{"report_id":"e7cc76ee-bbfc-4d9f-a5b3-2acc17e87adc","version":6,"status":"done","tags":[],"date":"2025-09-25T09:46:08Z","url":{"schema":"http","addr":"caixadirecta-depositos.com/login.php","fqdn":"caixadirecta-depositos.com","domain":"caixadirecta-depositos.com","tld":"com"},"ip":{"addr":"104.21.4.34","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"caixadirecta-depositos.com/login.php","fqdn":"caixadirecta-depositos.com","domain":"caixadirecta-depositos.com","tld":"com"},"title":"CGD"},"submit":{"url":{"schema":"http","addr":"caixadirecta-depositos.com/login.php","fqdn":"caixadirecta-depositos.com","domain":"caixadirecta-depositos.com","tld":"com"},"ip":{"addr":"104.21.4.34","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-30T09:46:08Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":6}},"detection":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"Blocklist","title":"OpenPhish","description":"OpenPhish","scan_date":"2025-09-25","alert":"Phishing - Caixa Geral de Depositos","trigger":"caixadirecta-depositos.com","verdict":"phishing","severity":"medium","comment":"Caixa Geral de Depositos","link":"https://openphish.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-25","alert":"Sinkholed","trigger":"caixadirecta-depositos.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-25","alert":"Sinkholed","trigger":"caixadirecta-depositos.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-09-25","alert":"Phishing Block","trigger":"caixadirecta-depositos.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-25","alert":"Sinkholed","trigger":"caixadirecta-depositos.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"OpenPhish","description":"OpenPhish","scan_date":"2025-09-25","alert":"Phishing - Caixa Geral de Depositos","trigger":"caixadirecta-depositos.com/login.php","verdict":"phishing","severity":"medium","comment":"Caixa Geral de Depositos","link":"https://openphish.com","meta":null}],"urlquery":null},"summary":[{"fqdn":"caixadirecta-depositos.com","ip":{"addr":"104.21.4.34","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-09-24","domain_rank":0,"first_seen":"2025-09-24T17:12:27.558103Z","last_seen":"2025-09-24T17:12:27.558103Z","alert_count":40,"request_count":8,"received_data":317464,"sent_data":3956,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"static.cgd.pt","ip":{"addr":"195.234.134.176","port":443,"asn":25253,"as":"Caixa Geral De Depositos, SA","country":"Portugal","country_code":"PT"},"domain_registered":"1992-11-06","domain_rank":2882266,"first_seen":"2017-02-04T11:16:13Z","last_seen":"2025-09-24T17:12:32.736801Z","alert_count":0,"request_count":1,"received_data":5490,"sent_data":471,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"caixadirecta-depositos.com/files/jquery.js","fqdn":"caixadirecta-depositos.com","domain":"caixadirecta-depositos.com","tld":"com"},"ip":{"addr":"104.21.4.34","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"3e4bb227fb55271bfe9c9d4a09147bd8","sha1":"156837f75f6600ccb602b4efcbd393636c33f35e","sha256":"ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127","sha512":"f7810ef9df875a7fdfa7228f7e2f95dd34e18b57f56a46383198ebcc591e32f633b0d73cc6b271fbc669347f7fdc114cce6a6b43681104b25084fe2a1e7bee49","ssdeep":"1536:ejExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1vN:eIh8GgP3hujzwbhd3XvSiDQ47GK/","tlshash":"589309ddb2c6702257a720ba007f510bf236199d6c4d8450f169d8eabc78a4e827bf7d","size":89501,"data":"","first_seen":"2023-03-07T01:02:21Z","last_seen":"2026-04-03T18:48:47.833097Z","times_seen":8601,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"caixadirecta-depositos.com/ficheros/modern/images/icons/apple-touch-icon.png","fqdn":"caixadirecta-depositos.com","domain":"caixadirecta-depositos.com","tld":"com"},"ip":{"addr":"104.21.4.34","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://caixadirecta-depositos.com/login.php","date":"2025-09-25T09:45:43.798Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"caixadirecta-depositos.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Sep 2025 13:39:19 GMT","end":"Tue, 23 Dec 2025 14:38:00 GMT"},"fingerprint":{"sha1":"D7:36:67:44:04:C6:A8:4D:D0:36:3C:56:DF:7B:06:8A:57:37:04:C0","sha256":"67:67:DF:8D:D5:DA:9E:DB:66:64:75:86:47:E0:C6:E0:E7:D9:99:5A:86:CB:A8:06:7D:81:FB:C0:20:EA:70:6A"}}},"request":{"raw":"GET /ficheros/modern/images/icons/apple-touch-icon.png HTTP/1.1\r\nHost: caixadirecta-depositos.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://caixadirecta-depositos.com/login.php\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\ncontent-type: text/html\r\nvary: accept-encoding\r\ndate: Thu, 25 Sep 2025 09:45:43 GMT\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: BYPASS\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rLvIVVTo0srZVnZeiN48i5PeoS6ptHfr%2B9T%2FMJIcPrmVbY5bcCraMcfYSV8b3GC0ZwkC5zyBxio0fb5TX4ejiZcbsWSrlzzKo0Ilg4RGaMiyviqyeS5zRQ%3D%3D\"}]}\r\ncf-ray: 98499720b91f0b69-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1251,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"8150f458ed6fb9b1db4e5cfa57a1a281","sha1":"6e5726854d28687b560d7fdcb5c782c425c7dfb9","sha256":"4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896","sha512":"4cc6a112673aef8bb8bb8a385c26791b805d43bb707b509880e894f1c83bab4e16f13de187036c5f660c3bec1d286258396b7bde65c5d7945c5019665196818c","ssdeep":"","tlshash":"c021353ec1c1560ae0271164fbc1f7a86669825291970f703b9eb176f6cd0bb56a36c8","first_seen":"2024-02-08T16:48:55Z","last_seen":"2026-04-03T18:30:25.320373Z","times_seen":115450,"resource_available":true,"data":null}},"time_used":107,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":107,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"Blocklist","title":"OpenPhish","description":"OpenPhish","scan_date":"2025-09-25","alert":"Phishing - Caixa Geral de Depositos","trigger":"caixadirecta-depositos.com","verdict":"phishing","severity":"medium","comment":"Caixa Geral de Depositos","link":"https://openphish.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-25","alert":"Sinkholed","trigger":"caixadirecta-depositos.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-25","alert":"Sinkholed","trigger":"caixadirecta-depositos.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-09-25","alert":"Phishing Block","trigger":"caixadirecta-depositos.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-25","alert":"Sinkholed","trigger":"caixadirecta-depositos.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"caixadirecta-depositos.com/files/nbp_popin.css","fqdn":"caixadirecta-depositos.com","domain":"caixadirecta-depositos.com","tld":"com"},"ip":{"addr":"104.21.4.34","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://caixadirecta-depositos.com/login.php","date":"2025-09-25T09:45:43.243Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"caixadirecta-depositos.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Sep 2025 13:39:19 GMT","end":"Tue, 23 Dec 2025 14:38:00 GMT"},"fingerprint":{"sha1":"D7:36:67:44:04:C6:A8:4D:D0:36:3C:56:DF:7B:06:8A:57:37:04:C0","sha256":"67:67:DF:8D:D5:DA:9E:DB:66:64:75:86:47:E0:C6:E0:E7:D9:99:5A:86:CB:A8:06:7D:81:FB:C0:20:EA:70:6A"}}},"request":{"raw":"GET /files/nbp_popin.css HTTP/1.1\r\nHost: caixadirecta-depositos.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://caixadirecta-depositos.com/login.php\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 01 Oct 2025 17:12:02 GMT\r\ncontent-type: text/css\r\nlast-modified: Mon, 19 May 2025 08:21:02 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 1066\r\ndate: Thu, 25 Sep 2025 09:45:43 GMT\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\nage: 59620\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZUg%2BJyJgMI9%2BL0WyDKhXbQc3BQB445hgyhiuSh5hG895013%2BGQ1WgP1Ngo1Ss1WkkuBD3T3LtPPDip2BKKz3K9Edkv4pINKUukaQ3g4DwEzF%2B28qnvj5YQ%3D%3D\"}]}\r\ncf-ray: 9849971d39030b69-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3978,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"28a619dd2efb18d5ce48c1b74dd1c2c3","sha1":"9ca9900574eed7e670006d415c1d955a03d07d8a","sha256":"51a77b84fd1e0904911e2e93d0c39e562473ef9602624aa97161a36fd8937faa","sha512":"3d890ad5283e341977029859eb84bd724b05ab6bcef60b013c89780b307ada08a45f88f5d98fe6ef04fe516abee5aad419a344157ec29d4211f899d7d989265c","ssdeep":"","tlshash":"b0811f9cce012242e137a88a77b34724eb4465976b129c267ee4b502cff526c6270fcd","first_seen":"2023-05-11T13:07:36Z","last_seen":"2026-03-31T18:17:58.359901Z","times_seen":470,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-25","alert":"Sinkholed","trigger":"caixadirecta-depositos.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-09-25","alert":"Phishing Block","trigger":"caixadirecta-depositos.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-25","alert":"Sinkholed","trigger":"caixadirecta-depositos.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"openphish","sensor_type":"Blocklist","title":"OpenPhish","description":"OpenPhish","scan_date":"2025-09-25","alert":"Phishing - Caixa Geral de Depositos","trigger":"caixadirecta-depositos.com","verdict":"phishing","severity":"medium","comment":"Caixa Geral de Depositos","link":"https://openphish.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-25","alert":"Sinkholed","trigger":"caixadirecta-depositos.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"static.cgd.pt/staticCMS/cdo/global/img/logo_CDO.gif","fqdn":"static.cgd.pt","domain":"cgd.pt","tld":"pt"},"ip":{"addr":"195.234.134.176","port":443,"asn":25253,"as":"Caixa Geral De Depositos, SA","country":"Portugal","country_code":"PT"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://caixadirecta-depositos.com/login.php","date":"2025-09-25T09:45:43.246Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"static.cgd.pt","organization":"Caixa Geral de Depósitos S.A."},"issuer":{"commonName":"MarketWare RSA Extended Validation Secure Server CA 3","organization":"MarketWare - Soluções para Mercados Digitais, Lda."},"validity":{"start":"Fri, 02 May 2025 00:00:00 GMT","end":"Tue, 02 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"67:5C:DA:F8:87:C9:ED:64:EA:FA:57:DB:F4:0B:54:16:C8:AE:98:9C","sha256":"D7:14:60:78:AF:AF:6B:54:C0:69:ED:FF:6D:E8:7D:DA:DE:1F:B6:54:C6:BD:68:C8:2F:C5:13:A3:36:73:37:59"}}},"request":{"raw":"GET /staticCMS/cdo/global/img/logo_CDO.gif HTTP/1.1\r\nHost: static.cgd.pt\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://caixadirecta-depositos.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 25 Sep 2025 09:45:43 GMT\r\nAccept-Ranges: bytes\r\nETag: W/\"4487-1551369111000\"\r\nLast-Modified: Thu, 28 Feb 2019 15:51:51 GMT\r\nContent-Type: image/gif;charset=utf-8\r\nContent-Length: 4487\r\nConnection: close\r\nStrict-Transport-Security: max-age=31536000; includeSubdomains; preload\r\nX-XSS-Protection: 1; mode=block, 1; mode=block\r\nX-Frame-Options: SAMEORIGIN, SAMEORIGIN\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Headers: Content-Type\r\nSet-Cookie: stccksc=!qPECK46N9OUZkgbe1iblQxiM+Ht6R93pDArjxX+PxI3p0Uy/7XKPJ1v3QTyUjkDh8z3726RjCzIfuo/cRi3SZytXB7T37Jp7ma3oXE7kBg==; path=/; Httponly; Secure; Secure; HttpOnly; SameSite=Lax\nTS019edf0d=013f6756d781552fde8ab4c2ab157a4cbe634e796a83788a7e162980f97735e77414ad5fec43fef02554be72984b2d18175be029f9; Path=/;\nTSb33496b3027=08f2647597ab2000928e6adc34b69298fbbc1c5563d9a87488aa225b75f5efe4cfd47247e138cd68089da40b571130000e2eb4d565bddbc5fea741c7788d3d3de2a66ffaee268068436ed99d60e027bba994a366861e266d7b810482e7598703; Path=/\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4487,"size_decoded":0,"mime_type":"image/png; charset=utf-8","magic":"PNG image data, 227 x 44, 8-bit/color RGBA, non-interlaced","md5":"bf95adabac975cfabf683cea4375cdd6","sha1":"a93902a60b868f39b76729142ebcd4c462660a00","sha256":"174b3bb7c4416bd675d599afc18ee42cfb8ee6960eaec96f1bb1c65e7c5185a6","sha512":"b56fb35021d84efa5e8520e60c2e460837bbc0de321a582f5562ea4dbf2a15872bec9b33757d2e710d7dc7bdd242d0137e3fa8f3ecfd1ba01b62b830958b8b81","ssdeep":"96:nDcN6p/n8mccBZiPz+d45+TEQMDxcNmNqYDwSmHMxJ6l:YN6Z2VWmxceqYDAHEJ6l","tlshash":"30918d5ce0fee1d0911856bc7a8c99abbcc137c0a950f6d911339afb4890dd6e441e05","first_seen":"2023-05-11T13:07:36Z","last_seen":"2026-03-31T18:17:58.368069Z","times_seen":566,"resource_available":false,"data":null}},"time_used":765,"timings":{"blocked":285,"dns":90,"connect":60,"send":0,"wait":70,"receive":118,"ssl":138},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"caixadirecta-depositos.com/ficheros/modern/images/icons/eye-icon_show.svg","fqdn":"caixadirecta-depositos.com","domain":"caixadirecta-depositos.com","tld":"com"},"ip":{"addr":"104.21.4.34","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://caixadirecta-depositos.com/login.php","date":"2025-09-25T09:45:43.590Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"caixadirecta-depositos.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Sep 2025 13:39:19 GMT","end":"Tue, 23 Dec 2025 14:38:00 GMT"},"fingerprint":{"sha1":"D7:36:67:44:04:C6:A8:4D:D0:36:3C:56:DF:7B:06:8A:57:37:04:C0","sha256":"67:67:DF:8D:D5:DA:9E:DB:66:64:75:86:47:E0:C6:E0:E7:D9:99:5A:86:CB:A8:06:7D:81:FB:C0:20:EA:70:6A"}}},"request":{"raw":"GET /ficheros/modern/images/icons/eye-icon_show.svg HTTP/1.1\r\nHost: caixadirecta-depositos.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://caixadirecta-depositos.com/files/login_and_register.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\ncontent-type: text/html\r\nvary: accept-encoding\r\ndate: Thu, 25 Sep 2025 09:45:43 GMT\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: BYPASS\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=p%2FS6fDpimNIVhb28P2%2FE75T7kbSMB%2B7CYerHx3XfGF1ZDxecqo5kd3U4i0EywwsZW%2BAeR79b%2B0S1LQN983mES4Uv2STfjAUSaRk4epV49gLBB70VkBlq8w%3D%3D\"}]}\r\ncf-ray: 9849971f79180b69-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":1251,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"8150f458ed6fb9b1db4e5cfa57a1a281","sha1":"6e5726854d28687b560d7fdcb5c782c425c7dfb9","sha256":"4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896","sha512":"4cc6a112673aef8bb8bb8a385c26791b805d43bb707b509880e894f1c83bab4e16f13de187036c5f660c3bec1d286258396b7bde65c5d7945c5019665196818c","ssdeep":"","tlshash":"c021353ec1c1560ae0271164fbc1f7a86669825291970f703b9eb176f6cd0bb56a36c8","first_seen":"2024-02-08T16:48:55Z","last_seen":"2026-04-03T18:30:25.320373Z","times_seen":115450,"resource_available":true,"data":null}},"time_used":104,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":104,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-25","alert":"Sinkholed","trigger":"caixadirecta-depositos.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-25","alert":"Sinkholed","trigger":"caixadirecta-depositos.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-09-25","alert":"Phishing Block","trigger":"caixadirecta-depositos.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"openphish","sensor_type":"Blocklist","title":"OpenPhish","description":"OpenPhish","scan_date":"2025-09-25","alert":"Phishing - Caixa Geral de Depositos","trigger":"caixadirecta-depositos.com","verdict":"phishing","severity":"medium","comment":"Caixa Geral de Depositos","link":"https://openphish.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-25","alert":"Sinkholed","trigger":"caixadirecta-depositos.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"caixadirecta-depositos.com/files/SantanderTextW05-Regular.woff","fqdn":"caixadirecta-depositos.com","domain":"caixadirecta-depositos.com","tld":"com"},"ip":{"addr":"104.21.4.34","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://caixadirecta-depositos.com/login.php","date":"2025-09-25T09:45:43.595Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"caixadirecta-depositos.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Sep 2025 13:39:19 GMT","end":"Tue, 23 Dec 2025 14:38:00 GMT"},"fingerprint":{"sha1":"D7:36:67:44:04:C6:A8:4D:D0:36:3C:56:DF:7B:06:8A:57:37:04:C0","sha256":"67:67:DF:8D:D5:DA:9E:DB:66:64:75:86:47:E0:C6:E0:E7:D9:99:5A:86:CB:A8:06:7D:81:FB:C0:20:EA:70:6A"}}},"request":{"raw":"GET /files/SantanderTextW05-Regular.woff HTTP/1.1\r\nHost: caixadirecta-depositos.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://caixadirecta-depositos.com/login.php\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 01 Oct 2025 17:12:02 GMT\r\ncontent-type: font/woff\r\nlast-modified: Mon, 19 May 2025 08:21:02 GMT\r\naccept-ranges: bytes\r\ncontent-length: 46268\r\ndate: Thu, 25 Sep 2025 09:45:43 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\nage: 59620\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ba%2FfdPk%2FcW60RmqdLPNKK6bNtLkS30Ne9cN1zwOHNJYjL5sq5mmzHk9lG7lVKbvTCQja4MZAaVhTL2hi%2FGe6Qn2SUnBnXD9jKInZABlIM2bQx0vVVZ8Zpg%3D%3D\"}]}\r\nvary: accept-encoding\r\ncf-ray: 9849971f79190b69-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":46268,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 46268, version 1.0","md5":"ce966ea6470e77ea66fa28923428ee9f","sha1":"e0652b2b341269d2a489b66b56a01b276b88f935","sha256":"78e528416f0569f2ff89bfb0dcf524f9b27a9fd847fe5e85e150f2b39fdff090","sha512":"beda88ae2dbb094e2311389ed218f8189af25c822f1c224e20719b9f1d711917fd638b9b77c901c38d4d1e7ed5aa6ee5da07ce2500185d6f8c5a25abba3ecd01","ssdeep":"768:24OY9Tr4boitlRGvPDxbRGEzecx5iQjsQkbOm6an7AIxgyrff:XD9gDG1bvH5iMsQ2jn7gYf","tlshash":"d72302a042b8cc57d4b746f5dad863bcc7707607b9ce5c14c8a3b3658e4a5b1a61d434","first_seen":"2023-05-11T13:07:36Z","last_seen":"2026-03-31T18:17:58.388763Z","times_seen":527,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":9,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-09-25","alert":"Phishing Block","trigger":"caixadirecta-depositos.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-25","alert":"Sinkholed","trigger":"caixadirecta-depositos.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-25","alert":"Sinkholed","trigger":"caixadirecta-depositos.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"openphish","sensor_type":"Blocklist","title":"OpenPhish","description":"OpenPhish","scan_date":"2025-09-25","alert":"Phishing - Caixa Geral de Depositos","trigger":"caixadirecta-depositos.com","verdict":"phishing","severity":"medium","comment":"Caixa Geral de Depositos","link":"https://openphish.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-25","alert":"Sinkholed","trigger":"caixadirecta-depositos.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"caixadirecta-depositos.com/ficheros/modern/images/icons/favicon.png","fqdn":"caixadirecta-depositos.com","domain":"caixadirecta-depositos.com","tld":"com"},"ip":{"addr":"104.21.4.34","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://caixadirecta-depositos.com/login.php","date":"2025-09-25T09:45:43.800Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"caixadirecta-depositos.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Sep 2025 13:39:19 GMT","end":"Tue, 23 Dec 2025 14:38:00 GMT"},"fingerprint":{"sha1":"D7:36:67:44:04:C6:A8:4D:D0:36:3C:56:DF:7B:06:8A:57:37:04:C0","sha256":"67:67:DF:8D:D5:DA:9E:DB:66:64:75:86:47:E0:C6:E0:E7:D9:99:5A:86:CB:A8:06:7D:81:FB:C0:20:EA:70:6A"}}},"request":{"raw":"GET /ficheros/modern/images/icons/favicon.png HTTP/1.1\r\nHost: caixadirecta-depositos.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://caixadirecta-depositos.com/login.php\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\ncontent-type: text/html\r\nvary: accept-encoding\r\ndate: Thu, 25 Sep 2025 09:45:44 GMT\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: BYPASS\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1dEHjHopIZv1vMCMMtBfWCU5kg7h8XbT0sRTg%2FHhlkVlvEZYuT97euXBrAeQ7NDiGI8VuOfc91J2ABvqHcy20PW8EoWRjZVWlY%2FdxSpG968Pz8Z%2FJyy4NQ%3D%3D\"}]}\r\ncf-ray: 98499720c9200b69-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":1251,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"8150f458ed6fb9b1db4e5cfa57a1a281","sha1":"6e5726854d28687b560d7fdcb5c782c425c7dfb9","sha256":"4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896","sha512":"4cc6a112673aef8bb8bb8a385c26791b805d43bb707b509880e894f1c83bab4e16f13de187036c5f660c3bec1d286258396b7bde65c5d7945c5019665196818c","ssdeep":"","tlshash":"c021353ec1c1560ae0271164fbc1f7a86669825291970f703b9eb176f6cd0bb56a36c8","first_seen":"2024-02-08T16:48:55Z","last_seen":"2026-04-03T18:30:25.320373Z","times_seen":115450,"resource_available":true,"data":null}},"time_used":282,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":282,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-09-25","alert":"Phishing Block","trigger":"caixadirecta-depositos.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-25","alert":"Sinkholed","trigger":"caixadirecta-depositos.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-25","alert":"Sinkholed","trigger":"caixadirecta-depositos.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"openphish","sensor_type":"Blocklist","title":"OpenPhish","description":"OpenPhish","scan_date":"2025-09-25","alert":"Phishing - Caixa Geral de Depositos","trigger":"caixadirecta-depositos.com","verdict":"phishing","severity":"medium","comment":"Caixa Geral de Depositos","link":"https://openphish.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-25","alert":"Sinkholed","trigger":"caixadirecta-depositos.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"caixadirecta-depositos.com/login.php","fqdn":"caixadirecta-depositos.com","domain":"caixadirecta-depositos.com","tld":"com"},"ip":{"addr":"104.21.4.34","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-09-25T09:45:42.882Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"caixadirecta-depositos.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Sep 2025 13:39:19 GMT","end":"Tue, 23 Dec 2025 14:38:00 GMT"},"fingerprint":{"sha1":"D7:36:67:44:04:C6:A8:4D:D0:36:3C:56:DF:7B:06:8A:57:37:04:C0","sha256":"67:67:DF:8D:D5:DA:9E:DB:66:64:75:86:47:E0:C6:E0:E7:D9:99:5A:86:CB:A8:06:7D:81:FB:C0:20:EA:70:6A"}}},"request":{"raw":"GET /login.php HTTP/1.1\r\nHost: caixadirecta-depositos.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 25 Sep 2025 09:45:43 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=88z9%2FNenHNgLtX%2B2iQwBW3Cs4aDEQhHjhwhd0YHmbP%2Bq9Ikqb7Sfueg%2BOv9v%2BQi1RuTYEYPaNBOPbRhrI2nCyKDLzO9sqqcL6y06z5CCitXhh2RfpP5afA%3D%3D\"}]}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9849971b2fd6568a-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":122677,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (24271), with CRLF line terminators","md5":"b8e37e862e5fdfc729cd985fa5481ac0","sha1":"b7c3a78f26c275669c6de9fba40388edd526a66e","sha256":"076dd866e96d7767aeabad89482e44f6c79f49f3d2a22301f09b46fb14a52528","sha512":"ee58393f8ac1fb671403152205b43396a91dcf706a017ebb5e1d56a3e612f9dd8ab7dc73b0a6c04158a614d43bb8a48ed806b1f37b38b2d6ddede7bce5a599b3","ssdeep":"768:fJofN5nmfe1AZynsx9SlzfoYp4qoPur9I6cVx+om3ODs8KNH:fJofN5nmfCnsWBg0S6cVxUODsnH","tlshash":"2ec30c5b38a1671ae6e3c70996a27985b811ac9ffd3348dcf00d63784fdc7e24c1664a","first_seen":"2025-06-17T17:20:20.146663Z","last_seen":"2026-01-06T17:17:41.113498Z","times_seen":129,"resource_available":true,"data":null}},"time_used":200,"timings":{"blocked":27,"dns":9,"connect":1,"send":0,"wait":145,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-25","alert":"Sinkholed","trigger":"caixadirecta-depositos.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"OpenPhish","description":"OpenPhish","scan_date":"2025-09-25","alert":"Phishing - Caixa Geral de Depositos","trigger":"caixadirecta-depositos.com/login.php","verdict":"phishing","severity":"medium","comment":"Caixa Geral de Depositos","link":"https://openphish.com","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-09-25","alert":"Phishing Block","trigger":"caixadirecta-depositos.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-25","alert":"Sinkholed","trigger":"caixadirecta-depositos.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-25","alert":"Sinkholed","trigger":"caixadirecta-depositos.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"caixadirecta-depositos.com/files/jquery.js","fqdn":"caixadirecta-depositos.com","domain":"caixadirecta-depositos.com","tld":"com"},"ip":{"addr":"104.21.4.34","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://caixadirecta-depositos.com/login.php","date":"2025-09-25T09:45:43.240Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"caixadirecta-depositos.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Sep 2025 13:39:19 GMT","end":"Tue, 23 Dec 2025 14:38:00 GMT"},"fingerprint":{"sha1":"D7:36:67:44:04:C6:A8:4D:D0:36:3C:56:DF:7B:06:8A:57:37:04:C0","sha256":"67:67:DF:8D:D5:DA:9E:DB:66:64:75:86:47:E0:C6:E0:E7:D9:99:5A:86:CB:A8:06:7D:81:FB:C0:20:EA:70:6A"}}},"request":{"raw":"GET /files/jquery.js HTTP/1.1\r\nHost: caixadirecta-depositos.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://caixadirecta-depositos.com/login.php\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Mon, 19 May 2025 08:21:02 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 30260\r\ndate: Thu, 25 Sep 2025 09:45:43 GMT\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\netag: \r\ncache-control: max-age=14400\r\ncf-cache-status: REVALIDATED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0lhlItBS26RfYT%2BMdWYz%2F1w5pqwVPbjHoW6ivhgCLK969CugKDvi%2BveOJNoyaGgRDL%2BcAv9KYZaActlkecEJ1%2Bc%2Bw7zn4HsWd41W6LEoCiRuRt%2FhlrSGWA%3D%3D\"}]}\r\ncf-ray: 9849971d39010b69-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":89501,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65446), with CRLF line terminators","md5":"3e4bb227fb55271bfe9c9d4a09147bd8","sha1":"156837f75f6600ccb602b4efcbd393636c33f35e","sha256":"ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127","sha512":"f7810ef9df875a7fdfa7228f7e2f95dd34e18b57f56a46383198ebcc591e32f633b0d73cc6b271fbc669347f7fdc114cce6a6b43681104b25084fe2a1e7bee49","ssdeep":"1536:ejExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1vN:eIh8GgP3hujzwbhd3XvSiDQ47GK/","tlshash":"589309ddb2c6702257a720ba007f510bf236199d6c4d8450f169d8eabc78a4e827bf7d","first_seen":"2023-03-07T01:02:21Z","last_seen":"2026-04-03T18:48:47.833097Z","times_seen":8601,"resource_available":true,"data":null}},"time_used":279,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":275,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-09-25","alert":"Phishing Block","trigger":"caixadirecta-depositos.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-25","alert":"Sinkholed","trigger":"caixadirecta-depositos.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-25","alert":"Sinkholed","trigger":"caixadirecta-depositos.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"openphish","sensor_type":"Blocklist","title":"OpenPhish","description":"OpenPhish","scan_date":"2025-09-25","alert":"Phishing - Caixa Geral de Depositos","trigger":"caixadirecta-depositos.com","verdict":"phishing","severity":"medium","comment":"Caixa Geral de Depositos","link":"https://openphish.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-25","alert":"Sinkholed","trigger":"caixadirecta-depositos.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"caixadirecta-depositos.com/files/login_and_register.css","fqdn":"caixadirecta-depositos.com","domain":"caixadirecta-depositos.com","tld":"com"},"ip":{"addr":"104.21.4.34","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://caixadirecta-depositos.com/login.php","date":"2025-09-25T09:45:43.242Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"caixadirecta-depositos.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 24 Sep 2025 13:39:19 GMT","end":"Tue, 23 Dec 2025 14:38:00 GMT"},"fingerprint":{"sha1":"D7:36:67:44:04:C6:A8:4D:D0:36:3C:56:DF:7B:06:8A:57:37:04:C0","sha256":"67:67:DF:8D:D5:DA:9E:DB:66:64:75:86:47:E0:C6:E0:E7:D9:99:5A:86:CB:A8:06:7D:81:FB:C0:20:EA:70:6A"}}},"request":{"raw":"GET /files/login_and_register.css HTTP/1.1\r\nHost: caixadirecta-depositos.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://caixadirecta-depositos.com/login.php\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 01 Oct 2025 17:12:02 GMT\r\ncontent-type: text/css\r\nlast-modified: Mon, 19 May 2025 08:21:02 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 7387\r\ndate: Thu, 25 Sep 2025 09:45:43 GMT\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\nage: 59620\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=H2q9LwfYb02PDTA8MT4pWPd9DQUzy7GJyhtKlOhBXv5i69EDGNwtFtoINDsj7Tba36pyaaJJrAqsNdhzZQComrF3Yr0gJOS0X2qMoF6X%2BnRvL16dIM0N9w%3D%3D\"}]}\r\ncf-ray: 9849971d39020b69-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":45713,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with CRLF line terminators","md5":"2fae4bc1613080360921bf572e71ea87","sha1":"320bd6685cfe8e482f5e201924d8882150a20d40","sha256":"4dc8a1053a0600cdfcdc74f9814dff2b4e1abbefd9d3d0badf23f35f588e5471","sha512":"2c4a826d5c341f6de1d7fafa409063536693cd39234add974000196aef23c7520ccf2eb558fe7849792c66be2f172bdaa0a9959fac346d6054ebba7b0bcabcb7","ssdeep":"384:ASYhWn08ohVrLA6GjEM4p9zdLuVU3iIf6FBckmTORxATkC1tWf:WrLn4tm9zdyBc3TOqt1tS","tlshash":"1d23ec59de11124ab237d76cefe35215fa140063ab0242b8bbdc6280cfb95794a6dfcd","first_seen":"2023-05-11T13:07:36Z","last_seen":"2026-01-06T17:17:41.116836Z","times_seen":417,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-09-25","alert":"Phishing Block","trigger":"caixadirecta-depositos.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-25","alert":"Sinkholed","trigger":"caixadirecta-depositos.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-25","alert":"Sinkholed","trigger":"caixadirecta-depositos.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"openphish","sensor_type":"Blocklist","title":"OpenPhish","description":"OpenPhish","scan_date":"2025-09-25","alert":"Phishing - Caixa Geral de Depositos","trigger":"caixadirecta-depositos.com","verdict":"phishing","severity":"medium","comment":"Caixa Geral de Depositos","link":"https://openphish.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-25","alert":"Sinkholed","trigger":"caixadirecta-depositos.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}