP/1.1\r\nHost: ce.camara.leg.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ststransportes.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: envoy\r\ndate: Wed, 03 Jun 2026 10:12:58 GMT\r\ncontent-type: image/x-icon\r\ncontent-length: 7886\r\naccept-ranges: bytes\r\ncache-control: public,max-age=2592000\r\netag: \"03139e1e533da1:0\"\r\nlast-modified: Thu, 21 Dec 2023 08:15:38 GMT\r\nrequest-id: 92b3de1c-7660-4f02-83cc-2bb7f1535349\r\nx-powered-by: ASP.NET\r\nx-envoy-upstream-service-time: 10\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":7886,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 3 icons, 32x32, 32 bits/pixel, 24x24, 32 bits/pixel","md5":"759fade9033aa298629e4b000dcd6dde","sha1":"34a1adf5c7326d7bde5b5735471b5d81e611c189","sha256":"cf0808a61ec571e0c4975663903b288009d55502ac0445d9948983b339a5cf6e","sha512":"e96e93b13d70420d4d509d89a6337651440ae049b2a23d57c6250987003c46512c40c85c41bfa1c473a704801c961ffbe421522b89a1c34ba3b9e82a6d0769ed","ssdeep":"48:g8KokgDQoxTP0Vh0jV/H2kPxL6GUEtcrCOmgfzQumtGCzYoITin0iarrWtwVWsiw:97DdTGhGW6yS7Kvs/WjiUKqWmNQOWY","tlshash":"0cf130334afb6800e6171df04556f774c16a2d16394e58c3d88c3a6ae037be6706a9ef","first_seen":"2023-05-01T18:01:52Z","last_seen":"2026-06-07T23:40:58.891234Z","times_seen":5577,"resource_available":false,"data":null}},"time_used":980,"timings":{"blocked":0,"dns":256,"connect":236,"send":0,"wait":245,"receive":1,"ssl":242},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}