Report - paesetoth.com.br/die/

Report Overview

Visited public
2023-11-09 00:29:15
Tags
URL
paesetoth.com.br/die/
Finishing URL
paesetoth.com.br/die/
IP / ASN
108.179.193.33
#26337 OIS1
Title
(1) Die Schweizerische Post

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
paesetoth.com.br	unknown	2014-02-19	2019-06-11 01:58:57	2023-11-08 17:53:57	7.8 kB	1.0 MB	108.179.193.33
sc-static.net	1183	2017-03-16	2017-09-05 20:35:04	2023-11-08 18:04:58	405 B	18 kB	54.230.82.240
a.mgid.com	18073	2001-12-30	2013-11-17 06:08:48	2023-11-08 19:53:07	1.1 kB	17 kB	104.19.129.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-11-08	medium	paesetoth.com.br/die/	PostFinance

PhishTank

Scan Date	Severity	Indicator	Alert
2023-11-08	medium	paesetoth.com.br/die/	Other

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-11-08	medium	paesetoth.com.br	Sinkholed
2023-11-08	medium	paesetoth.com.br	Sinkholed
2023-11-08	medium	paesetoth.com.br	Sinkholed
2023-11-08	medium	paesetoth.com.br	Sinkholed
2023-11-08	medium	paesetoth.com.br	Sinkholed
2023-11-08	medium	paesetoth.com.br	Sinkholed
2023-11-08	medium	paesetoth.com.br	Sinkholed
2023-11-08	medium	paesetoth.com.br	Sinkholed
2023-11-08	medium	paesetoth.com.br	Sinkholed
2023-11-08	medium	paesetoth.com.br	Sinkholed
2023-11-08	medium	paesetoth.com.br	Sinkholed
2023-11-08	medium	paesetoth.com.br	Sinkholed
2023-11-08	medium	paesetoth.com.br	Sinkholed
2023-11-08	medium	paesetoth.com.br	Sinkholed
2023-11-08	medium	paesetoth.com.br	Sinkholed
2023-11-08	medium	paesetoth.com.br	Sinkholed
2023-11-08	medium	paesetoth.com.br	Sinkholed

ThreatFox

No alerts detected

JavaScript (9)

	URL	From	Size	First Seen	Last Seen
	sc-static.net/scevent.min.js	ScriptElement	40 kB	2023-11-07	2023-11-16
Pretty URL sc-static.net/scevent.min.js IP 54.230.82.240 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-07 20:19 Last Seen2023-11-16 16:45 Times Seen86 Hash e94e8d7a81ac194358a59cec4306da58 c8ef64e8c8649ec566e49bf5a04c85e5204f8572 58d83726e6b43d3d9ad01849b069e230e1c5194f54de4d2b1039e1aea2d9b101 Loading...

	paesetoth.com.br/die/media/399694290689525.js	ScriptElement	295 kB	2023-05-31	2023-11-15
Pretty URL paesetoth.com.br/die/media/399694290689525.js IP 108.179.193.33 ASN #26337 OIS1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-31 17:59 Last Seen2023-11-15 12:20 Times Seen5 Hash 3b37d3b8982a5b7e434c9144623b5d84 9b76a30c7b12a41c1964f368acb27def284f20d4 9e6065eb4a7a83e47a1b8db3acc1596c8ba8d8a3a9b6e6f7bf04f2b1e6856bba Loading...

	a.mgid.com/mgsensor.js?d=1699489738654	ScriptElement	16 kB	2023-07-14	2023-11-16
Pretty URL a.mgid.com/mgsensor.js?d=1699489738654 IP 104.19.129.76 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-14 18:34 Last Seen2023-11-16 15:36 Times Seen227 Hash 3d68dacad327ceb74670a02c3e653688 ef6786e6e3ed374216d55ef0cf3e50de7d56fba5 c5336d1cf6681700a554b1281809f75d823ce64e990ca6e8c42d628f69406d2a Loading...

	paesetoth.com.br/die/media/mgsensor.js	ScriptElement	16 kB	2023-05-31	2023-11-15
Pretty URL paesetoth.com.br/die/media/mgsensor.js IP 108.179.193.33 ASN #26337 OIS1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-31 17:59 Last Seen2023-11-15 12:20 Times Seen5 Hash cf1661e624cb5f95aa0ea9ddfc34997c 7188ad010774ad5cc928a0b176aeab1f52221787 4a08c761769c3a3c7543a9a9159c6cb6045e7b5d4c641b2e4e4c124b57e11b2f Loading...

	paesetoth.com.br/die/media/v9e118mez8	ScriptElement	6.9 kB	2023-05-31	2023-11-15
Pretty URL paesetoth.com.br/die/media/v9e118mez8 IP 108.179.193.33 ASN #26337 OIS1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-31 17:59 Last Seen2023-11-15 12:20 Times Seen5 Hash a9e2ac1f93c2c5ef981fe1a470a6cbd5 6c85b5a7bfc095602f2e07edb8d5010663deded8 aa4b74cc94b96ff49ac4462f2a335fcaf85777e2a8857b805d08da763d8647ff Loading...

	paesetoth.com.br/die/media/scevent.js	ScriptElement	21 kB	2023-05-31	2023-11-15
Pretty URL paesetoth.com.br/die/media/scevent.js IP 108.179.193.33 ASN #26337 OIS1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-31 17:59 Last Seen2023-11-15 12:20 Times Seen5 Hash 7250d41d84140dcc857bace85ec8d07e 8181817e9ad4262269e0d2e544357c3735f01e4d 9fe8a8e2261e527d5b294b5cd8781b93cecf8223e22ba45630345578599cf308 Loading...

	paesetoth.com.br/die/media/fbcode1.js	ScriptElement	1.7 kB	2023-05-31	2023-11-15
Pretty URL paesetoth.com.br/die/media/fbcode1.js IP 108.179.193.33 ASN #26337 OIS1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-31 17:59 Last Seen2023-11-15 12:20 Times Seen5 Hash 090bf8f5854314bfcfe82462e5a64ac4 ad050361e5630ae5e69e43fce705a227be530a90 43fccd349655df7497727c1c95d4fd97033f8aaf649067cbafb2b6d2751cf340 Loading...

	paesetoth.com.br/die/media/fbevents.js	ScriptElement	102 kB	2023-03-08	2023-11-15
Pretty URL paesetoth.com.br/die/media/fbevents.js IP 108.179.193.33 ASN #26337 OIS1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:48 Last Seen2023-11-15 12:20 Times Seen5 Hash 2520c3e358648a72a57789c944de88ec fcfd4ba337dc77346b50c3821ee8af6514195fbc 3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97 Loading...

	paesetoth.com.br/die/media/script.js	ScriptElement	13 kB	2023-05-31	2023-11-15
Pretty URL paesetoth.com.br/die/media/script.js IP 108.179.193.33 ASN #26337 OIS1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-31 17:59 Last Seen2023-11-15 12:20 Times Seen5 Hash 84249a6a0a7579210c459688bfe1be28 11c960eabb95538c8ccbde0fd8b5bcc9b8bf75aa d04d8a6e353001c207904cfbe2009eb6e95e51cf74a6d28a4b6af0868adb2e5b Loading...

HTTP Transactions (20)

URL IP Response Size

paesetoth.com.br/die/

108.179.193.33

200 OK

3.2 kB

URL User Request GET HTTP/2
paesetoth.com.br/die/
IP
108.179.193.33:443
ASN
#26337 OIS1

Certificate
IssuerLet's Encrypt
Subject*.paesetoth.com.br
Fingerprint43:8F:25:F2:1B:20:90:9B:5F:23:3D:F5:3F:26:1D:3C:75:8B:D2:C7
ValiditySun, 08 Oct 2023 22:44:05 GMT - Sat, 06 Jan 2024 22:44:04 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
3.2 kB (3224 bytes)
Hash
b2aed09647108839019e20d58cffd3bc
6a51a98b20d8824c037da55a570e4cf9a150ee7d
c981a2607ae99a128beaede400c6646ef8d42038cabbb027d2b9b07213f8c642

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	PostFinance
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /die/ HTTP/1.1
Host: paesetoth.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Wed, 08 Nov 2023 05:51:14 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3224
content-type: text/html
date: Thu, 09 Nov 2023 00:28:57 GMT
server: Apache
X-Firefox-Spdy: h2

paesetoth.com.br/die/media/style.css

108.179.193.33

200 OK

2.8 kB

URL GET HTTP/2
paesetoth.com.br/die/media/style.css
IP
108.179.193.33:443
ASN
#26337 OIS1

Requested by
https://paesetoth.com.br/die/
Certificate
IssuerLet's Encrypt
Subject*.paesetoth.com.br
Fingerprint43:8F:25:F2:1B:20:90:9B:5F:23:3D:F5:3F:26:1D:3C:75:8B:D2:C7
ValiditySun, 08 Oct 2023 22:44:05 GMT - Sat, 06 Jan 2024 22:44:04 GMT

File type
ASCII text, with CRLF line terminators
Size
2.8 kB (2839 bytes)
Hash
b79d913233c6a2fd577a0ea6e328b2a7
b7388ced270db6d5750eb84f52f3e94cd370fe1b
1667b13d21e9bcd8acdca05e96ab8e904a87137192da66c29c04ba65210e588a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /die/media/style.css HTTP/1.1
Host: paesetoth.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paesetoth.com.br/die/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 09 Aug 2022 09:23:28 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2839
content-type: text/css
date: Thu, 09 Nov 2023 00:28:58 GMT
server: Apache
X-Firefox-Spdy: h2

paesetoth.com.br/die/media/mgsensor.js

108.179.193.33

200 OK

5.7 kB

URL GET HTTP/2
paesetoth.com.br/die/media/mgsensor.js
IP
108.179.193.33:443
ASN
#26337 OIS1

Requested by
https://paesetoth.com.br/die/
Certificate
IssuerLet's Encrypt
Subject*.paesetoth.com.br
Fingerprint43:8F:25:F2:1B:20:90:9B:5F:23:3D:F5:3F:26:1D:3C:75:8B:D2:C7
ValiditySun, 08 Oct 2023 22:44:05 GMT - Sat, 06 Jan 2024 22:44:04 GMT

File type
ASCII text, with very long lines (15899), with no line terminators
Size
5.7 kB (5727 bytes)
Hash
cf1661e624cb5f95aa0ea9ddfc34997c
7188ad010774ad5cc928a0b176aeab1f52221787
4a08c761769c3a3c7543a9a9159c6cb6045e7b5d4c641b2e4e4c124b57e11b2f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /die/media/mgsensor.js HTTP/1.1
Host: paesetoth.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paesetoth.com.br/die/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 25 Jun 2022 22:05:12 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5727
content-type: application/javascript
date: Thu, 09 Nov 2023 00:28:58 GMT
server: Apache
X-Firefox-Spdy: h2

paesetoth.com.br/die/media/post-logo-1.png

108.179.193.33

200 OK

26 kB

URL GET HTTP/2
paesetoth.com.br/die/media/post-logo-1.png
IP
108.179.193.33:443
ASN
#26337 OIS1

Requested by
https://paesetoth.com.br/die/
Certificate
IssuerLet's Encrypt
Subject*.paesetoth.com.br
Fingerprint43:8F:25:F2:1B:20:90:9B:5F:23:3D:F5:3F:26:1D:3C:75:8B:D2:C7
ValiditySun, 08 Oct 2023 22:44:05 GMT - Sat, 06 Jan 2024 22:44:04 GMT

File type
PNG image data, 447 x 145, 8-bit/color RGBA, non-interlaced\012- data
Size
26 kB (25544 bytes)
Hash
069a228b301406f10e497eb6863df27c
0c05548ed8172762391f608edaf4e812e852c680
7a5655aa2dc7b5663c2cfb1913aa32876db5e6c8feedf26b0f1a01f9028f49c6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /die/media/post-logo-1.png HTTP/1.1
Host: paesetoth.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paesetoth.com.br/die/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 09 Aug 2022 09:24:10 GMT
accept-ranges: bytes
content-length: 25544
content-type: image/png
date: Thu, 09 Nov 2023 00:28:58 GMT
server: Apache
X-Firefox-Spdy: h2

paesetoth.com.br/die/media/v9e118mez8

108.179.193.33

200 OK

6.9 kB

URL GET HTTP/2
paesetoth.com.br/die/media/v9e118mez8
IP
108.179.193.33:443
ASN
#26337 OIS1

Requested by
https://paesetoth.com.br/die/
Certificate
IssuerLet's Encrypt
Subject*.paesetoth.com.br
Fingerprint43:8F:25:F2:1B:20:90:9B:5F:23:3D:F5:3F:26:1D:3C:75:8B:D2:C7
ValiditySun, 08 Oct 2023 22:44:05 GMT - Sat, 06 Jan 2024 22:44:04 GMT

File type
ASCII text, with very long lines (6937)
Size
6.9 kB (6938 bytes)
Hash
a9e2ac1f93c2c5ef981fe1a470a6cbd5
6c85b5a7bfc095602f2e07edb8d5010663deded8
aa4b74cc94b96ff49ac4462f2a335fcaf85777e2a8857b805d08da763d8647ff

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /die/media/v9e118mez8 HTTP/1.1
Host: paesetoth.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paesetoth.com.br/die/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 25 Jun 2022 22:05:12 GMT
accept-ranges: bytes
content-length: 6938
date: Thu, 09 Nov 2023 00:28:58 GMT
server: Apache
X-Firefox-Spdy: h2

paesetoth.com.br/die/media/animate.css

108.179.193.33

200 OK

5.6 kB

URL GET HTTP/2
paesetoth.com.br/die/media/animate.css
IP
108.179.193.33:443
ASN
#26337 OIS1

Requested by
https://paesetoth.com.br/die/
Certificate
IssuerLet's Encrypt
Subject*.paesetoth.com.br
Fingerprint43:8F:25:F2:1B:20:90:9B:5F:23:3D:F5:3F:26:1D:3C:75:8B:D2:C7
ValiditySun, 08 Oct 2023 22:44:05 GMT - Sat, 06 Jan 2024 22:44:04 GMT

File type
ASCII text, with very long lines (57919), with CRLF line terminators
Size
5.6 kB (5603 bytes)
Hash
43d6b8fdf324505f0ceb7ea698d0b7a5
5fab2ff7884f74beb235ae1382a647cbd4491f3a
4c055e6d0d9ba2b8f1be4719110e92c1b9499ed0759f0d1c48fccd16a7b31dcf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /die/media/animate.css HTTP/1.1
Host: paesetoth.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paesetoth.com.br/die/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 25 Jun 2022 22:05:12 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5603
content-type: text/css
date: Thu, 09 Nov 2023 00:28:58 GMT
server: Apache
X-Firefox-Spdy: h2

paesetoth.com.br/die/media/scevent.js

108.179.193.33

200 OK

9.1 kB

URL GET HTTP/2
paesetoth.com.br/die/media/scevent.js
IP
108.179.193.33:443
ASN
#26337 OIS1

Requested by
https://paesetoth.com.br/die/
Certificate
IssuerLet's Encrypt
Subject*.paesetoth.com.br
Fingerprint43:8F:25:F2:1B:20:90:9B:5F:23:3D:F5:3F:26:1D:3C:75:8B:D2:C7
ValiditySun, 08 Oct 2023 22:44:05 GMT - Sat, 06 Jan 2024 22:44:04 GMT

File type
ASCII text, with very long lines (21314), with no line terminators
Size
9.1 kB (9075 bytes)
Hash
7250d41d84140dcc857bace85ec8d07e
8181817e9ad4262269e0d2e544357c3735f01e4d
9fe8a8e2261e527d5b294b5cd8781b93cecf8223e22ba45630345578599cf308

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /die/media/scevent.js HTTP/1.1
Host: paesetoth.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paesetoth.com.br/die/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 25 Jun 2022 22:05:12 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 9075
content-type: application/javascript
date: Thu, 09 Nov 2023 00:28:58 GMT
server: Apache
X-Firefox-Spdy: h2

paesetoth.com.br/die/media/post.svg

108.179.193.33

200 OK

3.6 kB

URL GET HTTP/2
paesetoth.com.br/die/media/post.svg
IP
108.179.193.33:443
ASN
#26337 OIS1

Requested by
https://paesetoth.com.br/die/
Certificate
IssuerLet's Encrypt
Subject*.paesetoth.com.br
Fingerprint43:8F:25:F2:1B:20:90:9B:5F:23:3D:F5:3F:26:1D:3C:75:8B:D2:C7
ValiditySun, 08 Oct 2023 22:44:05 GMT - Sat, 06 Jan 2024 22:44:04 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3550), with no line terminators
Size
3.6 kB (3550 bytes)
Hash
23ebd819b6d3b9f66d71d77d0e5d44d7
3a84e4c7b0ef078f2a91e3a5dbfd37ec8aa581b0
b1d8e73aeaca62e519b792ade3c0400821a86647bb75095a1367ae0301af807d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /die/media/post.svg HTTP/1.1
Host: paesetoth.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paesetoth.com.br/die/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 09 Aug 2022 09:17:10 GMT
accept-ranges: bytes
content-length: 3550
content-type: image/svg+xml
date: Thu, 09 Nov 2023 00:28:58 GMT
server: Apache
X-Firefox-Spdy: h2

paesetoth.com.br/die/media/fbcode1.js

108.179.193.33

200 OK

837 B

URL GET HTTP/2
paesetoth.com.br/die/media/fbcode1.js
IP
108.179.193.33:443
ASN
#26337 OIS1

Requested by
https://paesetoth.com.br/die/
Certificate
IssuerLet's Encrypt
Subject*.paesetoth.com.br
Fingerprint43:8F:25:F2:1B:20:90:9B:5F:23:3D:F5:3F:26:1D:3C:75:8B:D2:C7
ValiditySun, 08 Oct 2023 22:44:05 GMT - Sat, 06 Jan 2024 22:44:04 GMT

File type
exported SGML document, ASCII text
Size
837 B (837 bytes)
Hash
090bf8f5854314bfcfe82462e5a64ac4
ad050361e5630ae5e69e43fce705a227be530a90
43fccd349655df7497727c1c95d4fd97033f8aaf649067cbafb2b6d2751cf340

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /die/media/fbcode1.js HTTP/1.1
Host: paesetoth.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paesetoth.com.br/die/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 25 Jun 2022 22:05:12 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 837
content-type: application/javascript
date: Thu, 09 Nov 2023 00:28:58 GMT
server: Apache
X-Firefox-Spdy: h2

sc-static.net/scevent.min.js

54.230.82.240

200 OK

17 kB

URL GET HTTP/2
sc-static.net/scevent.min.js
IP
54.230.82.240:443
ASN
#16509 AMAZON-02

Requested by
https://paesetoth.com.br/die/
Certificate
IssuerAmazon
Subjectsc-static.net
Fingerprint87:A3:D4:61:E0:AE:FC:1D:D3:A2:D8:C4:87:CE:9B:A2:FA:36:32:AC
ValidityFri, 20 Jan 2023 00:00:00 GMT - Sun, 18 Feb 2024 23:59:59 GMT

File type
ASCII text, with very long lines (39735)
Size
17 kB (16941 bytes)
Hash
e94e8d7a81ac194358a59cec4306da58
c8ef64e8c8649ec566e49bf5a04c85e5204f8572
58d83726e6b43d3d9ad01849b069e230e1c5194f54de4d2b1039e1aea2d9b101

HTTP Headers

GET /scevent.min.js HTTP/1.1
Host: sc-static.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paesetoth.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 16941
server: CloudFront
date: Thu, 09 Nov 2023 00:28:58 GMT
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Content-Type
cache-control: private, s-maxage=0, max-age=600
set-cookie: X-AB=0d6e407936704bd380072f5891d28b0e;max-age=86400;expires=Thu, 09 Nov 2023 23:08:23 GMT;Path=/scevent.min.js; Secure; SameSite=None
x-cache: Miss from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: aeHsyUzzi74yszakqH1Q3LRxtzAV4h93_3a2B-j8pIO0_WbWvbwAfA==
X-Firefox-Spdy: h2

paesetoth.com.br/die/media/check.png

108.179.193.33

200 OK

5.1 kB

URL GET HTTP/2
paesetoth.com.br/die/media/check.png
IP
108.179.193.33:443
ASN
#26337 OIS1

Requested by
https://paesetoth.com.br/die/
Certificate
IssuerLet's Encrypt
Subject*.paesetoth.com.br
Fingerprint43:8F:25:F2:1B:20:90:9B:5F:23:3D:F5:3F:26:1D:3C:75:8B:D2:C7
ValiditySun, 08 Oct 2023 22:44:05 GMT - Sat, 06 Jan 2024 22:44:04 GMT

File type
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Size
5.1 kB (5052 bytes)
Hash
5d7778428defce4505ebbaf6f5da2ca0
da67c79bd4b8227cabb7532a7bdcce800fc836ad
4cf42b49cf7e1856000a6383e59b587c108f4bac7ae5da57916cf835788cbd56

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /die/media/check.png HTTP/1.1
Host: paesetoth.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paesetoth.com.br/die/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 25 Jun 2022 22:05:12 GMT
accept-ranges: bytes
content-length: 5052
content-type: image/png
date: Thu, 09 Nov 2023 00:28:58 GMT
server: Apache
X-Firefox-Spdy: h2

paesetoth.com.br/die/media/script.js

108.179.193.33

200 OK

1.9 kB

URL GET HTTP/2
paesetoth.com.br/die/media/script.js
IP
108.179.193.33:443
ASN
#26337 OIS1

Requested by
https://paesetoth.com.br/die/
Certificate
IssuerLet's Encrypt
Subject*.paesetoth.com.br
Fingerprint43:8F:25:F2:1B:20:90:9B:5F:23:3D:F5:3F:26:1D:3C:75:8B:D2:C7
ValiditySun, 08 Oct 2023 22:44:05 GMT - Sat, 06 Jan 2024 22:44:04 GMT

File type
ASCII text, with CRLF line terminators
Size
1.9 kB (1905 bytes)
Hash
84249a6a0a7579210c459688bfe1be28
11c960eabb95538c8ccbde0fd8b5bcc9b8bf75aa
d04d8a6e353001c207904cfbe2009eb6e95e51cf74a6d28a4b6af0868adb2e5b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /die/media/script.js HTTP/1.1
Host: paesetoth.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paesetoth.com.br/die/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 25 Jun 2022 22:05:12 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1905
content-type: application/javascript
date: Thu, 09 Nov 2023 00:28:58 GMT
server: Apache
X-Firefox-Spdy: h2

paesetoth.com.br/die/media/product.png

108.179.193.33

200 OK

21 kB

URL GET HTTP/2
paesetoth.com.br/die/media/product.png
IP
108.179.193.33:443
ASN
#26337 OIS1

Requested by
https://paesetoth.com.br/die/
Certificate
IssuerLet's Encrypt
Subject*.paesetoth.com.br
Fingerprint43:8F:25:F2:1B:20:90:9B:5F:23:3D:F5:3F:26:1D:3C:75:8B:D2:C7
ValiditySun, 08 Oct 2023 22:44:05 GMT - Sat, 06 Jan 2024 22:44:04 GMT

File type
PNG image data, 356 x 403, 8-bit/color RGBA, non-interlaced\012- data
Size
21 kB (20568 bytes)
Hash
638e41237b155ddbb2d2bdd9f5ba64bb
1947e30d416bb5a0df021d82142703a7ec04e011
b3f2d797aa29b93b8919af68290b7399ebcb02dc93ddf8aa9f57b4ad1df8500e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /die/media/product.png HTTP/1.1
Host: paesetoth.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paesetoth.com.br/die/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 25 Jun 2022 22:05:12 GMT
accept-ranges: bytes
content-length: 20568
content-type: image/png
date: Thu, 09 Nov 2023 00:28:58 GMT
server: Apache
X-Firefox-Spdy: h2

paesetoth.com.br/die/media/package.png

108.179.193.33

200 OK

18 kB

URL GET HTTP/2
paesetoth.com.br/die/media/package.png
IP
108.179.193.33:443
ASN
#26337 OIS1

Requested by
https://paesetoth.com.br/die/
Certificate
IssuerLet's Encrypt
Subject*.paesetoth.com.br
Fingerprint43:8F:25:F2:1B:20:90:9B:5F:23:3D:F5:3F:26:1D:3C:75:8B:D2:C7
ValiditySun, 08 Oct 2023 22:44:05 GMT - Sat, 06 Jan 2024 22:44:04 GMT

File type
PNG image data, 200 x 133, 8-bit colormap, non-interlaced\012- data
Size
18 kB (17622 bytes)
Hash
9a1060928c4c80bc3c817af01e939040
ec60717eda3540eb60ea24f1fba11e6e1e93cb01
3b19eeb21d7fbd9b8b260e57c2d9198f83732339a9e3cbd5d2264f77e722df26

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /die/media/package.png HTTP/1.1
Host: paesetoth.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paesetoth.com.br/die/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 25 Jun 2022 22:05:12 GMT
accept-ranges: bytes
content-length: 17622
content-type: image/png
date: Thu, 09 Nov 2023 00:28:58 GMT
server: Apache
X-Firefox-Spdy: h2

paesetoth.com.br/die/media/loading.gif

108.179.193.33

200 OK

508 kB

URL GET HTTP/2
paesetoth.com.br/die/media/loading.gif
IP
108.179.193.33:443
ASN
#26337 OIS1

Requested by
https://paesetoth.com.br/die/
Certificate
IssuerLet's Encrypt
Subject*.paesetoth.com.br
Fingerprint43:8F:25:F2:1B:20:90:9B:5F:23:3D:F5:3F:26:1D:3C:75:8B:D2:C7
ValiditySun, 08 Oct 2023 22:44:05 GMT - Sat, 06 Jan 2024 22:44:04 GMT

File type
GIF image data, version 89a, 800 x 600\012- data
Size
508 kB (508135 bytes)
Hash
774dfc3492ba21ccb49f06e38e108a7c
b347c28ceb24ad794a4f63ed76815b3b9ebde074
fc85702baca03c9e5cea9b68ee081a4fcb99d8ab9c028772dc69e908208128f7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /die/media/loading.gif HTTP/1.1
Host: paesetoth.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paesetoth.com.br/die/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 25 Jun 2022 22:05:12 GMT
accept-ranges: bytes
content-length: 508135
content-type: image/gif
date: Thu, 09 Nov 2023 00:28:58 GMT
server: Apache
X-Firefox-Spdy: h2

a.mgid.com/1x1.gif?id=507061&type=c&tg=&r=https%3A%2F%2Fpaesetoth.com.br%2Fdie%2F&nv=1&clid=&clidv=0&d=1699489738992

104.19.129.76

200 OK

43 B

URL GET HTTP/3
a.mgid.com/1x1.gif?id=507061&type=c&tg=&r=https%3A%2F%2Fpaesetoth.com.br%2Fdie%2F&nv=1&clid=&clidv=0&d=1699489738992
IP
104.19.129.76:443
ASN
#13335 CLOUDFLARENET

Requested by
https://paesetoth.com.br/die/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint44:BF:9D:AD:98:A7:1A:F2:1D:18:EF:4E:3E:BE:C0:D8:28:4D:9F:04
ValidityTue, 11 Apr 2023 00:00:00 GMT - Wed, 10 Apr 2024 23:59:59 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
57f187c7a868faeac558007a8eb6cb2e
11ab10ab109fdb53d91d444ac781101f5a6360c6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

HTTP Headers

GET /1x1.gif?id=507061&type=c&tg=&r=https%3A%2F%2Fpaesetoth.com.br%2Fdie%2F&nv=1&clid=&clidv=0&d=1699489738992 HTTP/1.1
Host: a.mgid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paesetoth.com.br/
Cookie: __cf_bm=RtpmTTF6kI6pVHmlugRlXiWOZ.aL1UEMTc.sGYlRAUs-1699489738-0-AcceQQO0ZHNGR2DRIAhKzr8vMntwwU6M4dMW2cFOif1rCi2fxtZhRRjdCb3KVBQ2a6itGgVfJXGUXMuGxavD75o=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 Nov 2023 00:28:59 GMT
content-type: image/gif
content-length: 43
cf-cache-status: DYNAMIC
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 8231f054d8b2b4f9-OSL
alt-svc: h3=":443"; ma=86400

paesetoth.com.br/die/media/unnamed.jpg

108.179.193.33

200 OK

29 kB

URL GET HTTP/2
paesetoth.com.br/die/media/unnamed.jpg
IP
108.179.193.33:443
ASN
#26337 OIS1

Requested by
https://paesetoth.com.br/die/
Certificate
IssuerLet's Encrypt
Subject*.paesetoth.com.br
Fingerprint43:8F:25:F2:1B:20:90:9B:5F:23:3D:F5:3F:26:1D:3C:75:8B:D2:C7
ValiditySun, 08 Oct 2023 22:44:05 GMT - Sat, 06 Jan 2024 22:44:04 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 900x900, components 3\012- data
Size
29 kB (28681 bytes)
Hash
c97d10c96acd578cc039d9287a248ebb
0ca1f0dc39fd49e4da7c8023b1516b30558c7f59
a3b9c874e3225ab1db91cc2c5f6728d844574e75f36ea2cf594d8d9767e92b29

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /die/media/unnamed.jpg HTTP/1.1
Host: paesetoth.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paesetoth.com.br/die/
Cookie: _scid=5a1bdccd-8f5a-4839-8cd4-f5a63fbcb945; _scid_r=5a1bdccd-8f5a-4839-8cd4-f5a63fbcb945; _fbp=fb.2.1699489738864.1240079141; MgidSensorNVis=1; MgidSensorHref=https://paesetoth.com.br/die/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 02 Nov 2020 17:00:20 GMT
accept-ranges: bytes
content-length: 28681
content-type: image/jpeg
date: Thu, 09 Nov 2023 00:28:59 GMT
server: Apache
X-Firefox-Spdy: h2

paesetoth.com.br/die/media/399694290689525.js

108.179.193.33

200 OK

295 kB

URL GET HTTP/2
paesetoth.com.br/die/media/399694290689525.js
IP
108.179.193.33:443
ASN
#26337 OIS1

Requested by
https://paesetoth.com.br/die/
Certificate
IssuerLet's Encrypt
Subject*.paesetoth.com.br
Fingerprint43:8F:25:F2:1B:20:90:9B:5F:23:3D:F5:3F:26:1D:3C:75:8B:D2:C7
ValiditySun, 08 Oct 2023 22:44:05 GMT - Sat, 06 Jan 2024 22:44:04 GMT

File type
ASCII text, with very long lines (64471)
Size
295 kB (294824 bytes)
Hash
3b37d3b8982a5b7e434c9144623b5d84
9b76a30c7b12a41c1964f368acb27def284f20d4
9e6065eb4a7a83e47a1b8db3acc1596c8ba8d8a3a9b6e6f7bf04f2b1e6856bba

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /die/media/399694290689525.js HTTP/1.1
Host: paesetoth.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paesetoth.com.br/die/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Sat, 25 Jun 2022 22:05:12 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Thu, 09 Nov 2023 00:28:58 GMT
server: Apache
X-Firefox-Spdy: h2

paesetoth.com.br/die/media/fbevents.js

108.179.193.33

200 OK

102 kB

URL GET HTTP/2
paesetoth.com.br/die/media/fbevents.js
IP
108.179.193.33:443
ASN
#26337 OIS1

Requested by
https://paesetoth.com.br/die/
Certificate
IssuerLet's Encrypt
Subject*.paesetoth.com.br
Fingerprint43:8F:25:F2:1B:20:90:9B:5F:23:3D:F5:3F:26:1D:3C:75:8B:D2:C7
ValiditySun, 08 Oct 2023 22:44:05 GMT - Sat, 06 Jan 2024 22:44:04 GMT

File type
ASCII text, with very long lines (64348)
Size
102 kB (102077 bytes)
Hash
2520c3e358648a72a57789c944de88ec
fcfd4ba337dc77346b50c3821ee8af6514195fbc
3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /die/media/fbevents.js HTTP/1.1
Host: paesetoth.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paesetoth.com.br/die/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Sat, 25 Jun 2022 22:05:12 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Thu, 09 Nov 2023 00:28:58 GMT
server: Apache
X-Firefox-Spdy: h2

a.mgid.com/mgsensor.js?d=1699489738654

104.19.129.76

200 OK

16 kB

URL GET HTTP/2
a.mgid.com/mgsensor.js?d=1699489738654
IP
104.19.129.76:443
ASN
#13335 CLOUDFLARENET

Requested by
https://paesetoth.com.br/die/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint44:BF:9D:AD:98:A7:1A:F2:1D:18:EF:4E:3E:BE:C0:D8:28:4D:9F:04
ValidityTue, 11 Apr 2023 00:00:00 GMT - Wed, 10 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (15971), with no line terminators
Size
16 kB (15971 bytes)
Hash
3d68dacad327ceb74670a02c3e653688
ef6786e6e3ed374216d55ef0cf3e50de7d56fba5
c5336d1cf6681700a554b1281809f75d823ce64e990ca6e8c42d628f69406d2a

HTTP Headers

GET /mgsensor.js?d=1699489738654 HTTP/1.1
Host: a.mgid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paesetoth.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 Nov 2023 00:28:58 GMT
content-type: application/javascript
vary: Accept-Encoding
x-mg-request-uuid: fd2798fa-e36b-40e6-9749-d5e715580380
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=RtpmTTF6kI6pVHmlugRlXiWOZ.aL1UEMTc.sGYlRAUs-1699489738-0-AcceQQO0ZHNGR2DRIAhKzr8vMntwwU6M4dMW2cFOif1rCi2fxtZhRRjdCb3KVBQ2a6itGgVfJXGUXMuGxavD75o=; path=/; expires=Thu, 09-Nov-23 00:58:58 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 8231f0530bcb1c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (9)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (20)

URL User Request GET HTTP/2

IP

ASN