Report - amazoniasaude.com.br/tet/become.txt

Report Overview

Submitted URL
amazoniasaude.com.br/tet/become.txt
IP
177.54.147.142
ASN
#262287 Latitude.sh LTDA
Submitted
2024-04-24 20:55:08
Access
public
Website Title
amazoniasaude.com.br/tet/become.txt
Final URL
amazoniasaude.com.br/tet/become.txt
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
amazoniasaude.com.br	unknown	unknown	2019-02-24	2023-02-15	1.4 kB	14 kB	177.54.147.142

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-24	medium	amazoniasaude.com.br	Sinkholed
2024-04-24	medium	amazoniasaude.com.br	Sinkholed
2024-04-24	medium	amazoniasaude.com.br	Sinkholed

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (3)

URL IP Response Size

amazoniasaude.com.br/tet/become.txt

177.54.147.142

200 OK

361 B

URL User Request GET HTTP/1.1
amazoniasaude.com.br/tet/become.txt
IP
177.54.147.142:443
ASN
#262287 Latitude.sh LTDA

Certificate
IssuerLet's Encrypt
Subject*.amazoniasaude.com.br
Fingerprint18:97:2F:93:AA:70:C6:F1:D0:85:B6:51:A9:67:00:14:0D:79:90:BD
ValidityThu, 28 Mar 2024 18:42:45 GMT - Wed, 26 Jun 2024 18:42:44 GMT

File type
ASCII text, with CRLF line terminators
Size
361 B (361 bytes)
Hash
9936bfa38c7b49b54cd3739fd8e4de6e
6d39dd3cd7b7cf9a57b649313e076a54ff8130ab
959f2cd9be96b4270379799cd31595a20ee1d8f2b3b32d626b6f1bf5fa80e24e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /tet/become.txt HTTP/1.1
Host: amazoniasaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 Apr 2024 20:54:44 GMT
Content-Type: text/plain
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 21 Apr 2024 22:53:50 GMT
Content-Encoding: br

amazoniasaude.com.br/favicon.ico

177.54.147.142

302 Found

0 B

URL GET HTTP/1.1
amazoniasaude.com.br/favicon.ico
IP
177.54.147.142:443
ASN
#262287 Latitude.sh LTDA

Requested by
https://amazoniasaude.com.br/tet/become.txt
Certificate
IssuerLet's Encrypt
Subject*.amazoniasaude.com.br
Fingerprint18:97:2F:93:AA:70:C6:F1:D0:85:B6:51:A9:67:00:14:0D:79:90:BD
ValidityThu, 28 Mar 2024 18:42:45 GMT - Wed, 26 Jun 2024 18:42:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: amazoniasaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://amazoniasaude.com.br/tet/become.txt
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 24 Apr 2024 20:54:50 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
X-Powered-By: PHP/8.2.18
Link: <https://amazoniasaude.com.br/wp-json/>; rel="https://api.w.org/"
X-Redirect-By: WordPress
Location: https://amazoniasaude.com.br/wp-content/uploads/2024/03/fav-icon-150x150.png

amazoniasaude.com.br/wp-content/uploads/2024/03/fav-icon-150x150.png

177.54.147.142

200 OK

12 kB

URL GET HTTP/1.1
amazoniasaude.com.br/wp-content/uploads/2024/03/fav-icon-150x150.png
IP
177.54.147.142:443
ASN
#262287 Latitude.sh LTDA

Requested by
https://amazoniasaude.com.br/tet/become.txt
Certificate
IssuerLet's Encrypt
Subject*.amazoniasaude.com.br
Fingerprint18:97:2F:93:AA:70:C6:F1:D0:85:B6:51:A9:67:00:14:0D:79:90:BD
ValidityThu, 28 Mar 2024 18:42:45 GMT - Wed, 26 Jun 2024 18:42:44 GMT

File type
PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced
Size
12 kB (12480 bytes)
Hash
5ffbdc70817028ad41b2d94fdbc80b25
7fc8a1deaaa6cdd77154484a523c1d2468671b69
df0fdcba361274b29c122d6021e271f664d7eb42ac4a48654cedadb3c0060ca4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2024/03/fav-icon-150x150.png HTTP/1.1
Host: amazoniasaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://amazoniasaude.com.br/tet/become.txt
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 Apr 2024 20:54:50 GMT
Content-Type: image/png
Content-Length: 12480
Connection: keep-alive
Last-Modified: Mon, 01 Apr 2024 19:54:06 GMT
Accept-Ranges: bytes

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (0)

HTTP Transactions (3)

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers