{"report_id":"f55479ad-f490-46cc-879f-3070a69bb10b","version":6,"status":"done","tags":["sinkhole","suspicious","cloudflare"],"date":"2024-07-08T01:10:18Z","url":{"schema":"http","addr":"share.linx.com.br/download/attachments/174206201/venda%20por%20nota%20de%20venda%20-%20sem%20integrador.exe?version=1\u0026modificationDate=1592606853389\u0026api=v2","fqdn":"share.linx.com.br","domain":"linx.com.br","tld":"com.br"},"ip":{"addr":"104.18.38.23","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"share.linx.com.br/download/attachments/174206201/venda%20por%20nota%20de%20venda%20-%20sem%20integrador.exe?version=1\u0026modificationDate=1592606853389\u0026api=v2","fqdn":"share.linx.com.br","domain":"linx.com.br","tld":"com.br"},"title":"Attention Required! | Cloudflare"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-25T10:35:46Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"r10.o.lencr.org","ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2020-06-29","domain_rank":0,"first_seen":"2024-06-06 21:45:11","last_seen":"2024-07-07 18:12:32","alert_count":0,"request_count":8,"received_data":7103,"sent_data":2616,"comment":"","tags":null,"fingerprints":null},{"fqdn":"share.linx.com.br","ip":{"addr":"104.18.38.23","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"1996-10-04","domain_rank":0,"first_seen":"2017-07-30 16:28:13","last_seen":"2023-06-15 22:43:46","alert_count":2,"request_count":6,"received_data":44329,"sent_data":4197,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Sinkholed / Blocked","verdict":"suspicious","severity":"medium","comment":"Asset commenly seen with Sinkholed websites","tags":["sinkhole","suspicious","cloudflare"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"share.linx.com.br/download/attachments/174206201/venda%20por%20nota%20de%20venda%20-%20sem%20integrador.exe?version=1\u0026modificationDate=1592606853389\u0026api=v2","fqdn":"share.linx.com.br","domain":"linx.com.br","tld":"com.br"},"ip":{"addr":"104.18.38.23","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","size":0,"data":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T09:47:05.247441Z","times_seen":13369813,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"share.linx.com.br/download/attachments/174206201/venda%20por%20nota%20de%20venda%20-%20sem%20integrador.exe?version=1\u0026modificationDate=1592606853389\u0026api=v2","fqdn":"share.linx.com.br","domain":"linx.com.br","tld":"com.br"},"ip":{"addr":"104.18.38.23","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"34ad0a116707d3b794129a6720af92d7","sha1":"424de9dbb8bc774e2a2d4ade100d90f5ac0ecbf4","sha256":"d011a9449a990f2086894be870adc6fbb53595dc593b410a83e45e40bfbc7262","sha512":"4d7cca00f0d83452fe3513c0c07c97ca5318dfcda0937df40626e49c9e15ef9a4287e6aa98da4c873d46248a20418b0ef793704c6619efad43c8b338a515cb37","ssdeep":"","tlshash":"43e0226b3b45293456f7aab3337fe37c3a22e0969cc015201968cd5ccd2bac042352c4","size":393,"data":"","first_seen":"2023-04-05T04:39:40Z","last_seen":"2025-03-02T06:13:46.994369Z","times_seen":143291,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"share.linx.com.br/download/attachments/174206201/venda%20por%20nota%20de%20venda%20-%20sem%20integrador.exe?version=1\u0026modificationDate=1592606853389\u0026api=v2","fqdn":"share.linx.com.br","domain":"linx.com.br","tld":"com.br"},"ip":{"addr":"104.18.38.23","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","size":0,"data":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T09:47:05.247441Z","times_seen":13369813,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-08T01:09:52.448436396Z","timestamp":1720400992448,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"652EE033C72BC8EADCF29C25A5387BC303BF86E6C57F262C576117F659F15EAB\"\r\nLast-Modified: Fri, 05 Jul 2024 13:53:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=5599\r\nExpires: Mon, 08 Jul 2024 02:43:11 GMT\r\nDate: Mon, 08 Jul 2024 01:09:52 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"f63e8d9e64abf0e5b2784ca051160e84","sha1":"d15d17504ed5c584ba42145060cf745fdb41c1d0","sha256":"652ee033c72bc8eadcf29c25a5387bc303bf86e6c57f262c576117f659f15eab","sha512":"95dcb525e807ccfc2ab52f6a0101175566fc8e587e04a39a7f18de971b0d5e4569779e04e98dabc2e593080276352cdc04fd49ad7817677c9f2cd96548b314f2","ssdeep":"","tlshash":"03f0056101d27f14563411129d76ea753e3095be28412ce3649055b1d8707fb4984049","first_seen":"2024-07-05T20:29:47Z","last_seen":"2024-08-19T17:56:53.123553Z","times_seen":40297,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-08T01:09:52.490722874Z","timestamp":1720400992490,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"A1AFCF9CA90CDDDB7F7DDD29A0F8C7A5FA7B012DCC030D2D004C70C84010FD86\"\r\nLast-Modified: Sun, 07 Jul 2024 03:28:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=18946\r\nExpires: Mon, 08 Jul 2024 06:25:38 GMT\r\nDate: Mon, 08 Jul 2024 01:09:52 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"2e4f22ff50349b865eca4c1585ad6712","sha1":"6186a14999dc2525e4584a6a12d0edff2fdafcac","sha256":"a1afcf9ca90cdddb7f7ddd29a0f8c7a5fa7b012dcc030d2d004c70c84010fd86","sha512":"3f72fa5ffd9d66ed671378f357e3411c082fc4a2dd1aff940a5fa3dfb340222cb380ba93602e9ae45cfca0c972f1fda4fc97c3283ba396e35ce07c132a402b22","ssdeep":"","tlshash":"80f00581c0747812b771a7113ee4f2951d7426f934229ee9259807f1d8017ead5eed4e","first_seen":"2024-07-07T12:40:32Z","last_seen":"2024-08-19T17:44:02.412214Z","times_seen":11055,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-08T01:09:52.787952904Z","timestamp":1720400992787,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"E38B3080A1752122F5A174604BD307C54BE31C02E0CDB8E2D9354E2A04E1B50F\"\r\nLast-Modified: Sun, 07 Jul 2024 11:47:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=10587\r\nExpires: Mon, 08 Jul 2024 04:06:19 GMT\r\nDate: Mon, 08 Jul 2024 01:09:52 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"41036a4c62e61466443bce27a927e029","sha1":"39a2a8a258c5feaf020246696135700b0c30740d","sha256":"e38b3080a1752122f5a174604bd307c54be31c02e0cdb8e2d9354e2a04e1b50f","sha512":"50f9d880f413719b46b17c5f9633a79d3f2f4b41d3d415f05206c6c628277fe0acbc56cacdd931ec59b7a4fdcebb3b252b0bc80578bd35ee05112d2723a6fae3","ssdeep":"","tlshash":"2cf0c0aa29d5f88076711a24b864ea246b205e6a7810daf614d082fbf8057a6450844e","first_seen":"2024-07-07T14:27:09Z","last_seen":"2024-08-19T17:43:40.432277Z","times_seen":38887,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-08T01:09:52.961769472Z","timestamp":1720400992961,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"EA2BC04F18953A2D203B059F541BF8BFCD32C63D67B8E1113D927453D8CC9A58\"\r\nLast-Modified: Sun, 07 Jul 2024 04:21:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=10707\r\nExpires: Mon, 08 Jul 2024 04:08:19 GMT\r\nDate: Mon, 08 Jul 2024 01:09:52 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"e430ff7defba95ef2e40c2a2623032a3","sha1":"4df33994f03cf02626fdfe9c6a51a71f5fea6058","sha256":"ea2bc04f18953a2d203b059f541bf8bfcd32c63d67b8e1113d927453d8cc9a58","sha512":"b4c0698dfa6a01483a7fb635bb76961f491a47e064df3c79c1d519950e473d94c0c9e0f70cbe4e6bda5ca5cd9310b02cf15bf73773f680cce2ec0cecbb76a473","ssdeep":"","tlshash":"b8f00ee31bb4b1a51227065b3d9bc3186d269f686c480ae4a5a443c7b521ffa4b04488","first_seen":"2024-07-07T09:24:48Z","last_seen":"2024-08-19T17:45:02.840499Z","times_seen":17024,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"share.linx.com.br/cdn-cgi/images/browser-bar.png?1376755637","fqdn":"share.linx.com.br","domain":"linx.com.br","tld":"com.br"},"ip":{"addr":"104.18.38.23","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://share.linx.com.br/download/attachments/174206201/venda%20por%20nota%20de%20venda%20-%20sem%20integrador.exe?version=1\u0026modificationDate=1592606853389\u0026api=v2","date":"2024-07-08T01:09:53.416Z","timestamp":1720400993416,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"share.linx.com.br","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Mon, 10 Jun 2024 03:45:58 GMT","end":"Sun, 08 Sep 2024 03:45:57 GMT"},"fingerprint":{"sha1":"F5:1C:80:78:3A:3B:FD:FD:FA:DC:49:E3:32:DE:A4:6E:2F:BE:C8:94","sha256":"D7:B9:9A:66:F0:59:D4:A3:90:95:27:43:9C:01:F5:A1:C5:4F:9F:D7:55:F6:76:82:EF:B4:01:22:17:1A:CE:44"}}},"request":{"raw":"GET /cdn-cgi/images/browser-bar.png?1376755637 HTTP/1.1\r\nHost: share.linx.com.br\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://share.linx.com.br/cdn-cgi/styles/cf.errors.css\r\nCookie: __cf_bm=LaX1NWdl7oaPS4mV_DVn6lH2oAVCK6dz09UD8auAnNI-1720400992-1.0.1.1-b0dSaRgIFLZIvIEbjX7EwHRnGtYf9YXBj2Pb9cKbskcA3Qvr1FeYNWKl8CZ0QxeLNLG.1Dd49bISzSsgXG9hzg\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 08 Jul 2024 01:09:53 GMT\r\ncontent-type: image/png\r\ncontent-length: 715\r\nlast-modified: Thu, 04 Jul 2024 09:57:21 GMT\r\netag: \"66867201-2cb\"\r\nserver: cloudflare\r\ncf-ray: 89fc3100d84756a5-OSL\r\nx-frame-options: DENY\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\nexpires: Mon, 08 Jul 2024 03:09:53 GMT\r\ncache-control: max-age=7200, public\r\naccept-ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":715,"size_decoded":715,"mime_type":"image/png","magic":"PNG image data, 960 x 53, 8-bit colormap, non-interlaced","md5":"226dcb8f6144bdaafdfbd8f2f354be64","sha1":"3785cc5b3bf52f8e398177b0ff1020b24aa86b8c","sha256":"8c873472f4925d5d47521db4d52532d2983e9cb1bde8b43143a6cc6db56c35db","sha512":"ed898b12c4895f7aceaab443c1071e6376db71b4dfdbd769f5f3be71d562438a18b5e5dc36dd7cc610926e380603a894b2e81df4302680c736a412bfd3360d3a","ssdeep":"","tlshash":"a5014ec4a009bcb009f21b37859cb601c07175098e23f023045eb9b22b7accf83a8f92","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T09:41:24.284004Z","times_seen":157346,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Sinkholed / Blocked","verdict":"suspicious","severity":"medium","comment":"Asset commenly seen with Sinkholed websites","tags":["sinkhole","suspicious","cloudflare"],"meta":null}]}},{"url":{"schema":"https","addr":"share.linx.com.br/cdn-cgi/images/cf-no-screenshot-error.png","fqdn":"share.linx.com.br","domain":"linx.com.br","tld":"com.br"},"ip":{"addr":"104.18.38.23","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://share.linx.com.br/download/attachments/174206201/venda%20por%20nota%20de%20venda%20-%20sem%20integrador.exe?version=1\u0026modificationDate=1592606853389\u0026api=v2","date":"2024-07-08T01:09:53.418Z","timestamp":1720400993418,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"share.linx.com.br","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Mon, 10 Jun 2024 03:45:58 GMT","end":"Sun, 08 Sep 2024 03:45:57 GMT"},"fingerprint":{"sha1":"F5:1C:80:78:3A:3B:FD:FD:FA:DC:49:E3:32:DE:A4:6E:2F:BE:C8:94","sha256":"D7:B9:9A:66:F0:59:D4:A3:90:95:27:43:9C:01:F5:A1:C5:4F:9F:D7:55:F6:76:82:EF:B4:01:22:17:1A:CE:44"}}},"request":{"raw":"GET /cdn-cgi/images/cf-no-screenshot-error.png HTTP/1.1\r\nHost: share.linx.com.br\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://share.linx.com.br/cdn-cgi/styles/cf.errors.css\r\nCookie: __cf_bm=LaX1NWdl7oaPS4mV_DVn6lH2oAVCK6dz09UD8auAnNI-1720400992-1.0.1.1-b0dSaRgIFLZIvIEbjX7EwHRnGtYf9YXBj2Pb9cKbskcA3Qvr1FeYNWKl8CZ0QxeLNLG.1Dd49bISzSsgXG9hzg\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 08 Jul 2024 01:09:53 GMT\r\ncontent-type: image/png\r\ncontent-length: 3213\r\nlast-modified: Thu, 04 Jul 2024 09:57:21 GMT\r\netag: \"66867201-c8d\"\r\nserver: cloudflare\r\ncf-ray: 89fc3100d84956a5-OSL\r\nx-frame-options: DENY\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\nexpires: Mon, 08 Jul 2024 03:09:53 GMT\r\ncache-control: max-age=7200, public\r\naccept-ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3213,"size_decoded":3213,"mime_type":"image/png","magic":"PNG image data, 178 x 175, 8-bit colormap, non-interlaced","md5":"0d768cbc261841d3affc933b9ac3130e","sha1":"aff136a4c761e1df1ada7e5d9a6ed0ebea74a4b7","sha256":"1c53772285052e52bb7c12ad46a85a55747ed7bf66963fe1993fcef91ff5b0d0","sha512":"ce5b1bbb8cf6b0c3d1fa146d1700db2300abd6f2bdbe43ecaac6aebc911be6e1bcd2f8c6704a2cfa67bbb45598793ddec017e05c2c37ce387293aae08e7c342f","ssdeep":"","tlshash":"7561f7f185012a2a2fb7dc8552ecc3a810166b7b353744e73ba46d344cde7781325f59","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T09:41:24.28463Z","times_seen":157351,"resource_available":false,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Sinkholed / Blocked","verdict":"suspicious","severity":"medium","comment":"Asset commenly seen with Sinkholed websites","tags":["sinkhole","suspicious","cloudflare"],"meta":null}]}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-08T01:09:54.843154945Z","timestamp":1720400994843,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"F67D59F3FDDBCAF61F9F1AA87ECA02A320F59402BB412687A4DB4D8AA81867D2\"\r\nLast-Modified: Fri, 05 Jul 2024 17:32:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=12882\r\nExpires: Mon, 08 Jul 2024 04:44:36 GMT\r\nDate: Mon, 08 Jul 2024 01:09:54 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"861cce1bf441610f1dfbb14264d55122","sha1":"1596b2c44fcdb5f7a49c73da766e4ab48b6bd064","sha256":"f67d59f3fddbcaf61f9f1aa87eca02a320f59402bb412687a4db4d8aa81867d2","sha512":"c475b673ce5e7ae8a00ea2d8d2dfccf06484e9eb5454b212905534fcd83a35a459bc5e849eaca05824101d8434208506dea5bebfa4e61999e2f3419de5f77d1f","ssdeep":"","tlshash":"22f0059421f77e005bf116151da5d52db92cab6531014df2b49012b368f0b6a67418c6","first_seen":"2024-07-05T22:02:26Z","last_seen":"2024-08-19T17:56:38.421498Z","times_seen":44889,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-08T01:09:54.844191322Z","timestamp":1720400994844,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"F67D59F3FDDBCAF61F9F1AA87ECA02A320F59402BB412687A4DB4D8AA81867D2\"\r\nLast-Modified: Fri, 05 Jul 2024 17:32:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=12882\r\nExpires: Mon, 08 Jul 2024 04:44:36 GMT\r\nDate: Mon, 08 Jul 2024 01:09:54 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"861cce1bf441610f1dfbb14264d55122","sha1":"1596b2c44fcdb5f7a49c73da766e4ab48b6bd064","sha256":"f67d59f3fddbcaf61f9f1aa87eca02a320f59402bb412687a4db4d8aa81867d2","sha512":"c475b673ce5e7ae8a00ea2d8d2dfccf06484e9eb5454b212905534fcd83a35a459bc5e849eaca05824101d8434208506dea5bebfa4e61999e2f3419de5f77d1f","ssdeep":"","tlshash":"22f0059421f77e005bf116151da5d52db92cab6531014df2b49012b368f0b6a67418c6","first_seen":"2024-07-05T22:02:26Z","last_seen":"2024-08-19T17:56:38.421498Z","times_seen":44889,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-08T01:09:54.845151219Z","timestamp":1720400994845,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"F67D59F3FDDBCAF61F9F1AA87ECA02A320F59402BB412687A4DB4D8AA81867D2\"\r\nLast-Modified: Fri, 05 Jul 2024 17:32:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=12882\r\nExpires: Mon, 08 Jul 2024 04:44:36 GMT\r\nDate: Mon, 08 Jul 2024 01:09:54 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"861cce1bf441610f1dfbb14264d55122","sha1":"1596b2c44fcdb5f7a49c73da766e4ab48b6bd064","sha256":"f67d59f3fddbcaf61f9f1aa87eca02a320f59402bb412687a4db4d8aa81867d2","sha512":"c475b673ce5e7ae8a00ea2d8d2dfccf06484e9eb5454b212905534fcd83a35a459bc5e849eaca05824101d8434208506dea5bebfa4e61999e2f3419de5f77d1f","ssdeep":"","tlshash":"22f0059421f77e005bf116151da5d52db92cab6531014df2b49012b368f0b6a67418c6","first_seen":"2024-07-05T22:02:26Z","last_seen":"2024-08-19T17:56:38.421498Z","times_seen":44889,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-07-08T01:09:54.846067235Z","timestamp":1720400994846,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"F67D59F3FDDBCAF61F9F1AA87ECA02A320F59402BB412687A4DB4D8AA81867D2\"\r\nLast-Modified: Fri, 05 Jul 2024 17:32:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=12882\r\nExpires: Mon, 08 Jul 2024 04:44:36 GMT\r\nDate: Mon, 08 Jul 2024 01:09:54 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"861cce1bf441610f1dfbb14264d55122","sha1":"1596b2c44fcdb5f7a49c73da766e4ab48b6bd064","sha256":"f67d59f3fddbcaf61f9f1aa87eca02a320f59402bb412687a4db4d8aa81867d2","sha512":"c475b673ce5e7ae8a00ea2d8d2dfccf06484e9eb5454b212905534fcd83a35a459bc5e849eaca05824101d8434208506dea5bebfa4e61999e2f3419de5f77d1f","ssdeep":"","tlshash":"22f0059421f77e005bf116151da5d52db92cab6531014df2b49012b368f0b6a67418c6","first_seen":"2024-07-05T22:02:26Z","last_seen":"2024-08-19T17:56:38.421498Z","times_seen":44889,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"share.linx.com.br/download/attachments/174206201/venda%20por%20nota%20de%20venda%20-%20sem%20integrador.exe?version=1\u0026modificationDate=1592606853389\u0026api=v2","fqdn":"share.linx.com.br","domain":"linx.com.br","tld":"com.br"},"ip":{"addr":"104.18.38.23","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-07-08T01:09:52.936Z","timestamp":1720400992936,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"share.linx.com.br","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Mon, 10 Jun 2024 03:45:58 GMT","end":"Sun, 08 Sep 2024 03:45:57 GMT"},"fingerprint":{"sha1":"F5:1C:80:78:3A:3B:FD:FD:FA:DC:49:E3:32:DE:A4:6E:2F:BE:C8:94","sha256":"D7:B9:9A:66:F0:59:D4:A3:90:95:27:43:9C:01:F5:A1:C5:4F:9F:D7:55:F6:76:82:EF:B4:01:22:17:1A:CE:44"}}},"request":{"raw":"GET /download/attachments/174206201/venda%20por%20nota%20de%20venda%20-%20sem%20integrador.exe?version=1\u0026modificationDate=1592606853389\u0026api=v2 HTTP/1.1\r\nHost: share.linx.com.br\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ndate: Mon, 08 Jul 2024 01:09:52 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nx-frame-options: SAMEORIGIN\r\nreferrer-policy: same-origin\r\ncache-control: max-age=15\r\nexpires: Mon, 08 Jul 2024 01:10:07 GMT\r\nset-cookie: __cf_bm=LaX1NWdl7oaPS4mV_DVn6lH2oAVCK6dz09UD8auAnNI-1720400992-1.0.1.1-b0dSaRgIFLZIvIEbjX7EwHRnGtYf9YXBj2Pb9cKbskcA3Qvr1FeYNWKl8CZ0QxeLNLG.1Dd49bISzSsgXG9hzg; path=/; expires=Mon, 08-Jul-24 01:39:52 GMT; domain=.linx.com.br; HttpOnly; Secure; SameSite=None\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nserver: cloudflare\r\ncf-ray: 89fc30fdea3e56a4-OSL\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":null,"data":{"size":4513,"size_decoded":4513,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (4748), with no line terminators","md5":"dea85bb57823b4adef2c921024ff6b96","sha1":"6d581c339f786b5950e34f10b38db041ce85774c","sha256":"9c207d46e275c89420f0322224272c9a6020482f3e8f3f1c82d39af3051700c0","sha512":"57e5e3f689d90ea283b92d747f9d5308f1c170d862d3d521ca1bdde1a36c65939cd436ad66ee8e2919f64606ad78166cb7de3ca6d24d14d58337a0e3c0c0a177","ssdeep":"48:Tg/Lzkiwn1nXDJDUOOYNn4Pu577Dj1jIffx0QrVKlotX+OjZF9ZdmiHPELGeoPvN:UEi2XDJDUdCB+0OvHd1crT9Ffy","tlshash":"98a1516779ec103e216395e23bbd672d3824f800de76059132acc12d1f9bea4fe6b190","first_seen":"2024-08-19T17:40:04.923565Z","last_seen":"2024-08-19T17:40:04.923565Z","times_seen":1,"resource_available":false,"data":null}},"time_used":38,"timings":{"blocked":12,"dns":1,"connect":1,"send":0,"wait":6,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"share.linx.com.br/download/attachments/174206201/venda%20por%20nota%20de%20venda%20-%20sem%20integrador.exe?version=1\u0026modificationDate=1592606853389\u0026api=v2","fqdn":"share.linx.com.br","domain":"linx.com.br","tld":"com.br"},"ip":{"addr":"104.18.38.23","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-07-08T01:09:53.117Z","timestamp":1720400993117,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"share.linx.com.br","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Mon, 10 Jun 2024 03:45:58 GMT","end":"Sun, 08 Sep 2024 03:45:57 GMT"},"fingerprint":{"sha1":"F5:1C:80:78:3A:3B:FD:FD:FA:DC:49:E3:32:DE:A4:6E:2F:BE:C8:94","sha256":"D7:B9:9A:66:F0:59:D4:A3:90:95:27:43:9C:01:F5:A1:C5:4F:9F:D7:55:F6:76:82:EF:B4:01:22:17:1A:CE:44"}}},"request":{"raw":"GET /download/attachments/174206201/venda%20por%20nota%20de%20venda%20-%20sem%20integrador.exe?version=1\u0026modificationDate=1592606853389\u0026api=v2 HTTP/1.1\r\nHost: share.linx.com.br\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nCookie: __cf_bm=LaX1NWdl7oaPS4mV_DVn6lH2oAVCK6dz09UD8auAnNI-1720400992-1.0.1.1-b0dSaRgIFLZIvIEbjX7EwHRnGtYf9YXBj2Pb9cKbskcA3Qvr1FeYNWKl8CZ0QxeLNLG.1Dd49bISzSsgXG9hzg\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ndate: Mon, 08 Jul 2024 01:09:53 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nx-frame-options: SAMEORIGIN\r\nreferrer-policy: same-origin\r\ncache-control: max-age=15\r\nexpires: Mon, 08 Jul 2024 01:10:08 GMT\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nserver: cloudflare\r\ncf-ray: 89fc30feff7656a5-OSL\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":null,"data":{"size":4513,"size_decoded":4513,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (4748), with no line terminators","md5":"60f27041908db70fba1cae6e17250e99","sha1":"35db00136800f80097ce0aeb0892bcab87c2680c","sha256":"4fbe38faa37087f6a44eac7a3f1af1e88abd74a65b429b7d78cfd14ef325f232","sha512":"dab08efec0e20ebce270abf6960a4f37760fc7ff48d05b347b375014dfd7d200e726712b101769c9587c421a9f195162a6fa2f7cd2c211d5e29081c738a06c36","ssdeep":"48:Tg/Lzkiwn1nXDJDUOOYNn4Pu577Dj1jIffx0QrVKlotX+OjZF9ZdmiHPtLGeoPvN:UEi2XDJDUdCB+0OvHd1lrT9Ffy","tlshash":"91a1516779ec103e216395e23bbd672d3824f900de76059132acc12d1f9bea4fe6b190","first_seen":"2024-08-19T17:40:04.924603Z","last_seen":"2024-08-19T17:40:04.924603Z","times_seen":1,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"share.linx.com.br/cdn-cgi/styles/cf.errors.css","fqdn":"share.linx.com.br","domain":"linx.com.br","tld":"com.br"},"ip":{"addr":"104.18.38.23","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://share.linx.com.br/download/attachments/174206201/venda%20por%20nota%20de%20venda%20-%20sem%20integrador.exe?version=1\u0026modificationDate=1592606853389\u0026api=v2","date":"2024-07-08T01:09:53.380Z","timestamp":1720400993380,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"share.linx.com.br","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Mon, 10 Jun 2024 03:45:58 GMT","end":"Sun, 08 Sep 2024 03:45:57 GMT"},"fingerprint":{"sha1":"F5:1C:80:78:3A:3B:FD:FD:FA:DC:49:E3:32:DE:A4:6E:2F:BE:C8:94","sha256":"D7:B9:9A:66:F0:59:D4:A3:90:95:27:43:9C:01:F5:A1:C5:4F:9F:D7:55:F6:76:82:EF:B4:01:22:17:1A:CE:44"}}},"request":{"raw":"GET /cdn-cgi/styles/cf.errors.css HTTP/1.1\r\nHost: share.linx.com.br\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://share.linx.com.br/download/attachments/174206201/venda%20por%20nota%20de%20venda%20-%20sem%20integrador.exe?version=1\u0026modificationDate=1592606853389\u0026api=v2\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __cf_bm=LaX1NWdl7oaPS4mV_DVn6lH2oAVCK6dz09UD8auAnNI-1720400992-1.0.1.1-b0dSaRgIFLZIvIEbjX7EwHRnGtYf9YXBj2Pb9cKbskcA3Qvr1FeYNWKl8CZ0QxeLNLG.1Dd49bISzSsgXG9hzg\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 08 Jul 2024 01:09:53 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 04 Jul 2024 09:57:21 GMT\r\netag: W/\"66867201-5df3\"\r\nserver: cloudflare\r\ncf-ray: 89fc3100981556a5-OSL\r\nx-frame-options: DENY\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\nexpires: Mon, 08 Jul 2024 03:09:53 GMT\r\ncache-control: max-age=7200, public\r\ncontent-encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":24051,"size_decoded":24051,"mime_type":"text/css","magic":"ASCII text, with very long lines (24050)","md5":"5e8c69a459a691b5d1b9be442332c87d","sha1":"f24dd1ad7c9080575d92a9a9a2c42620725ef836","sha256":"84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091","sha512":"6db74b262d717916de0b0b600eead2cc6a10e52a9e26d701fae761fcbc931f35f251553669a92be3b524f380f32e62ac6ad572bea23c78965228ce9efb92ed42","ssdeep":"192:VuR/6okgTQwq23gGM8lUR9YRGQ2BwoX6zp+1+nDT1FvxKSI7/UsV7MSE6XZ2dKzk:JwV+oUcoQJpdf1dxKSI7/Ue7ZX2qk","tlshash":"86b21323e5f5381a2516a13ca08a92dc69356073f7f30e9eb985d06cd78dd791f226c3","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T09:47:32.00352Z","times_seen":416336,"resource_available":false,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"share.linx.com.br/favicon.ico","fqdn":"share.linx.com.br","domain":"linx.com.br","tld":"com.br"},"ip":{"addr":"104.18.38.23","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://share.linx.com.br/download/attachments/174206201/venda%20por%20nota%20de%20venda%20-%20sem%20integrador.exe?version=1\u0026modificationDate=1592606853389\u0026api=v2","date":"2024-07-08T01:09:53.407Z","timestamp":1720400993407,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"share.linx.com.br","organization":""},"issuer":{"commonName":"E6","organization":"Let's Encrypt"},"validity":{"start":"Mon, 10 Jun 2024 03:45:58 GMT","end":"Sun, 08 Sep 2024 03:45:57 GMT"},"fingerprint":{"sha1":"F5:1C:80:78:3A:3B:FD:FD:FA:DC:49:E3:32:DE:A4:6E:2F:BE:C8:94","sha256":"D7:B9:9A:66:F0:59:D4:A3:90:95:27:43:9C:01:F5:A1:C5:4F:9F:D7:55:F6:76:82:EF:B4:01:22:17:1A:CE:44"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: share.linx.com.br\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://share.linx.com.br/download/attachments/174206201/venda%20por%20nota%20de%20venda%20-%20sem%20integrador.exe?version=1\u0026modificationDate=1592606853389\u0026api=v2\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __cf_bm=LaX1NWdl7oaPS4mV_DVn6lH2oAVCK6dz09UD8auAnNI-1720400992-1.0.1.1-b0dSaRgIFLZIvIEbjX7EwHRnGtYf9YXBj2Pb9cKbskcA3Qvr1FeYNWKl8CZ0QxeLNLG.1Dd49bISzSsgXG9hzg\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ndate: Mon, 08 Jul 2024 01:09:53 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nx-frame-options: SAMEORIGIN\r\nreferrer-policy: same-origin\r\ncache-control: max-age=15\r\nexpires: Mon, 08 Jul 2024 01:10:08 GMT\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nserver: cloudflare\r\ncf-ray: 89fc3100c84456a5-OSL\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":null,"data":{"size":4513,"size_decoded":4513,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (4748), with no line terminators","md5":"0e923f22843c81c45ccfd7fc3740ecd3","sha1":"33b232bc580a3ec874cebfc5067f634ff799d308","sha256":"a84ee4a4629629ec7a7b1fe3a0ab076dfb1b57c964b3ee8d7e76f1c8c4deb610","sha512":"1910f350194bb11b4b08910269a73d357d947d749a3b6b3e3f0ebd283733d65b12c0d13a24a741e03d385e721d54e9b2f0d0839ca204ee7ec28b109359d67674","ssdeep":"48:Tg/Lzkiwn1nXDJDUOOYNn4Pu577Dj1jIffx0QrVKlotX+OjZF9ZdmiHPFLGeoPvN:UEi2XDJDUdCB+0OvHd1NrT9Ffy","tlshash":"7fa1526779ec103e216395e23bbd672d3824f900de76059136acc12d1f9bea4fe6b190","first_seen":"2024-08-19T17:40:04.930025Z","last_seen":"2024-08-19T17:40:04.930025Z","times_seen":1,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}