Report - dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php

Report Overview

Visited public
2023-12-01 18:41:36
Tags
URL
dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Finishing URL
dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
IP / ASN
172.67.201.109
#13335 CLOUDFLARENET
Title
PUBG MOBILE EVENT

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ajax.googleapis.com	12905	2005-01-25	2013-08-16 11:51:31	2023-12-01 08:07:42	448 B	31 kB	142.250.74.74
i.ibb.co	13485	2010-07-20	2018-11-25 11:13:48	2023-12-01 07:57:44	910 B	57 kB	162.19.58.160
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17 22:46:33	2023-12-01 05:09:17	1.1 kB	46 kB	104.17.25.14
dulliusimoveis.com.br	unknown	2021-10-12	2014-12-31 17:56:16	2023-12-01 19:29:38	21 kB	3.7 MB	104.21.21.240
i.postimg.cc	23840	2016-06-11	2018-04-11 12:01:12	2023-11-30 18:18:00	3.3 kB	70 kB	162.19.88.68
www.pubgmobile.com	21653	2017-10-18	2018-04-27 13:06:13	2023-11-28 22:57:43	3.3 kB	994 kB	95.101.11.144
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-12-01 05:29:09	1.1 kB	32 kB	216.58.207.227
stackpath.bootstrapcdn.com	2467	2012-05-25	2018-06-15 22:36:43	2023-12-01 06:54:36	992 B	64 kB	104.18.10.207
site-assets.fontawesome.com	299062	2012-10-18	2022-02-10 07:20:21	2023-12-01 13:47:07	463 B	510 kB	104.18.40.68
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-12-01 08:02:13	937 B	14 kB	142.250.74.106

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-12-01 18:41:21	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-12-01 18:41:21	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-12-01 18:41:21	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-12-01 18:41:21	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-12-01 18:41:22	medium	Client IP	Internal IP	ET DNS Query for .cc TLD

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-11-26	medium	dulliusimoveis.com.br/	Tencent
2023-11-26	medium	dulliusimoveis.com.br/	Tencent
2023-11-26	medium	dulliusimoveis.com.br/	Tencent
2023-11-26	medium	dulliusimoveis.com.br/	Tencent
2023-11-26	medium	dulliusimoveis.com.br/	Tencent
2023-11-26	medium	dulliusimoveis.com.br/	Tencent
2023-11-26	medium	dulliusimoveis.com.br/	Tencent
2023-11-26	medium	dulliusimoveis.com.br/	Tencent
2023-11-26	medium	dulliusimoveis.com.br/	Tencent
2023-11-26	medium	dulliusimoveis.com.br/	Tencent
2023-11-26	medium	dulliusimoveis.com.br/	Tencent
2023-11-26	medium	dulliusimoveis.com.br/	Tencent
2023-11-26	medium	dulliusimoveis.com.br/	Tencent
2023-11-26	medium	dulliusimoveis.com.br/	Tencent
2023-11-26	medium	dulliusimoveis.com.br/	Tencent
2023-11-26	medium	dulliusimoveis.com.br/	Tencent
2023-11-26	medium	dulliusimoveis.com.br/	Tencent
2023-11-26	medium	dulliusimoveis.com.br/	Tencent
2023-11-26	medium	dulliusimoveis.com.br/	Tencent
2023-11-26	medium	dulliusimoveis.com.br/	Tencent
2023-11-26	medium	dulliusimoveis.com.br/	Tencent
2023-11-26	medium	dulliusimoveis.com.br/	Tencent
2023-11-26	medium	dulliusimoveis.com.br/	Tencent
2023-11-26	medium	dulliusimoveis.com.br/	Tencent
2023-11-26	medium	dulliusimoveis.com.br/	Tencent
2023-11-26	medium	dulliusimoveis.com.br/	Tencent
2023-11-26	medium	dulliusimoveis.com.br/	Tencent
2023-11-26	medium	dulliusimoveis.com.br/	Tencent
2023-11-26	medium	dulliusimoveis.com.br/	Tencent
2023-11-26	medium	dulliusimoveis.com.br/	Tencent
2023-11-26	medium	dulliusimoveis.com.br/	Tencent
2023-11-26	medium	dulliusimoveis.com.br/	Tencent
2023-11-26	medium	dulliusimoveis.com.br/	Tencent
2023-11-26	medium	dulliusimoveis.com.br/	Tencent
2023-11-26	medium	dulliusimoveis.com.br/	Tencent
2023-11-26	medium	dulliusimoveis.com.br/	Tencent
2023-11-26	medium	dulliusimoveis.com.br/	Tencent
2023-11-26	medium	dulliusimoveis.com.br/	Tencent
2023-11-26	medium	dulliusimoveis.com.br/	Tencent
2023-11-26	medium	dulliusimoveis.com.br/	Tencent
2023-11-26	medium	dulliusimoveis.com.br/	Tencent

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (70)

	URL	From	Size	First Seen	Last Seen
	dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php	ScriptElement	210 B	2023-09-24	2024-08-21
Pretty URL dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php IP 104.21.21.240 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-24 02:37 Last Seen2024-08-21 05:54 Times Seen4 Hash d61f6085ac07fa8604c6495017b04fdd 34389d574630980dce8ba9d6bca31d6c8ee1c9c0 710968d6a5f0e6321b865cdd365e12b98c32a09021e4035aba1f1a107c0efd0b Loading...

	dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php	ScriptElement	912 B	2023-09-24	2024-08-21
Pretty URL dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php IP 104.21.21.240 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-24 02:37 Last Seen2024-08-21 05:54 Times Seen6 Hash bbf4ec2b702031d344b2cc0f738c984b ee16a4263541f0d6c06b0c59531cb5ab740db1b5 b5382c1861dede97830fa3712dbaeed1737dd0a306b37aa2a6f2532812ffdd71 Loading...

	dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php	ScriptElement	517 B	2023-08-05	2024-08-21
Pretty URL dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php IP 104.21.21.240 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-05 13:25 Last Seen2024-08-21 05:54 Times Seen7 Hash 809988601e7bd545888c58e3a45d00c6 8850dde15c0099dc9051345755cb7814e4e0aaa5 b0a2394043e619353820536460a3c753c729cee042c1c2724bb3ed907bc29aac Loading...

	dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php	ScriptElement	602 B	2023-08-05	2024-08-21
Pretty URL dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php IP 104.21.21.240 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-05 13:25 Last Seen2024-08-21 05:54 Times Seen7 Hash 45c142dd2935454f06a5461d7c658160 cdbf986232f48d5d655ce2dc805cce4b3301379e 7459c35c3d465b5738578d577bc5d3c4e17beaa783f88fb01c3b89e7052bb59c Loading...

	unknown	ScriptElement	247 B	2024-08-20	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 17:09 Last Seen2024-08-20 17:09 Times Seen1 Hash 0e6b99cf54b4c34bccdc3d2dda8d82d0 3767f26007a83ac25bea253b6ea00a9f619199bc 143706d3bafa1864a17c9aaa3b152603f328f22fe11c31368051fd4a730ef442 Loading...

	dulliusimoveis.com.br/cdn-cgi/challenge-platform/scripts/jsd/main.js	ScriptElement	7.4 kB	2023-12-01	2023-12-01
Pretty URL dulliusimoveis.com.br/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 104.21.21.240 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-01 19:19 Last Seen2023-12-01 19:57 Times Seen3 Hash 1629972918fe4e80545bd3fd8b79f820 6f84db0335b18278d6825f3c268314a79ffc2ed7 01c5023803a466bdf351ec51fe55786cd913f5889cb70489d73adefc480cbdb5 Loading...

	dulliusimoveis.com.br/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	ScriptElement	1.2 kB	2023-03-07	2025-05-09
Pretty URL dulliusimoveis.com.br/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP 104.21.21.240 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-09 08:05 Times Seen68190 Hash 9e8f56e8e1806253ba01a95cfc3d392c a8af90d7482e1e99d03de6bf88fed2315c5dd728 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js	ScriptElement	88 kB	2023-05-12	2025-05-09
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js IP 142.250.74.74 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-12 23:07 Last Seen2025-05-09 04:01 Times Seen5996 Hash e6c2415c0ace414e5153670314ce99a9 5a9eeac34d86e92e5660e0f4f87204f1ed0c8ff6 d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8 Loading...

	dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php	ScriptElement	1.1 kB	2024-08-20	2024-08-20
Pretty URL dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php IP 104.21.21.240 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 17:09 Last Seen2024-08-20 17:09 Times Seen1 Hash edbabac95194fbc8b171e44d5d82e1d1 d38d92d5430399fe15feaa84654aa31bef69e32d 2056227ec49706f14162e2eda7d5bc49c3dd68a01470b8934c6af1af3aaa5b5d Loading...

		Size	First Seen	Last Seen
	#1 Write - 7b777c8258be4d66daa963d0851338d0	19 B	2023-04-22 10:34	2025-05-05 18:00
Pretty Observations First Seen2023-04-22 10:34 Last Seen2025-05-05 18:00 Times Seen852 Hash 7b777c8258be4d66daa963d0851338d0 7d3e13bc46e3ff6b2d1365e2c51b943b6b250f5b 690824b051f1ae8815e995f91232422bdb859066dc36605eb3d5cfacf604c908 Loading...

	#2 Write - 5d2dc822e8d4f0b306ca69e54950679d	19 B	2023-04-22 10:34	2025-05-05 18:00
Pretty Observations First Seen2023-04-22 10:34 Last Seen2025-05-05 18:00 Times Seen822 Hash 5d2dc822e8d4f0b306ca69e54950679d ec5cf0bb110d219d7e4bda5d14c0071c703cafd7 374f328ec9257ea51783a844612b0d075cc7ecc70805534c0224f44adda5e069 Loading...

	#3 Write - cac42769044d0dbe5b683086ab70007f	19 B	2023-04-22 10:34	2025-05-05 18:00
Pretty Observations First Seen2023-04-22 10:34 Last Seen2025-05-05 18:00 Times Seen853 Hash cac42769044d0dbe5b683086ab70007f 451bc1076e896baf8c00f8c311abbd65f85d50b7 7559e26f738b52c0f790444412c346745de4d13ebb8fcc28884862560cc9519f Loading...

	#4 Write - 3e8af7d0f5e6370da8570b377c888d9c	19 B	2023-04-22 10:34	2025-05-05 18:00
Pretty Observations First Seen2023-04-22 10:34 Last Seen2025-05-05 18:00 Times Seen853 Hash 3e8af7d0f5e6370da8570b377c888d9c c2de01f9d3daa641b9401c4e55770b1a4bac5b4b 8ef50bb1bcd890c39e916c12f6eb9f1db9c08bf1e326342d1cc5ebaa4fe446be Loading...

	#5 Write - 53c240fa6885652da29ddaf4dbf8c505	19 B	2023-04-22 10:34	2025-05-05 18:00
Pretty Observations First Seen2023-04-22 10:34 Last Seen2025-05-05 18:00 Times Seen853 Hash 53c240fa6885652da29ddaf4dbf8c505 ed8d6bbc962db63b8e7c34225a0f0698ba2119d1 35567e82ee7df5a7386f8ca0a1e6b1e67b0a2e3522bc94ddd21829e6711a240e Loading...

	#6 Write - 1fdff8c34626da4017aff0a2821d8b13	19 B	2023-04-22 10:34	2025-05-05 18:00
Pretty Observations First Seen2023-04-22 10:34 Last Seen2025-05-05 18:00 Times Seen850 Hash 1fdff8c34626da4017aff0a2821d8b13 55f2cd64499c15d5984aab9866dd55d365ccef23 b3dff5aa27eafabdaad74a18cff6b5fe4c1d8f3772ecf27d7f97a929cb88de33 Loading...

	#7 Write - 9268bb720f57b661570d77717fb1cf8f	19 B	2023-04-22 10:34	2025-05-05 18:00
Pretty Observations First Seen2023-04-22 10:34 Last Seen2025-05-05 18:00 Times Seen833 Hash 9268bb720f57b661570d77717fb1cf8f b9a950fd874919ed5bb11d31b42cc036b1984ae1 e4d50938965686c89329c9f3f0f7b67f9d183ac06da98664125994353784e4ed Loading...

	#8 Write - f7aae66ae2b52b128d01fd1b35e33453	19 B	2023-04-22 10:34	2025-05-05 18:00
Pretty Observations First Seen2023-04-22 10:34 Last Seen2025-05-05 18:00 Times Seen851 Hash f7aae66ae2b52b128d01fd1b35e33453 52b74544712d5ff9de4b1a5305f5a7a388ab6346 519ac6acbff2bfb0f62eeec8219821a845f2cd063737b2aef9d4f2384fa6f733 Loading...

	#9 Write - b6dc090a79226495e9644bbeee756518	19 B	2023-04-22 10:34	2025-05-05 18:00
Pretty Observations First Seen2023-04-22 10:34 Last Seen2025-05-05 18:00 Times Seen852 Hash b6dc090a79226495e9644bbeee756518 449b67436c8785555c781956ba56a454515682bb 8367a78ccb1e3cde37697b3af2f117e317393718fe68e566e6c13ef210dcc66a Loading...

	#10 Write - da8268b7f06713dcb4a225ed4352c5b7	19 B	2023-04-22 10:34	2025-05-05 18:00
Pretty Observations First Seen2023-04-22 10:34 Last Seen2025-05-05 18:00 Times Seen852 Hash da8268b7f06713dcb4a225ed4352c5b7 64e26d66dbc71a35e56b995b7ed2952cd4416698 4565f77725f2acb3bb1ddbd1a8154d6156bf0d399bc87dd62e22e5bd836468ad Loading...

	#11 Write - 246541b0664433f23212b252305bb32a	19 B	2023-04-22 10:34	2025-05-05 18:00
Pretty Observations First Seen2023-04-22 10:34 Last Seen2025-05-05 18:00 Times Seen823 Hash 246541b0664433f23212b252305bb32a 0866efa92eb7f9c75b3a45856a9c7e3310719b7d d056a96cf6d509c9def10b7dd78a46fc7b137713344e804ed849f9766c57ad19 Loading...

	#12 Write - ce67180f52a4e213b02a73de699ac9d7	19 B	2023-04-22 10:34	2025-05-05 18:00
Pretty Observations First Seen2023-04-22 10:34 Last Seen2025-05-05 18:00 Times Seen823 Hash ce67180f52a4e213b02a73de699ac9d7 406af3ae3db036d5e0a52bced3aa8502371a4cf2 49b4dfb6858a942ac006505cb2511424617ae6f26d173aa2363f1128e32bb503 Loading...

	#13 Write - 680fb8d8d22989bb18183258dcdf9f56	19 B	2023-04-22 10:34	2025-05-05 18:00
Pretty Observations First Seen2023-04-22 10:34 Last Seen2025-05-05 18:00 Times Seen833 Hash 680fb8d8d22989bb18183258dcdf9f56 57474cf81ab39e5b093493d0c35d048cbf466fb2 2e2f7a853d7480bd50d7021551e427eadcf5e7814f07eaa47ee2542835a512c3 Loading...

	#14 Write - 2407ddb62e965883f20fa23c826bf328	19 B	2023-04-22 10:34	2025-05-05 18:00
Pretty Observations First Seen2023-04-22 10:34 Last Seen2025-05-05 18:00 Times Seen852 Hash 2407ddb62e965883f20fa23c826bf328 8870fbad82926b2a51ec8f4d96b0dea661f54d0a 87484b3dbb15f32dfc8952ebd6b9530b83bd03c1693c2c0a870db80921c241a6 Loading...

	#15 Write - 1f0abd9d8e8190ccb8b56268b03eb97a	19 B	2023-04-22 10:34	2025-05-05 18:00
Pretty Observations First Seen2023-04-22 10:34 Last Seen2025-05-05 18:00 Times Seen852 Hash 1f0abd9d8e8190ccb8b56268b03eb97a 852e909d6d20f5672428502ba0541fad7f0ee2c1 a14c6fff6bca9d195ec25fe83830d69768fdb69b0fd1488e29cc7ba00ca04755 Loading...

	#16 Write - 7d5854ef579b22b85a1308a464991cbe	19 B	2023-04-22 10:34	2025-05-05 18:00
Pretty Observations First Seen2023-04-22 10:34 Last Seen2025-05-05 18:00 Times Seen852 Hash 7d5854ef579b22b85a1308a464991cbe bca2593c39b377d192b5be3d23f73a6acc1ba9dd ee855aef125f82c560259778b792cdeb143dee61b40be24ae78345ba96ab07dd Loading...

	#17 Write - 914dadef0120224114573295cd60933c	19 B	2023-04-22 10:34	2025-05-05 18:00
Pretty Observations First Seen2023-04-22 10:34 Last Seen2025-05-05 18:00 Times Seen852 Hash 914dadef0120224114573295cd60933c c4811ce68cfbc54e1eca2c2ba1af8dd6fbced84e c5cbce3172fffe2ca10ef64d85ba4b2ff52cf3989e7ba4a04b3024f50efa5f31 Loading...

	#18 Write - 57574f53b6de200174d35574df1da053	19 B	2023-04-22 10:34	2025-05-05 18:00
Pretty Observations First Seen2023-04-22 10:34 Last Seen2025-05-05 18:00 Times Seen852 Hash 57574f53b6de200174d35574df1da053 2fb004ca614092eee28fc45611cdeca1d38ad065 c990e04237a0fabc10c638a3340f0af26b4555ddbc373bdf453ff00910afa15f Loading...

	#19 Write - 4999933195d7474661a7588a5ceea991	19 B	2023-04-22 10:34	2025-05-05 18:00
Pretty Observations First Seen2023-04-22 10:34 Last Seen2025-05-05 18:00 Times Seen851 Hash 4999933195d7474661a7588a5ceea991 a10e2435d00ff565b423650e231fc3a7ab060671 0bd8d756a5a5967d29f7675f3cdada4a6b19f54af7e23e9b62fdb386b325d74e Loading...

	#20 Write - f82dff41574b0ddcad47c145b0e28050	19 B	2023-04-22 10:34	2025-05-05 18:00
Pretty Observations First Seen2023-04-22 10:34 Last Seen2025-05-05 18:00 Times Seen826 Hash f82dff41574b0ddcad47c145b0e28050 a2370f27ed38a5fc1e12ed4711814951c6926b1e db847cb68230ec9117bd8205a6aff20b71d27c3eceace3c765b22f92653cfa83 Loading...

	#21 Write - 596e6606d7c4ede34de2935f3c6c187e	19 B	2023-04-22 10:34	2025-05-05 18:00
Pretty Observations First Seen2023-04-22 10:34 Last Seen2025-05-05 18:00 Times Seen852 Hash 596e6606d7c4ede34de2935f3c6c187e d3ea84761e98142b91559b1a922cea287a5a3011 a6171bc58c97c84152bf23c4cd548779070196e84b8ac898f0c3f6c573bb372d Loading...

	#22 Write - f81a8aa27ad547b620591c871a087e2d	19 B	2023-04-22 10:34	2025-05-05 18:00
Pretty Observations First Seen2023-04-22 10:34 Last Seen2025-05-05 18:00 Times Seen852 Hash f81a8aa27ad547b620591c871a087e2d 77daa19609f08762d1e7544cc63e0feb2200ddc7 6f75db5c15ff88f889f6ad98cf6ce1a0aef119df1777de1b1a992fa0798fa077 Loading...

	#23 Write - c27e5c2ed7c9bc021cf46027c8d241a2	19 B	2023-04-22 10:34	2025-05-05 18:00
Pretty Observations First Seen2023-04-22 10:34 Last Seen2025-05-05 18:00 Times Seen851 Hash c27e5c2ed7c9bc021cf46027c8d241a2 251315bfd44456a07441481d1c9b3fc811f4aa3a 0870b6fdcbe4700c7e9c7c316ad592e0dd191f78b472267d3946db8a8ecc8f21 Loading...

	#24 Write - d29638340b860a0169f2c6cbc8dc9e94	19 B	2023-04-22 10:34	2025-05-05 18:00
Pretty Observations First Seen2023-04-22 10:34 Last Seen2025-05-05 18:00 Times Seen853 Hash d29638340b860a0169f2c6cbc8dc9e94 2dda54c8164c7e88101cc3f8af0464102035e38b 21049af0b39201d5e0689734e95ddfa2a20244afeabcbea8cd9fc4de8c8bfef9 Loading...

	#25 Write - c063106f27cd1452ae135f642e53eebf	19 B	2023-04-22 10:34	2025-05-05 18:00
Pretty Observations First Seen2023-04-22 10:34 Last Seen2025-05-05 18:00 Times Seen853 Hash c063106f27cd1452ae135f642e53eebf 47a5ba2c254149265ba308a7be7b39924ea90b2a 7ce37963c8c42196e5562cd6f4804e4e7eb5ffb3d9393e0e8404bc55f6113cba Loading...

	#26 Write - b463a44051f5ec20ae48196f36054e13	19 B	2023-04-22 10:34	2025-05-05 18:00
Pretty Observations First Seen2023-04-22 10:34 Last Seen2025-05-05 18:00 Times Seen853 Hash b463a44051f5ec20ae48196f36054e13 5b732f6e972167e618e38cdcdf292c5a63dca9d3 87da72b460eea48a4375dcf38b3192896a661cd64ec1465b856b81538f7e3918 Loading...

	#27 Write - 1381ddde79e03e1767f7819397700163	19 B	2023-04-22 10:34	2025-05-05 18:00
Pretty Observations First Seen2023-04-22 10:34 Last Seen2025-05-05 18:00 Times Seen851 Hash 1381ddde79e03e1767f7819397700163 bdc8e80553918ed9d64bf922becac723bd9fb729 9b80a2abb7cef34f34d9c1b5f2ed4154352b8b4b1802b6fa3609b3c9d2b1a458 Loading...

	#28 Write - 26b2bc4dfa81b43fe5a91d2c178dd361	19 B	2023-04-22 10:34	2025-05-05 18:00
Pretty Observations First Seen2023-04-22 10:34 Last Seen2025-05-05 18:00 Times Seen852 Hash 26b2bc4dfa81b43fe5a91d2c178dd361 fd7919b5dda72e5dc5ff29f39439ed5f6ca81871 8adcf28e1f74b9d284b6a8e7621e79f89ff5bb458dc81d9b366fc51bcb75f28b Loading...

	#29 Write - b1b8a68909e47131052789e18ed991c5	19 B	2023-04-22 10:34	2025-05-05 18:00
Pretty Observations First Seen2023-04-22 10:34 Last Seen2025-05-05 18:00 Times Seen852 Hash b1b8a68909e47131052789e18ed991c5 bcd0f3c9cfceb4a62dfddb168f3547b0ff706374 8476c02876aea613cda596f888e3e454d1aad05d221a3d45f3a60ae9393ed319 Loading...

	#30 Write - ce5b835c74307454b195bc9b87ab25ad	19 B	2023-04-22 10:34	2025-05-05 18:00
Pretty Observations First Seen2023-04-22 10:34 Last Seen2025-05-05 18:00 Times Seen852 Hash ce5b835c74307454b195bc9b87ab25ad 6e2a7143cb9d2f1c196ea81fcff842aa7ad2bfd0 2bc85f2a21ff1488d409bb7549110022cdc2274fca518696103e6ea4ee971392 Loading...

	#31 Write - 2ff07b7af9c1223cc816428b9699a077	19 B	2023-04-22 10:34	2025-05-05 18:00
Pretty Observations First Seen2023-04-22 10:34 Last Seen2025-05-05 18:00 Times Seen851 Hash 2ff07b7af9c1223cc816428b9699a077 2f7744b74e67feb8b4d37fd68c5b341e657a5d09 947ba6e211b46fd494a831c93774e351a2114a2068306ac8137023a29c22d717 Loading...

	#32 Write - f2f9eb963a5bc112561501b10eb9f688	19 B	2023-04-22 10:34	2025-05-05 18:00
Pretty Observations First Seen2023-04-22 10:34 Last Seen2025-05-05 18:00 Times Seen852 Hash f2f9eb963a5bc112561501b10eb9f688 e7be8ffd6bdc4082a2c86b83940f291ddee8cb9e eb6d59fae5702df6e19944401b185d631f495acc6a1b27707bc524e4a26d3768 Loading...

	#33 Write - f878e8bd0445ab90e42c6ff26a714cd5	19 B	2023-04-22 10:34	2025-05-05 18:00
Pretty Observations First Seen2023-04-22 10:34 Last Seen2025-05-05 18:00 Times Seen851 Hash f878e8bd0445ab90e42c6ff26a714cd5 cef4addbd9946a09aa2545fea536b580e5aa75bb bd2a6457dcf585698134e31288339b2c83c90bc3efa0207082c16f1947d81698 Loading...

	#34 Write - 3b7cb9e898b2368382615803a65c75d3	19 B	2023-04-22 10:34	2025-05-05 18:00
Pretty Observations First Seen2023-04-22 10:34 Last Seen2025-05-05 18:00 Times Seen847 Hash 3b7cb9e898b2368382615803a65c75d3 60fa902993681d254fde4c6066be68db74de2ed3 38dfdd15caf30f9899d49a6422b73018cb552f873de5dce24d1c2bd01a72c888 Loading...

	#35 Write - fccb11dde8a7d3a197ba6dc22fbb231d	20 B	2023-04-22 10:34	2025-05-05 18:00
Pretty Observations First Seen2023-04-22 10:34 Last Seen2025-05-05 18:00 Times Seen850 Hash fccb11dde8a7d3a197ba6dc22fbb231d c86b853f11220a14d0a667bbe08be97d18679fcc f37b4e527dba46d6e9ebf512a36a060780533a164c538b67a259910b79d96125 Loading...

	#36 Write - af42124fb23866e29287836fff6d3896	19 B	2023-04-22 10:34	2025-05-05 18:00
Pretty Observations First Seen2023-04-22 10:34 Last Seen2025-05-05 18:00 Times Seen833 Hash af42124fb23866e29287836fff6d3896 8417cd2acf7b2fb483102d54c5238f91da85deb9 1f0008a619fdf98128a6bd9c386f8f8b41254adcfec1a1195d46009568c67b63 Loading...

	#37 Write - dbca3d0c2e30aec4bb8135129e26071e	19 B	2023-04-22 10:34	2025-05-05 18:00
Pretty Observations First Seen2023-04-22 10:34 Last Seen2025-05-05 18:00 Times Seen853 Hash dbca3d0c2e30aec4bb8135129e26071e c9e1cfe63d9ca153308d08d009b38f5281ac9073 39e9000d8bf5dab29600ed51f277c601b33e2950a545e583542b9bd68cb9b1da Loading...

	#38 Write - cdcc8499dec336fe655502037873ad09	19 B	2023-04-22 10:34	2025-05-05 18:00
Pretty Observations First Seen2023-04-22 10:34 Last Seen2025-05-05 18:00 Times Seen853 Hash cdcc8499dec336fe655502037873ad09 df29230c72cec47be7797309e7f4dd868b430a32 4b74080433c7e1e2cc034124f3f5acb444b95bd320d9ef3827db207b92214e6d Loading...

	#39 Write - 160edc8db45d8cf1db6b306e01b1b522	19 B	2023-04-22 10:34	2025-05-05 18:00
Pretty Observations First Seen2023-04-22 10:34 Last Seen2025-05-05 18:00 Times Seen853 Hash 160edc8db45d8cf1db6b306e01b1b522 eb3cc2404ff47a884d1b38f4e5570e992c2b28c1 5c4db52d774d189e67be581f8cf0a1be27580d903ac882f6dc8fcdbca5d4dc89 Loading...

	#40 Write - 3a3037c3b96ff0a3193bca0e7f88aadc	19 B	2023-04-22 10:34	2025-05-05 18:00
Pretty Observations First Seen2023-04-22 10:34 Last Seen2025-05-05 18:00 Times Seen833 Hash 3a3037c3b96ff0a3193bca0e7f88aadc 76a57d086b2730b9f8ed53d9d436cec27afd6f25 427baae29ffa2912b54f3efe7289d6feb962258dab66f3e66fe7f97a74c05781 Loading...

	#41 Write - 569cbaa5d4e07d93d0ef40f00325dd8a	19 B	2023-04-22 10:34	2025-05-05 18:00
Pretty Observations First Seen2023-04-22 10:34 Last Seen2025-05-05 18:00 Times Seen851 Hash 569cbaa5d4e07d93d0ef40f00325dd8a d53d3ccf37eb01c61ab82418727c25fb284eb205 c2a331c02c1ee796f08d7178d991fbaf91961275a5cf9986035d61a484fad97e Loading...

	#42 Write - 0aaabba7ccc2505b6870a656b6819d3b	19 B	2023-04-22 10:34	2025-05-05 18:00
Pretty Observations First Seen2023-04-22 10:34 Last Seen2025-05-05 18:00 Times Seen851 Hash 0aaabba7ccc2505b6870a656b6819d3b 5ee2b0096cb5a7a03db1452893d0f0efbd3f051c f32cced9669187aebe75ba41a8f0d897a27cb02bbcd5dcf0ad6dbfe31cc208a0 Loading...

	#43 Write - f5cab08d58af1c86a04a9231f211264f	19 B	2023-04-22 10:34	2025-05-05 18:00
Pretty Observations First Seen2023-04-22 10:34 Last Seen2025-05-05 18:00 Times Seen853 Hash f5cab08d58af1c86a04a9231f211264f f2d69d788b83bd5ae40c26941d0c498b2fffd6aa f17b1d59157c1da10c25ba260aee32275310e2af951352611a5d40acee244cd0 Loading...

	#44 Write - c2274bf4d3d8c56c24099c9c6c922129	19 B	2023-04-22 10:34	2025-05-05 18:00
Pretty Observations First Seen2023-04-22 10:34 Last Seen2025-05-05 18:00 Times Seen853 Hash c2274bf4d3d8c56c24099c9c6c922129 f9ca14e62356c3d1ac19c1cfbaf96bd721bcafd9 da55c710a4bfa6102e7212e9685e1e6ca6072de478b9b5a4ef73fb629043b9f2 Loading...

	#45 Write - d5d4a03bd7a18c5386526c4809b986be	19 B	2023-04-22 10:34	2025-05-05 18:00
Pretty Observations First Seen2023-04-22 10:34 Last Seen2025-05-05 18:00 Times Seen852 Hash d5d4a03bd7a18c5386526c4809b986be cd8ee075dd8b9b45e44a1f294a363189d12c037c c391d5c8f3478b12e350ffe590cc18b8b53b7c0ace33d1ebc9f6a91f227515bf Loading...

	#46 Write - 08981acc0dd5c00d58e592297ed2f12d	19 B	2023-04-22 10:34	2025-05-05 18:00
Pretty Observations First Seen2023-04-22 10:34 Last Seen2025-05-05 18:00 Times Seen852 Hash 08981acc0dd5c00d58e592297ed2f12d 6d917c2adac56ad56decf665139db8643f8713ac 3e305db42daec26a98e6e0cf1a29a7c956a323a6ed1b0304409a505ebc7c5e1f Loading...

	#47 Write - 3e0783099007df1ed28a11c3e447ea74	19 B	2023-04-22 10:34	2025-05-05 18:00
Pretty Observations First Seen2023-04-22 10:34 Last Seen2025-05-05 18:00 Times Seen852 Hash 3e0783099007df1ed28a11c3e447ea74 01fa4d2d862c8d4cec527823cea2028de9928c5f afbd1461a80f657118dc4824a30e2604804026fabfcbe6ca2ab93458a53e8a82 Loading...

	#48 Write - d2708560ddddf9fe2854103ea6095b0e	19 B	2023-04-22 10:34	2025-05-05 18:00
Pretty Observations First Seen2023-04-22 10:34 Last Seen2025-05-05 18:00 Times Seen825 Hash d2708560ddddf9fe2854103ea6095b0e 61af9e5b5b5e96580a7da75ebc27c57debb6137b 6d013dfe3b7e6304821534f0802b91d7ecb34e69dc880ef3efecac06a14e8a78 Loading...

	#49 Write - db0a49341fdf4c15231eac4c984768eb	19 B	2023-04-22 10:34	2025-05-05 18:00
Pretty Observations First Seen2023-04-22 10:34 Last Seen2025-05-05 18:00 Times Seen853 Hash db0a49341fdf4c15231eac4c984768eb 7f672147079f45765be2a5aa1259520ac55d5187 a096d07cb4eb3f9b68c17cb876dbc2e067c1092e38dbe84704fc00b1112b5530 Loading...

	#50 Write - 54dadabdb14c173b950fc5ac0647dc61	19 B	2023-04-22 10:34	2025-05-05 18:00
Pretty Observations First Seen2023-04-22 10:34 Last Seen2025-05-05 18:00 Times Seen853 Hash 54dadabdb14c173b950fc5ac0647dc61 100c82bb931eedb7fe034bbbbf0c1373cbef348e 1d8d74849c3855d65dcdf22c44407e3b34d34279aff0b991e24c5a08a8f62b07 Loading...

	#51 Write - 54fa6a1a732804cb2eb71846c1c88c85	19 B	2023-04-22 10:34	2025-05-05 18:00
Pretty Observations First Seen2023-04-22 10:34 Last Seen2025-05-05 18:00 Times Seen852 Hash 54fa6a1a732804cb2eb71846c1c88c85 ac48a7381ce0cea53de9797bff9ee3d827e1c50b 28776dcbc8585ccfedc6125ab43dabb41c1733e77220bddc30365376adf9de4f Loading...

	#52 Write - 3881d0ce03d76f22df4ba5ad7b17e61b	19 B	2023-04-22 10:34	2025-05-05 18:00
Pretty Observations First Seen2023-04-22 10:34 Last Seen2025-05-05 18:00 Times Seen833 Hash 3881d0ce03d76f22df4ba5ad7b17e61b 344a651785ec5e4e5ca05d468aece729e927533a b14632ce7eeab46e72d4414f3ea594402c906d09dfba025f62ef714681b8008d Loading...

	#53 Write - 729409264fc1bf2874651a3c16ed3ac1	19 B	2023-04-22 10:34	2025-05-05 18:00
Pretty Observations First Seen2023-04-22 10:34 Last Seen2025-05-05 18:00 Times Seen853 Hash 729409264fc1bf2874651a3c16ed3ac1 744d4edbcb9de5287abd15da414ac712e4ba7dfd 63370806c302182c42c242c16817f18c7d204507c31a32957a241323a667b93f Loading...

	#54 Write - f5799f97dd01d1b506b6c56d11b4b3ab	19 B	2023-04-22 10:34	2025-05-05 18:00
Pretty Observations First Seen2023-04-22 10:34 Last Seen2025-05-05 18:00 Times Seen853 Hash f5799f97dd01d1b506b6c56d11b4b3ab 24baa553dfea4ee7eea29c33ba5b62c8da6e62bc be90525374346d2f86a64dd1b13c775c34e9f7ed52f78543c308590d29336f24 Loading...

	#55 Write - fcf74b4a77f8a18258dfe246846fd85d	19 B	2023-04-22 10:34	2025-05-05 18:00
Pretty Observations First Seen2023-04-22 10:34 Last Seen2025-05-05 18:00 Times Seen853 Hash fcf74b4a77f8a18258dfe246846fd85d 4c9f24c70f5d69ff80690a78e47f62c2ef9b8fff 7a519afdf92bd1373c0aa3900c6c455811f624a070d68cccf5da124e6579f54c Loading...

	#56 Write - c57e69dc1c3714796fe1663d7f6a758e	19 B	2023-04-22 10:34	2025-05-05 18:00
Pretty Observations First Seen2023-04-22 10:34 Last Seen2025-05-05 18:00 Times Seen852 Hash c57e69dc1c3714796fe1663d7f6a758e 103d84e469f09107059d8a67f615cf2e20652664 eebd48c89f0b43036acec1a4db2909eeb314c5076bacaa6ac8bf9f4921a50ece Loading...

	#57 Write - 8dc6baddfb887c207f2cfc80a440e097	19 B	2023-04-22 10:34	2025-05-05 18:00
Pretty Observations First Seen2023-04-22 10:34 Last Seen2025-05-05 18:00 Times Seen851 Hash 8dc6baddfb887c207f2cfc80a440e097 c44cdd6dd814762e2d52f58f72f09249aadf60c1 7f97e2f5d8ac6458a314d609681f35979521288e3a0f2950cbabb8f0c0cad0c3 Loading...

	#58 Write - c64569b31d5a228f032c7af0dbbb959e	19 B	2023-04-22 10:34	2025-05-05 18:00
Pretty Observations First Seen2023-04-22 10:34 Last Seen2025-05-05 18:00 Times Seen851 Hash c64569b31d5a228f032c7af0dbbb959e e73d60cace93a0fba385efd2dda2fc91144b857f faff0e661677302655ef41c0fbef9c2a414473eb4fc91717bff201e5d58e311c Loading...

	#59 Write - 4faba762a8b0eeda162b204eacb9c3af	19 B	2023-04-22 10:34	2025-05-05 18:00
Pretty Observations First Seen2023-04-22 10:34 Last Seen2025-05-05 18:00 Times Seen852 Hash 4faba762a8b0eeda162b204eacb9c3af 9b9ccf92f9811df1df8ea6d9d4cd650f8719d23c 67a750f06cb8461db3c08f09cd4cb51932b8f99be5afc6e97b094be20ff17b45 Loading...

	#60 Write - 709dcd1b74993ea1d86ef30bbe75bda5	19 B	2023-04-22 10:34	2025-05-05 18:00
Pretty Observations First Seen2023-04-22 10:34 Last Seen2025-05-05 18:00 Times Seen852 Hash 709dcd1b74993ea1d86ef30bbe75bda5 49c6ebfdbff7a45a3af735dba2494fd9ab107b17 4ad9deee352fba0870bc0b6f55370cf953f8a042e00c7ccbd3bceb16592f4df7 Loading...

	#61 Write - e517ae48d6a82cefa2de65e88b6f5693	19 B	2023-04-22 10:34	2025-05-05 18:00
Pretty Observations First Seen2023-04-22 10:34 Last Seen2025-05-05 18:00 Times Seen853 Hash e517ae48d6a82cefa2de65e88b6f5693 ca25ce518f711726cb813ee73efcddd79211e1e0 169ebb8cf7ebcc8b8340edea912177a118a79c22c031852b1d412cffd13500a0 Loading...

HTTP Transactions (67)

URL IP Response Size

cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css

104.17.25.14

200 OK

5.8 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
5.8 kB (5845 bytes)
Hash
e9365fe85b7e4db79a87015e52c3db6c
2e2b5eb6e08f0f3d11fe0ada97c962a23ba6a0d9
dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56

HTTP Headers

GET /ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dulliusimoveis.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 01 Dec 2023 18:41:16 GMT
content-type: text/css; charset=utf-8
content-length: 5845
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ed9-1149f"
last-modified: Mon, 04 May 2020 16:12:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 649525
expires: Wed, 20 Nov 2024 18:41:16 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7QqfJKTykrkeLBCTV%2FbqlJ7IJzVfmcX3X3duvMm8UXrXo9R0kNVCqqOxBdhXBT8%2FmqoLf4UEQUiXGgbM9Mp9%2Bxq6QdRj95yWZuwPJYY1UvZLSdyCxzIFLwabcydHjjxrf889OSEC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 82ed769dbe78b51d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php

104.21.21.240

200 OK

5.6 kB

URL User Request GET HTTP/2
dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
IP
104.21.21.240:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectdulliusimoveis.com.br
Fingerprint01:68:D5:3B:D2:CF:2C:23:DB:A0:C5:87:E1:7C:13:14:78:15:3F:A9
ValidityWed, 11 Oct 2023 12:45:27 GMT - Tue, 09 Jan 2024 12:45:26 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1098), with CRLF line terminators
Size
5.6 kB (5604 bytes)
Hash
f9ab91912e95e946b5d4aa51b6c18fc0
eac9b37b238360dad0dba95300e17149b5fb29de
08e78fa84df1b485347ee6659cbd8202bfdc7dca9f4f656fd9da91a5c32cbe24

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /links/pubg-skin-V6/jj1saghf.php HTTP/1.1
Host: dulliusimoveis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 01 Dec 2023 18:41:16 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=34ciWUScwXl9Uk7sUy63963pbZeHdLGrOlM8legmVXfrx0oZxlSwiemdMEsIs6Ue4rCJZQXaIvdq%2Bb7mZ0PYSLDTEkWH3XpY4EDb6O1uaCSrV%2FL%2FKoihtylXsof02GmSP1O475X5MWs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82ed769b0ee2569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

dulliusimoveis.com.br/links/pubg-skin-V6/img/style-img/twitter-text.png

104.21.21.240

200 OK

4.3 kB

URL GET HTTP/3
dulliusimoveis.com.br/links/pubg-skin-V6/img/style-img/twitter-text.png
IP
104.21.21.240:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Certificate
IssuerLet's Encrypt
Subjectdulliusimoveis.com.br
Fingerprint01:68:D5:3B:D2:CF:2C:23:DB:A0:C5:87:E1:7C:13:14:78:15:3F:A9
ValidityWed, 11 Oct 2023 12:45:27 GMT - Tue, 09 Jan 2024 12:45:26 GMT

File type
PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data
Size
4.3 kB (4298 bytes)
Hash
fef946b8bba756359e2a1e87ccd915ea
acc364946077b0e32b2343474ce4066ad3ee524c
1be5d05ce6faad469f7f9c5a5879f2d9f8d267b60eb394e92c19217268bcea8f

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /links/pubg-skin-V6/img/style-img/twitter-text.png HTTP/1.1
Host: dulliusimoveis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 01 Dec 2023 18:41:16 GMT
content-type: image/png
content-length: 4298
last-modified: Fri, 01 Dec 2023 18:37:24 GMT
etag: "656a27e4-10ca"
expires: Sun, 31 Dec 2023 18:41:16 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0XwP02vCUaRSD4FNXlcvlRD7XAFSpwep4iQpXVYzTAwQGC6BwS0m3HRVNctySEsPCNXdMhJAZs5a3YDs38W0L55IZ%2FMBGnzsR6f%2BCZUSGlG39tY2DynFgvOq8zHUoNH5JLt4UB98hLg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ed769dfba456c6-OSL
alt-svc: h3=":443"; ma=86400

dulliusimoveis.com.br/links/pubg-skin-V6/img/logo.png

104.21.21.240

200 OK

50 kB

URL GET HTTP/3
dulliusimoveis.com.br/links/pubg-skin-V6/img/logo.png
IP
104.21.21.240:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Certificate
IssuerLet's Encrypt
Subjectdulliusimoveis.com.br
Fingerprint01:68:D5:3B:D2:CF:2C:23:DB:A0:C5:87:E1:7C:13:14:78:15:3F:A9
ValidityWed, 11 Oct 2023 12:45:27 GMT - Tue, 09 Jan 2024 12:45:26 GMT

File type
PNG image data, 1074 x 800, 4-bit colormap, non-interlaced\012- data
Size
50 kB (49773 bytes)
Hash
d2eba90e2876318a2a6e88ca9c3dcc5d
7efa230be0d0ff0d26cee718d8aa579e7595c14e
a2245e7e96fdfde4e68615f3b224d83473ab45d215681c5a265c53915dfc627b

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /links/pubg-skin-V6/img/logo.png HTTP/1.1
Host: dulliusimoveis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 01 Dec 2023 18:41:16 GMT
content-type: image/png
content-length: 49773
last-modified: Fri, 01 Dec 2023 18:37:24 GMT
etag: "656a27e4-c26d"
expires: Sun, 31 Dec 2023 18:41:16 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0l3rJ5aMApBIvPQ671CnFCzoVxVmYtwmgx6ivV09Ibu32d9BMl5%2BB4ZF5Nv46ySDZ2jwVT0kr8g60WhMygkKGR2VVSQgnKAFDw%2FhKlGrJUukiDRQClxWewqs0AIdUXEgEiWGXAc7ACI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ed769d9b2856c6-OSL
alt-svc: h3=":443"; ma=86400

dulliusimoveis.com.br/links/pubg-skin-V6/img/style-img/icon_fb.png

104.21.21.240

200 OK

4.5 kB

URL GET HTTP/3
dulliusimoveis.com.br/links/pubg-skin-V6/img/style-img/icon_fb.png
IP
104.21.21.240:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Certificate
IssuerLet's Encrypt
Subjectdulliusimoveis.com.br
Fingerprint01:68:D5:3B:D2:CF:2C:23:DB:A0:C5:87:E1:7C:13:14:78:15:3F:A9
ValidityWed, 11 Oct 2023 12:45:27 GMT - Tue, 09 Jan 2024 12:45:26 GMT

File type
PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Size
4.5 kB (4549 bytes)
Hash
55eef055b7e3c9a7b01e75bf1d946602
298bedf186fdcc606901513a2edbb5bc3ca233e6
9af17159dff494810a71a37678db1df805f264b935730d1c2e5a4d970305917f

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /links/pubg-skin-V6/img/style-img/icon_fb.png HTTP/1.1
Host: dulliusimoveis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 01 Dec 2023 18:41:16 GMT
content-type: image/png
content-length: 4549
last-modified: Fri, 01 Dec 2023 18:37:24 GMT
etag: "656a27e4-11c5"
expires: Sun, 31 Dec 2023 18:41:16 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZcFpxurBBkIBcvFP3ko4uvO6wfuFrX4axvJbkpQP66u8lEjpzd0omQzUYjvzH5Nj7Geb93XpyN%2BoFtuoL6L0fKCmE3gnKpNTfBXzUEQqisqYWuU1%2FThe5omDGMAbYbP9K11o5w6XKIk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ed769e0bca56c6-OSL
alt-svc: h3=":443"; ma=86400

dulliusimoveis.com.br/links/pubg-skin-V6/img/reward/1.png

104.21.21.240

200 OK

79 kB

URL GET HTTP/3
dulliusimoveis.com.br/links/pubg-skin-V6/img/reward/1.png
IP
104.21.21.240:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Certificate
IssuerLet's Encrypt
Subjectdulliusimoveis.com.br
Fingerprint01:68:D5:3B:D2:CF:2C:23:DB:A0:C5:87:E1:7C:13:14:78:15:3F:A9
ValidityWed, 11 Oct 2023 12:45:27 GMT - Tue, 09 Jan 2024 12:45:26 GMT

File type
PNG image data, 618 x 618, 8-bit colormap, non-interlaced\012- data
Size
79 kB (78754 bytes)
Hash
c4f6e5a9992ee59c5e5a2594a33ae021
3f4970fa9695a44419cfcbf99cbe24e5a7c9cdcd
0278cb3cc03b89f46507b51a28a714fe37be3a91e9b22b77169e97df0ef775ee

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /links/pubg-skin-V6/img/reward/1.png HTTP/1.1
Host: dulliusimoveis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 01 Dec 2023 18:41:16 GMT
content-type: image/png
content-length: 78754
last-modified: Fri, 01 Dec 2023 18:37:24 GMT
etag: "656a27e4-133a2"
expires: Sun, 31 Dec 2023 18:41:16 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pwfs%2B15%2Fc7egUJaLjvaU4ozojLjZIu%2BcD9GQoMQpzrfihRDfINbP1L0MpeB5vw3V5Dt871v2YBnrMac673iUoBe%2BLEqexVrDrXAq%2BVpcV3Q1XmGLHSCVh%2F%2BmtLCS3%2FeYiL%2F8dvBuu6I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ed769dbb6156c6-OSL
alt-svc: h3=":443"; ma=86400

dulliusimoveis.com.br/links/pubg-skin-V6/img/style-img/footer.png

104.21.21.240

200 OK

23 kB

URL GET HTTP/3
dulliusimoveis.com.br/links/pubg-skin-V6/img/style-img/footer.png
IP
104.21.21.240:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Certificate
IssuerLet's Encrypt
Subjectdulliusimoveis.com.br
Fingerprint01:68:D5:3B:D2:CF:2C:23:DB:A0:C5:87:E1:7C:13:14:78:15:3F:A9
ValidityWed, 11 Oct 2023 12:45:27 GMT - Tue, 09 Jan 2024 12:45:26 GMT

File type
PNG image data, 1280 x 189, 8-bit colormap, non-interlaced\012- data
Size
23 kB (22718 bytes)
Hash
c6b56cf1fbbb63620e8558afde759e96
4d50888d8a17c2dcdbd05e6068ca4b4b587c7f29
34f7601064bb7cc3cce9ba942dd92d7f53889c703daea37bf34e1e71a1de03f8

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /links/pubg-skin-V6/img/style-img/footer.png HTTP/1.1
Host: dulliusimoveis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 01 Dec 2023 18:41:16 GMT
content-type: image/png
content-length: 22718
last-modified: Fri, 01 Dec 2023 18:37:24 GMT
etag: "656a27e4-58be"
expires: Sun, 31 Dec 2023 18:41:16 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5AaDlhJLNWzAn%2B3NE9aE%2FXwQD83NCE1QRDWHqJjwKTs7zPwnL03g3MaIlrA72QNoQ4i2FHkFZkj600vEAZzUkzXe0VM2%2BZLNhquzuTyipkyXKXeD4gHPI49f1L891FFrLf7gHecZkwg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ed769dfba156c6-OSL
alt-svc: h3=":443"; ma=86400

dulliusimoveis.com.br/links/pubg-skin-V6/img/header/1.jpg

104.21.21.240

200 OK

134 kB

URL GET HTTP/3
dulliusimoveis.com.br/links/pubg-skin-V6/img/header/1.jpg
IP
104.21.21.240:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Certificate
IssuerLet's Encrypt
Subjectdulliusimoveis.com.br
Fingerprint01:68:D5:3B:D2:CF:2C:23:DB:A0:C5:87:E1:7C:13:14:78:15:3F:A9
ValidityWed, 11 Oct 2023 12:45:27 GMT - Tue, 09 Jan 2024 12:45:26 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=608, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1080], progressive, precision 8, 1080x608, components 3\012- data
Size
134 kB (134430 bytes)
Hash
185fbb0f2487b214d5098a25e860c5ed
0b24edbcb1ceb6718328b124b0a8308bcf625381
811bd2a6c56f0f4fd29a058b963e8d881e26b5c9327c33ec07dd647ac658d35d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /links/pubg-skin-V6/img/header/1.jpg HTTP/1.1
Host: dulliusimoveis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 01 Dec 2023 18:41:16 GMT
content-type: image/jpeg
content-length: 134430
last-modified: Fri, 01 Dec 2023 18:37:24 GMT
etag: "656a27e4-20d1e"
expires: Sun, 31 Dec 2023 18:41:16 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tRjEe4I4GdJ2C1ZAYzeOS7l88369wgix5pV4R3RFWCE5%2FHTZONwyXKMEbcuSngxqv86dX1yDNaguOs91uPx4M66gXbWinXnWDnkWNrMi8VbW%2BDTCahiq85FxYAqZQAD6bZtZdgaJrqw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ed769dab4356c6-OSL
alt-svc: h3=":443"; ma=86400

i.postimg.cc/jnLQLD1x/footer-socmed-1.png

162.19.88.68

200 OK

7.0 kB

URL GET HTTP/2
i.postimg.cc/jnLQLD1x/footer-socmed-1.png
IP
162.19.88.68:443
ASN
#16276 OVH SAS

Requested by
https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Certificate
IssuerLet's Encrypt
Subjectpostimg.cc
FingerprintA5:BC:82:6C:AF:0C:87:E6:4B:2F:B4:1A:26:A9:BB:4B:55:67:EA:1F
ValidityTue, 24 Oct 2023 07:31:42 GMT - Mon, 22 Jan 2024 07:31:41 GMT

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size
7.0 kB (6953 bytes)
Hash
cc467f5a6a7ec0c41a34f4400bfa8473
025aa3fbceba7087d07e152b822820a77fca7d37
72271585bdd425610dd93695a3150c3820ab3a26fb389cafe8ccc67ed8b8690e

HTTP Headers

GET /jnLQLD1x/footer-socmed-1.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dulliusimoveis.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 18:41:16 GMT
content-type: image/png
content-length: 6953
last-modified: Tue, 22 Mar 2022 04:48:19 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

dulliusimoveis.com.br/links/pubg-skin-V6/img/header/2.jpg

104.21.21.240

200 OK

131 kB

URL GET HTTP/3
dulliusimoveis.com.br/links/pubg-skin-V6/img/header/2.jpg
IP
104.21.21.240:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Certificate
IssuerLet's Encrypt
Subjectdulliusimoveis.com.br
Fingerprint01:68:D5:3B:D2:CF:2C:23:DB:A0:C5:87:E1:7C:13:14:78:15:3F:A9
ValidityWed, 11 Oct 2023 12:45:27 GMT - Tue, 09 Jan 2024 12:45:26 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=608, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1080], progressive, precision 8, 1080x608, components 3\012- data
Size
131 kB (131021 bytes)
Hash
d25de5484328f1c9cc729e4c9efaab00
6b6bb07b1dc0bdd3b368acc42ad7dd1524f88413
44d2740d330cc9502daebc85ebcfa794418e6a66e497963ae96e7c333a6ddf0e

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /links/pubg-skin-V6/img/header/2.jpg HTTP/1.1
Host: dulliusimoveis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 01 Dec 2023 18:41:16 GMT
content-type: image/jpeg
content-length: 131021
last-modified: Fri, 01 Dec 2023 18:37:24 GMT
etag: "656a27e4-1ffcd"
expires: Sun, 31 Dec 2023 18:41:16 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qRVP3gsnlatxwoQ849DaoL5EuHd8%2FzVGUcJ%2BX%2FBMiAfUbFwvK60J%2BB9mzdRXQ4bkfTfYQ4A%2FqQSZ5vnsaPLdwX6FnM5UYTMdYb%2FPt2A7pqPlz3qwN%2FM0cY2wTV%2FDUxMBb3csTijKUUo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ed769dab4556c6-OSL
alt-svc: h3=":443"; ma=86400

dulliusimoveis.com.br/links/pubg-skin-V6/img/header/3.jpg

104.21.21.240

200 OK

116 kB

URL GET HTTP/3
dulliusimoveis.com.br/links/pubg-skin-V6/img/header/3.jpg
IP
104.21.21.240:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Certificate
IssuerLet's Encrypt
Subjectdulliusimoveis.com.br
Fingerprint01:68:D5:3B:D2:CF:2C:23:DB:A0:C5:87:E1:7C:13:14:78:15:3F:A9
ValidityWed, 11 Oct 2023 12:45:27 GMT - Tue, 09 Jan 2024 12:45:26 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=608, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1080], progressive, precision 8, 1080x608, components 3\012- data
Size
116 kB (116175 bytes)
Hash
d194dd87b66cb4e28857438ea5281a1c
f4acf1660c3c2ead39fe99d75cf78e9455c9167d
9e9808354f10e70161d10e58a1e0886fd0cb2ce90eac0a807d724671c11c01ed

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /links/pubg-skin-V6/img/header/3.jpg HTTP/1.1
Host: dulliusimoveis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 01 Dec 2023 18:41:16 GMT
content-type: image/jpeg
content-length: 116175
last-modified: Fri, 01 Dec 2023 18:37:24 GMT
etag: "656a27e4-1c5cf"
expires: Sun, 31 Dec 2023 18:41:16 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DAROVIgnaB6txGkqq7DMl7S%2B7ydJ4d2AFODE4uwD7IxkyWPj1JDMRvwmOuw3BRsSQpcn2oXCjtoDsM5poDan53ygqQ07h1XB3gGTKqXWgMVmG%2B6qp3gCDmVE%2BOerDZb2EbWOJmW8i9g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ed769dbb5f56c6-OSL
alt-svc: h3=":443"; ma=86400

dulliusimoveis.com.br/links/pubg-skin-V6/img/reward/3.png

104.21.21.240

200 OK

70 kB

URL GET HTTP/3
dulliusimoveis.com.br/links/pubg-skin-V6/img/reward/3.png
IP
104.21.21.240:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Certificate
IssuerLet's Encrypt
Subjectdulliusimoveis.com.br
Fingerprint01:68:D5:3B:D2:CF:2C:23:DB:A0:C5:87:E1:7C:13:14:78:15:3F:A9
ValidityWed, 11 Oct 2023 12:45:27 GMT - Tue, 09 Jan 2024 12:45:26 GMT

File type
PNG image data, 618 x 618, 8-bit colormap, non-interlaced\012- data
Size
70 kB (70012 bytes)
Hash
4bd7d94a53accf7ca468ed090c3dbf60
cd277c8b15a57c08d7bb95107b03cdcc91f544a4
cc11b5cf955c4ddf97c724cde4ea907598a02ac48a48058a96d655c358ecf056

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /links/pubg-skin-V6/img/reward/3.png HTTP/1.1
Host: dulliusimoveis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 01 Dec 2023 18:41:16 GMT
content-type: image/png
content-length: 70012
last-modified: Fri, 01 Dec 2023 18:37:24 GMT
etag: "656a27e4-1117c"
expires: Sun, 31 Dec 2023 18:41:16 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nPkdoJ9meKuGAq%2BYElb9uhO0ajavnIUXq8mEIGWW%2FaKYLoTiL1JnvRs0WhNpeYHIX852yt18veZqP2dkvLm3X3xR39MQmESmaig4MRlEhDLebHo18PMnItIjBZkjyomuqPtOLZ%2FtlL4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ed769dbb6456c6-OSL
alt-svc: h3=":443"; ma=86400

dulliusimoveis.com.br/links/pubg-skin-V6/img/reward/4.png

104.21.21.240

200 OK

165 kB

URL GET HTTP/3
dulliusimoveis.com.br/links/pubg-skin-V6/img/reward/4.png
IP
104.21.21.240:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Certificate
IssuerLet's Encrypt
Subjectdulliusimoveis.com.br
Fingerprint01:68:D5:3B:D2:CF:2C:23:DB:A0:C5:87:E1:7C:13:14:78:15:3F:A9
ValidityWed, 11 Oct 2023 12:45:27 GMT - Tue, 09 Jan 2024 12:45:26 GMT

File type
PNG image data, 618 x 618, 8-bit/color RGBA, non-interlaced\012- data
Size
165 kB (165271 bytes)
Hash
b031760db8a8ab0828e5e9d38ef88842
19f26bdddb7909b94b4ba7fa2c7394fe70832a82
4d6b7dbcc31d4a35e288a0bcec25e9a0a72b23d0561fd6783161276de44deedd

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /links/pubg-skin-V6/img/reward/4.png HTTP/1.1
Host: dulliusimoveis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 01 Dec 2023 18:41:16 GMT
content-type: image/png
content-length: 165271
last-modified: Fri, 01 Dec 2023 18:37:24 GMT
etag: "656a27e4-28597"
expires: Sun, 31 Dec 2023 18:41:16 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SZ8rZV%2FKJAn9s0Rvcs8FUtn2vP7jzFPI8LGxcOq7nwNctPKwo2BKFdbFiugcIcESY6YpXBKjh4J%2Fg6dUGMd7O4epdtKTnNB2Nhz%2FyPURiku6ye4xXAvq5a2s020jbSASXZsewFvtPfA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ed769dbb6556c6-OSL
alt-svc: h3=":443"; ma=86400

i.postimg.cc/Thwcks3z/footer-socmed-2.png

162.19.88.68

200 OK

12 kB

URL GET HTTP/2
i.postimg.cc/Thwcks3z/footer-socmed-2.png
IP
162.19.88.68:443
ASN
#16276 OVH SAS

Requested by
https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Certificate
IssuerLet's Encrypt
Subjectpostimg.cc
FingerprintA5:BC:82:6C:AF:0C:87:E6:4B:2F:B4:1A:26:A9:BB:4B:55:67:EA:1F
ValidityTue, 24 Oct 2023 07:31:42 GMT - Mon, 22 Jan 2024 07:31:41 GMT

File type
PNG image data, 180 x 148, 8-bit/color RGBA, non-interlaced\012- data
Size
12 kB (11789 bytes)
Hash
0d76c6316716e7672112fa057d0da131
4a9f7f2d17431734575380c07d92564957f02c46
62dec982412037eb2b025b01c2438385b53354c2a6089ef9102529ddcb37d630

HTTP Headers

GET /Thwcks3z/footer-socmed-2.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dulliusimoveis.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 18:41:16 GMT
content-type: image/png
content-length: 11789
last-modified: Tue, 22 Mar 2022 04:48:19 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

dulliusimoveis.com.br/links/pubg-skin-V6/img/reward/2.png

104.21.21.240

200 OK

89 kB

URL GET HTTP/3
dulliusimoveis.com.br/links/pubg-skin-V6/img/reward/2.png
IP
104.21.21.240:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Certificate
IssuerLet's Encrypt
Subjectdulliusimoveis.com.br
Fingerprint01:68:D5:3B:D2:CF:2C:23:DB:A0:C5:87:E1:7C:13:14:78:15:3F:A9
ValidityWed, 11 Oct 2023 12:45:27 GMT - Tue, 09 Jan 2024 12:45:26 GMT

File type
PNG image data, 618 x 618, 8-bit colormap, non-interlaced\012- data
Size
89 kB (89413 bytes)
Hash
32352e425a480effa2a4919b3123d966
66807079dc86b060db5038bd171c7a366a2a82fa
8b205ddb03b04bc4c76deee9242dbbba1bd2c14ff17a9a7cb921ab33331e744c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /links/pubg-skin-V6/img/reward/2.png HTTP/1.1
Host: dulliusimoveis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 01 Dec 2023 18:41:16 GMT
content-type: image/png
content-length: 89413
last-modified: Fri, 01 Dec 2023 18:37:24 GMT
etag: "656a27e4-15d45"
expires: Sun, 31 Dec 2023 18:41:16 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BnNpY%2FjNCu%2BbkQFKpUdBZkPXe8sGKBNmWT3l1v4SNc59LKABy5eQnZpa8JW3SELJUicYlBBJp14Bf3ajiV6CE0EKLw2uRkmgIu%2F31fyELWt4EU80fTME%2Fw3F2LDQn4%2FmC%2Bd1yp38IOE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ed769dbb6256c6-OSL
alt-svc: h3=":443"; ma=86400

i.postimg.cc/bdB94RGs/footer-socmed-3.png

162.19.88.68

200 OK

8.0 kB

URL GET HTTP/2
i.postimg.cc/bdB94RGs/footer-socmed-3.png
IP
162.19.88.68:443
ASN
#16276 OVH SAS

Requested by
https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Certificate
IssuerLet's Encrypt
Subjectpostimg.cc
FingerprintA5:BC:82:6C:AF:0C:87:E6:4B:2F:B4:1A:26:A9:BB:4B:55:67:EA:1F
ValidityTue, 24 Oct 2023 07:31:42 GMT - Mon, 22 Jan 2024 07:31:41 GMT

File type
PNG image data, 180 x 128, 8-bit/color RGBA, non-interlaced\012- data
Size
8.0 kB (8004 bytes)
Hash
e9c30eff69db680e38d3e93aea870280
7958cc94ac08dde6f5ff38d4d220c376a66a697a
96e9a2cfe21342fb25fc23d598a500f1102b94f79478a8834df013bf95bc7007

HTTP Headers

GET /bdB94RGs/footer-socmed-3.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dulliusimoveis.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 18:41:16 GMT
content-type: image/png
content-length: 8004
last-modified: Tue, 22 Mar 2022 04:48:19 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

dulliusimoveis.com.br/links/pubg-skin-V6/img/reward/5.png

104.21.21.240

200 OK

172 kB

URL GET HTTP/3
dulliusimoveis.com.br/links/pubg-skin-V6/img/reward/5.png
IP
104.21.21.240:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Certificate
IssuerLet's Encrypt
Subjectdulliusimoveis.com.br
Fingerprint01:68:D5:3B:D2:CF:2C:23:DB:A0:C5:87:E1:7C:13:14:78:15:3F:A9
ValidityWed, 11 Oct 2023 12:45:27 GMT - Tue, 09 Jan 2024 12:45:26 GMT

File type
PNG image data, 618 x 618, 8-bit/color RGBA, non-interlaced\012- data
Size
172 kB (171690 bytes)
Hash
9debf03235d05071de42feca1a9a1158
c23a590ce5dc85e7d61e1adcf18d534374e09f3d
8fe13b21a29cfd85e597ca03a7eea7903809f8f8255e508e2ce38f06a6839267

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /links/pubg-skin-V6/img/reward/5.png HTTP/1.1
Host: dulliusimoveis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 01 Dec 2023 18:41:16 GMT
content-type: image/png
content-length: 171690
last-modified: Fri, 01 Dec 2023 18:37:24 GMT
etag: "656a27e4-29eaa"
expires: Sun, 31 Dec 2023 18:41:16 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ixeJplzH0lVNet%2BoZ9IeHjVEbMDnWEThO%2BgPkF9TjkzoS1XN5uMb4U2rGDhO%2FYxGtzyKalLyynSumByW3nqSrLZTqJ9sHst%2FxVGGGI20uQY1axgkXC3FPM3G6%2BYRbFanktN%2FItXPQQk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ed769dcb6c56c6-OSL
alt-svc: h3=":443"; ma=86400

dulliusimoveis.com.br/links/pubg-skin-V6/img/reward/6.png

104.21.21.240

200 OK

153 kB

URL GET HTTP/3
dulliusimoveis.com.br/links/pubg-skin-V6/img/reward/6.png
IP
104.21.21.240:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Certificate
IssuerLet's Encrypt
Subjectdulliusimoveis.com.br
Fingerprint01:68:D5:3B:D2:CF:2C:23:DB:A0:C5:87:E1:7C:13:14:78:15:3F:A9
ValidityWed, 11 Oct 2023 12:45:27 GMT - Tue, 09 Jan 2024 12:45:26 GMT

File type
PNG image data, 618 x 618, 8-bit/color RGBA, non-interlaced\012- data
Size
153 kB (152792 bytes)
Hash
ba58bb73973cdb470f316dc049c4a259
454f5c489a7c28c45918e739053c2b1e5b4428cf
0b2c8d9119a109b2de98b03355283ac8cf4fc5533bc95fea1fcaa0cfbcfcff1a

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /links/pubg-skin-V6/img/reward/6.png HTTP/1.1
Host: dulliusimoveis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 01 Dec 2023 18:41:16 GMT
content-type: image/png
content-length: 152792
last-modified: Fri, 01 Dec 2023 18:37:24 GMT
etag: "656a27e4-254d8"
expires: Sun, 31 Dec 2023 18:41:16 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=57Z%2F8Sc7%2BXZT6ThC2HvJR4AoLXF4%2Bq4kFq3JJh2sLANFgBzTt1IaDRJOTjt0jrTkN%2BsIqYZ26zQ4aKF2O2NeoNeXAuo4zO8q6tsolShfTabLvb2CwSfhdC78hFc5aHEpx1GkJf0euDY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ed769dcb6d56c6-OSL
alt-svc: h3=":443"; ma=86400

i.postimg.cc/YvcfCqz7/footer-socmed-4.png

162.19.88.68

200 OK

15 kB

URL GET HTTP/2
i.postimg.cc/YvcfCqz7/footer-socmed-4.png
IP
162.19.88.68:443
ASN
#16276 OVH SAS

Requested by
https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Certificate
IssuerLet's Encrypt
Subjectpostimg.cc
FingerprintA5:BC:82:6C:AF:0C:87:E6:4B:2F:B4:1A:26:A9:BB:4B:55:67:EA:1F
ValidityTue, 24 Oct 2023 07:31:42 GMT - Mon, 22 Jan 2024 07:31:41 GMT

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size
15 kB (14747 bytes)
Hash
396ddda13117ca63c10d66afc75b045f
a3e197f3f99566f72693c8ccbe722a2430dfe1dc
db2e36d4d529976cb7f6f07619bdb7c8918e9f35a705b7db99074c427b4f705e

HTTP Headers

GET /YvcfCqz7/footer-socmed-4.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dulliusimoveis.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 18:41:16 GMT
content-type: image/png
content-length: 14747
last-modified: Tue, 22 Mar 2022 04:48:19 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

i.postimg.cc/w7RQzsJF/footer-socmed-5.png

162.19.88.68

200 OK

9.8 kB

URL GET HTTP/2
i.postimg.cc/w7RQzsJF/footer-socmed-5.png
IP
162.19.88.68:443
ASN
#16276 OVH SAS

Requested by
https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Certificate
IssuerLet's Encrypt
Subjectpostimg.cc
FingerprintA5:BC:82:6C:AF:0C:87:E6:4B:2F:B4:1A:26:A9:BB:4B:55:67:EA:1F
ValidityTue, 24 Oct 2023 07:31:42 GMT - Mon, 22 Jan 2024 07:31:41 GMT

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size
9.8 kB (9840 bytes)
Hash
010d177128984148483764afcbe38b8a
a46bdb7a79807f57863ac5bdf51b769d1e8e97f0
22413a2dd1f4a4d55c29a714d5e81341264eda2dde1113562c48682de1770d91

HTTP Headers

GET /w7RQzsJF/footer-socmed-5.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dulliusimoveis.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 18:41:16 GMT
content-type: image/png
content-length: 9840
last-modified: Tue, 22 Mar 2022 04:48:19 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

dulliusimoveis.com.br/links/pubg-skin-V6/img/reward/7.png

104.21.21.240

200 OK

204 kB

URL GET HTTP/3
dulliusimoveis.com.br/links/pubg-skin-V6/img/reward/7.png
IP
104.21.21.240:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Certificate
IssuerLet's Encrypt
Subjectdulliusimoveis.com.br
Fingerprint01:68:D5:3B:D2:CF:2C:23:DB:A0:C5:87:E1:7C:13:14:78:15:3F:A9
ValidityWed, 11 Oct 2023 12:45:27 GMT - Tue, 09 Jan 2024 12:45:26 GMT

File type
PNG image data, 618 x 618, 8-bit/color RGBA, non-interlaced\012- data
Size
204 kB (204102 bytes)
Hash
6029a41434d431875dfabbce5e46fabe
dc6c7a5515d3e592a373802bb093f9fea55c4073
16d5c358b753498f7657b59945d736bf2472326f59e43406e83066bafe3aae33

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /links/pubg-skin-V6/img/reward/7.png HTTP/1.1
Host: dulliusimoveis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 01 Dec 2023 18:41:16 GMT
content-type: image/png
content-length: 204102
last-modified: Fri, 01 Dec 2023 18:37:24 GMT
etag: "656a27e4-31d46"
expires: Sun, 31 Dec 2023 18:41:16 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r1EfbqqI%2FgA%2FGFyio%2F72f5meTa6XyRVTZ2FmnK8iakUOxrDGVogZpMXNrSogo7H7dieHJyjNkBLZ4wR6U8KtZpqKQIX5le6JJEL5yPSL1aO7ikR6inu3zYr4CmregDlVc23GOd99goE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ed769dcb7756c6-OSL
alt-svc: h3=":443"; ma=86400

dulliusimoveis.com.br/links/pubg-skin-V6/img/reward/8.png

104.21.21.240

200 OK

204 kB

URL GET HTTP/3
dulliusimoveis.com.br/links/pubg-skin-V6/img/reward/8.png
IP
104.21.21.240:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Certificate
IssuerLet's Encrypt
Subjectdulliusimoveis.com.br
Fingerprint01:68:D5:3B:D2:CF:2C:23:DB:A0:C5:87:E1:7C:13:14:78:15:3F:A9
ValidityWed, 11 Oct 2023 12:45:27 GMT - Tue, 09 Jan 2024 12:45:26 GMT

File type
PNG image data, 618 x 618, 8-bit/color RGBA, non-interlaced\012- data
Size
204 kB (204045 bytes)
Hash
c44e337405fb6f833a73c12c1a811f62
23eb5af47afda43e5fbf1f6fc8ef6634abc4e0c9
af2c35b6615eb365dd59a40b19dafaac46beaff5f386cf227cb8ca6dfa10f25c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /links/pubg-skin-V6/img/reward/8.png HTTP/1.1
Host: dulliusimoveis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 01 Dec 2023 18:41:16 GMT
content-type: image/png
content-length: 204045
last-modified: Fri, 01 Dec 2023 18:37:24 GMT
etag: "656a27e4-31d0d"
expires: Sun, 31 Dec 2023 18:41:16 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HJMfLocdB1aagukQ1B%2FXe0XbAxw6obpjd2X%2FFyXnDvhVko3gWkkhn5AORG5Ti1HypsSrJMLpwOZG32hmthmrGEr4JKBSjGUqw9Dp9TIm6TitwdHW96sbuxllTMDNHWlRRNGk8dtZWBs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ed769dcb7b56c6-OSL
alt-svc: h3=":443"; ma=86400

i.postimg.cc/Sxyy8Kzz/footer-socmed-6.png

162.19.88.68

200 OK

4.3 kB

URL GET HTTP/2
i.postimg.cc/Sxyy8Kzz/footer-socmed-6.png
IP
162.19.88.68:443
ASN
#16276 OVH SAS

Requested by
https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Certificate
IssuerLet's Encrypt
Subjectpostimg.cc
FingerprintA5:BC:82:6C:AF:0C:87:E6:4B:2F:B4:1A:26:A9:BB:4B:55:67:EA:1F
ValidityTue, 24 Oct 2023 07:31:42 GMT - Mon, 22 Jan 2024 07:31:41 GMT

File type
PNG image data, 184 x 140, 8-bit/color RGBA, non-interlaced\012- data
Size
4.3 kB (4316 bytes)
Hash
27eb10858d473bfd39cca3251fe35a26
f472c341ec3696a0c7bb85799495995ff72f941f
e0e93e88b46229223de82294608854d6578f0ade6f696b31f830cda37aae9b0e

HTTP Headers

GET /Sxyy8Kzz/footer-socmed-6.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dulliusimoveis.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 18:41:16 GMT
content-type: image/png
content-length: 4316
last-modified: Wed, 13 Apr 2022 13:57:35 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

dulliusimoveis.com.br/links/pubg-skin-V6/img/reward/9.png

104.21.21.240

200 OK

204 kB

URL GET HTTP/3
dulliusimoveis.com.br/links/pubg-skin-V6/img/reward/9.png
IP
104.21.21.240:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Certificate
IssuerLet's Encrypt
Subjectdulliusimoveis.com.br
Fingerprint01:68:D5:3B:D2:CF:2C:23:DB:A0:C5:87:E1:7C:13:14:78:15:3F:A9
ValidityWed, 11 Oct 2023 12:45:27 GMT - Tue, 09 Jan 2024 12:45:26 GMT

File type
PNG image data, 618 x 618, 8-bit/color RGBA, non-interlaced\012- data
Size
204 kB (204016 bytes)
Hash
8a32b123fe330a37c17e5a19dfedee4f
00e3b6db97e54897b177cf3150773e78427d5919
57dd43d6286b6ff7ce6631a209ccf8593b9739691f60548ca9ea9146469a6b5d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /links/pubg-skin-V6/img/reward/9.png HTTP/1.1
Host: dulliusimoveis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 01 Dec 2023 18:41:16 GMT
content-type: image/png
content-length: 204016
last-modified: Fri, 01 Dec 2023 18:37:24 GMT
etag: "656a27e4-31cf0"
expires: Sun, 31 Dec 2023 18:41:16 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oYn%2FC%2FT1nMv6CyarMODyEuFlfKQFL%2BCn7TJ2nIgr%2B%2FkHT%2BOqA1MkHdesbNor8Vysq3Fs8iU%2BmDozfMHBa5w%2Fa6h%2FOtBAneO0zqkGgzr7Aw4iUDmkf%2BvOrNSfCuPJFHUGQRAR3VS36i0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ed769dcb7d56c6-OSL
alt-svc: h3=":443"; ma=86400

dulliusimoveis.com.br/links/pubg-skin-V6/img/priv_laz.png

104.21.21.240

200 OK

16 kB

URL GET HTTP/3
dulliusimoveis.com.br/links/pubg-skin-V6/img/priv_laz.png
IP
104.21.21.240:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Certificate
IssuerLet's Encrypt
Subjectdulliusimoveis.com.br
Fingerprint01:68:D5:3B:D2:CF:2C:23:DB:A0:C5:87:E1:7C:13:14:78:15:3F:A9
ValidityWed, 11 Oct 2023 12:45:27 GMT - Tue, 09 Jan 2024 12:45:26 GMT

File type
PNG image data, 1280 x 54, 8-bit colormap, non-interlaced\012- data
Size
16 kB (15910 bytes)
Hash
557dfbdc68ce9e69b419fb6b0ba9c8ef
e39536f96647ef45e7f09cbbb230307ec2a46cc6
af3402159a3d2f80ac6b81cd8e6705e832c25ae031eb99410067a853b505a95f

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /links/pubg-skin-V6/img/priv_laz.png HTTP/1.1
Host: dulliusimoveis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 01 Dec 2023 18:41:16 GMT
content-type: image/png
content-length: 15910
last-modified: Fri, 01 Dec 2023 18:37:24 GMT
etag: "656a27e4-3e26"
expires: Sun, 31 Dec 2023 18:41:16 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VDdvToNt6uwYBT8I2LOh02A3rWr1AJbHXbX3%2BDXbzrkgoytzIPI39xPD3tMWPeoOyOMIIW5bXfpgvBL1kDoyP%2BKP0Iaf%2FJP9pI%2BoBUNG%2BONLp1ANg78Ma0nMVwEp7sWTU8Gach0NN%2Bk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ed769dfba356c6-OSL
alt-svc: h3=":443"; ma=86400

dulliusimoveis.com.br/links/pubg-skin-V6/img/style-img/facebook-text.png

104.21.21.240

200 OK

29 kB

URL GET HTTP/3
dulliusimoveis.com.br/links/pubg-skin-V6/img/style-img/facebook-text.png
IP
104.21.21.240:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Certificate
IssuerLet's Encrypt
Subjectdulliusimoveis.com.br
Fingerprint01:68:D5:3B:D2:CF:2C:23:DB:A0:C5:87:E1:7C:13:14:78:15:3F:A9
ValidityWed, 11 Oct 2023 12:45:27 GMT - Tue, 09 Jan 2024 12:45:26 GMT

File type
PNG image data, 604 x 158, 8-bit/color RGBA, non-interlaced\012- data
Size
29 kB (28789 bytes)
Hash
74190b93fc4f5d88f0c8e6411ba20bd8
89ce2ecb660a90b8e6ed1b335443d7767c59f28a
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /links/pubg-skin-V6/img/style-img/facebook-text.png HTTP/1.1
Host: dulliusimoveis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 01 Dec 2023 18:41:16 GMT
content-type: image/png
content-length: 28789
last-modified: Fri, 01 Dec 2023 18:37:24 GMT
etag: "656a27e4-7075"
expires: Sun, 31 Dec 2023 18:41:16 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TpYTaawcWuMpN1p7jiWvyhpGp%2FSc%2BkhnmmW9dbU2LrLMqh%2BxszNyDKDJEK9cgX1ExBj6ViJU1%2FHhagN%2BvFGh9dPkS8M2LfJlc%2B74tQ3OwziP5Yv7ciZUsah5ceLfP6hJzABCMrlpS98%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ed769e0bc156c6-OSL
alt-svc: h3=":443"; ma=86400

dulliusimoveis.com.br/links/pubg-skin-V6/img/style-img/icon_2.jpg

104.21.21.240

200 OK

41 kB

URL GET HTTP/3
dulliusimoveis.com.br/links/pubg-skin-V6/img/style-img/icon_2.jpg
IP
104.21.21.240:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Certificate
IssuerLet's Encrypt
Subjectdulliusimoveis.com.br
Fingerprint01:68:D5:3B:D2:CF:2C:23:DB:A0:C5:87:E1:7C:13:14:78:15:3F:A9
ValidityWed, 11 Oct 2023 12:45:27 GMT - Tue, 09 Jan 2024 12:45:26 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 554x554, components 3\012- data
Size
41 kB (40886 bytes)
Hash
f0b018f259fb74e0c2f78a3d4c98415c
9649ffd5ed2a9a824d55742817f9a43a25b6cbfc
36859bb2b92fde6387245ea088792aa146699f8a46f3f798dd379ae5b0c9418a

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /links/pubg-skin-V6/img/style-img/icon_2.jpg HTTP/1.1
Host: dulliusimoveis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 01 Dec 2023 18:41:16 GMT
content-type: image/jpeg
content-length: 40886
last-modified: Fri, 01 Dec 2023 18:37:24 GMT
etag: "656a27e4-9fb6"
expires: Sun, 31 Dec 2023 18:41:16 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kGmOFh18EtY%2Ba7mXUMTuvZsgLcVa95EpFnePjw24f9LlzQyiirHqc4Ugr6dhAS5XE351w4695ko%2FGes8Hlm5D889zTl6QkNdSLDPBuQ5j0Kio%2B76gvFHAoQDdKvmfA9TZXkFqxloFOA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ed769e0bc456c6-OSL
alt-svc: h3=":443"; ma=86400

www.pubgmobile.com/act/a20180515iggamepc/logo.png

95.101.11.144

200 OK

6.1 kB

URL GET HTTP/2
www.pubgmobile.com/act/a20180515iggamepc/logo.png
IP
95.101.11.144:443
ASN
#20940 Akamai International B.V.

Requested by
https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Certificate
IssuerDigiCert Inc
Subjectwetv.acc.qq.com
Fingerprint5C:D9:77:1B:16:32:99:FE:C5:2E:BD:E3:86:D8:71:22:B0:1B:6A:3F
ValidityMon, 30 Oct 2023 00:00:00 GMT - Wed, 30 Oct 2024 23:59:59 GMT

File type
ISO Media, AVIF Image\012- data
Size
6.1 kB (6055 bytes)
Hash
a74329a2054a9e096a43ba8742dd9523
4ccac3041bf854721b91dcb45286b8488dd9f072
cde9945e91f0e51058869d687cd24c8f58804f25623999f1291c71b3697093b6

HTTP Headers

GET /act/a20180515iggamepc/logo.png HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dulliusimoveis.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
etag: "5ff6baa2-3bf2"
last-modified: Mon, 08 May 2023 08:25:46 GMT
server: Akamai Image Manager
x-serial: 910
x-check-cacheable: YES
content-length: 6055
content-type: image/avif
cache-control: private, no-transform, max-age=43200
expires: Sat, 02 Dec 2023 06:41:16 GMT
date: Fri, 01 Dec 2023 18:41:16 GMT
X-Firefox-Spdy: h2

www.pubgmobile.com/en/images/nav_shop.svg

95.101.11.144

200 OK

526 B

URL GET HTTP/2
www.pubgmobile.com/en/images/nav_shop.svg
IP
95.101.11.144:443
ASN
#20940 Akamai International B.V.

Requested by
https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Certificate
IssuerDigiCert Inc
Subjectwetv.acc.qq.com
Fingerprint5C:D9:77:1B:16:32:99:FE:C5:2E:BD:E3:86:D8:71:22:B0:1B:6A:3F
ValidityMon, 30 Oct 2023 00:00:00 GMT - Wed, 30 Oct 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (985), with no line terminators
Size
526 B (526 bytes)
Hash
061f8e3121c0e545cb6277cbdba661e0
680a6ef2b0b5b9ae376ad927055e93e1efca2389
bad9e2db663bbdb4f80bdcb6ea144d69502f9d58bf6fcf19f17e365ffea0220f

HTTP Headers

GET /en/images/nav_shop.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dulliusimoveis.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:18 GMT
etag: "62387c82-3e1"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 526
date: Fri, 01 Dec 2023 18:41:17 GMT
X-Firefox-Spdy: h2

www.pubgmobile.com/en/images/nav_menu.svg

95.101.11.144

200 OK

426 B

URL GET HTTP/2
www.pubgmobile.com/en/images/nav_menu.svg
IP
95.101.11.144:443
ASN
#20940 Akamai International B.V.

Requested by
https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Certificate
IssuerDigiCert Inc
Subjectwetv.acc.qq.com
Fingerprint5C:D9:77:1B:16:32:99:FE:C5:2E:BD:E3:86:D8:71:22:B0:1B:6A:3F
ValidityMon, 30 Oct 2023 00:00:00 GMT - Wed, 30 Oct 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (876), with no line terminators
Size
426 B (426 bytes)
Hash
a1f09c4f5c87271dbccf8cb05885ad42
18bbacc9c372dcb6bc77c2475595e058c1ad1594
b0d849e0e910d13bcdab1e94f5c799dda1a9429c908e18069f9dc7f7d551d58a

HTTP Headers

GET /en/images/nav_menu.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dulliusimoveis.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:18 GMT
etag: "62387c82-374"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 426
date: Fri, 01 Dec 2023 18:41:17 GMT
X-Firefox-Spdy: h2

www.pubgmobile.com/en/images/nav_download.svg

95.101.11.144

200 OK

485 B

URL GET HTTP/2
www.pubgmobile.com/en/images/nav_download.svg
IP
95.101.11.144:443
ASN
#20940 Akamai International B.V.

Requested by
https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Certificate
IssuerDigiCert Inc
Subjectwetv.acc.qq.com
Fingerprint5C:D9:77:1B:16:32:99:FE:C5:2E:BD:E3:86:D8:71:22:B0:1B:6A:3F
ValidityMon, 30 Oct 2023 00:00:00 GMT - Wed, 30 Oct 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (999), with no line terminators
Size
485 B (485 bytes)
Hash
41c1c00e6070b60d70177ae11625bb86
7f01626c76ce129247860802fd2355f2878fe8dd
0b22f25d8b7421c4c4aec15a9a4781f873545a5732ac128871da40f38c98f4cf

HTTP Headers

GET /en/images/nav_download.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dulliusimoveis.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:17 GMT
etag: "62387c81-3ef"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 485
date: Fri, 01 Dec 2023 18:41:17 GMT
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js

142.250.74.74

200 OK

30 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (65447)
Size
30 kB (30433 bytes)
Hash
e6c2415c0ace414e5153670314ce99a9
5a9eeac34d86e92e5660e0f4f87204f1ed0c8ff6
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8

HTTP Headers

GET /ajax/libs/jquery/3.7.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dulliusimoveis.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30433
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 14:06:44 GMT
expires: Thu, 28 Nov 2024 14:06:44 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 189273
last-modified: Wed, 17 May 2023 18:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.pubgmobile.com/en/images/footer_link_bg.png

95.101.11.144

200 OK

1.6 kB

URL GET HTTP/2
www.pubgmobile.com/en/images/footer_link_bg.png
IP
95.101.11.144:443
ASN
#20940 Akamai International B.V.

Requested by
https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Certificate
IssuerDigiCert Inc
Subjectwetv.acc.qq.com
Fingerprint5C:D9:77:1B:16:32:99:FE:C5:2E:BD:E3:86:D8:71:22:B0:1B:6A:3F
ValidityMon, 30 Oct 2023 00:00:00 GMT - Wed, 30 Oct 2024 23:59:59 GMT

File type
PNG image data, 560 x 127, 8-bit/color RGBA, non-interlaced\012- data
Size
1.6 kB (1630 bytes)
Hash
92ae645b6114492e8c1c5464d949466a
1d27f2644c0f5e899e9478c78136a9bc94131150
f1bd509f6032d31635a91d57de9428b83929221b854768c38c8f1643877a9417

HTTP Headers

GET /en/images/footer_link_bg.png HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dulliusimoveis.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: image/png
content-length: 1630
last-modified: Mon, 21 Mar 2022 13:24:17 GMT
etag: "62387c81-65e"
accept-ranges: bytes
cache-control: max-age=72
expires: Fri, 01 Dec 2023 18:42:29 GMT
date: Fri, 01 Dec 2023 18:41:17 GMT
X-Firefox-Spdy: h2

i.postimg.cc/02KwtTc7/footer-bg.jpg

162.19.88.68

200 OK

12 kB

URL GET HTTP/2
i.postimg.cc/02KwtTc7/footer-bg.jpg
IP
162.19.88.68:443
ASN
#16276 OVH SAS

Requested by
https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Certificate
IssuerLet's Encrypt
Subjectpostimg.cc
FingerprintA5:BC:82:6C:AF:0C:87:E6:4B:2F:B4:1A:26:A9:BB:4B:55:67:EA:1F
ValidityTue, 24 Oct 2023 07:31:42 GMT - Mon, 22 Jan 2024 07:31:41 GMT

File type
JPEG image data, progressive, precision 8, 579x800, components 3\012- data
Size
12 kB (11651 bytes)
Hash
27b8ceba13cb26a4ac6951cecdd4a5d3
accbec4f1b6038f0bcd2032da80c2ee342033d2e
d1740f2a847c3b67a1071442fe2af27298bca56ab267e90ea8aec3d4e9b9552f

HTTP Headers

GET /02KwtTc7/footer-bg.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dulliusimoveis.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 18:41:17 GMT
content-type: image/jpeg
content-length: 11651
last-modified: Wed, 23 Mar 2022 19:15:53 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

dulliusimoveis.com.br/links/pubg-skin-V6/img/bg.png

104.21.21.240

200 OK

4.6 kB

URL GET HTTP/3
dulliusimoveis.com.br/links/pubg-skin-V6/img/bg.png
IP
104.21.21.240:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Certificate
IssuerLet's Encrypt
Subjectdulliusimoveis.com.br
Fingerprint01:68:D5:3B:D2:CF:2C:23:DB:A0:C5:87:E1:7C:13:14:78:15:3F:A9
ValidityWed, 11 Oct 2023 12:45:27 GMT - Tue, 09 Jan 2024 12:45:26 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x885, components 3\012- data
Size
4.6 kB (4633 bytes)
Hash
b38e2517460997c277a6950395c6bac0
4a96411710624aee6c06c5024fa3ed486b5d99d3
eee9ddcfdef0f4dcfe61dff2400e3782258e4a0323f22674cd6b0a03a9348947

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /links/pubg-skin-V6/img/bg.png HTTP/1.1
Host: dulliusimoveis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dulliusimoveis.com.br/links/pubg-skin-V6/css/lazaruz.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 01 Dec 2023 18:41:17 GMT
content-type: image/png
content-length: 4633
last-modified: Fri, 01 Dec 2023 18:37:24 GMT
etag: "656a27e4-1219"
expires: Sun, 31 Dec 2023 18:41:17 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SAxDzFaOyLNRElDG%2F1HnOWNT7aozI0MvoVhPV%2F90rfnUvjHB6Eb2ikGzalq%2BEf6%2FRfyBYoRBdAI3Au4iwrz%2FybTUmYxH6m%2FEUeLTT62WAdg1fHZ0ox1se5p%2BCr55R0WpvGs39%2Fco8RI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ed76a4fe0356c6-OSL
alt-svc: h3=":443"; ma=86400

cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/fonts/Material-Design-Iconic-Font.woff2?v=2.2.0

104.17.25.14

200 OK

38 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/fonts/Material-Design-Iconic-Font.woff2?v=2.2.0
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 38384, version 1.0\012- data
Size
38 kB (38384 bytes)
Hash
a4d31128b633bc0b1cc1f18a34fb3851
6ee4c79372c3fd679706306ede47e4b03cf53d60
e8eea96e29a7c0a72612ab85ca3229979666467a28349642c2176e7189a1a39c

HTTP Headers

GET /ajax/libs/material-design-iconic-font/2.2.0/fonts/Material-Design-Iconic-Font.woff2?v=2.2.0 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dulliusimoveis.com.br
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 01 Dec 2023 18:41:17 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 38384
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5eb03ed9-95f0"
last-modified: Mon, 04 May 2020 16:12:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 822159
expires: Wed, 20 Nov 2024 18:41:17 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=prxWqbqKMqw%2FuJKIcr1xiyn0SpSMB0TW5tMzIPxcAkgFwkKbnXGQSASL2sXVBwq%2B481i6y9B4t6gAWmjryDfcri95cKGP62EyIJCKo%2Fvz%2Fxrd3KSZx8JjYfCzCz5UA6TzNsKTqlZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 82ed76a528e7b4f3-OSL
alt-svc: h3=":443"; ma=86400

dulliusimoveis.com.br/links/pubg-skin-V6/img/container.jpg

104.21.21.240

200 OK

4.6 kB

URL GET HTTP/3
dulliusimoveis.com.br/links/pubg-skin-V6/img/container.jpg
IP
104.21.21.240:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Certificate
IssuerLet's Encrypt
Subjectdulliusimoveis.com.br
Fingerprint01:68:D5:3B:D2:CF:2C:23:DB:A0:C5:87:E1:7C:13:14:78:15:3F:A9
ValidityWed, 11 Oct 2023 12:45:27 GMT - Tue, 09 Jan 2024 12:45:26 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x885, components 3\012- data
Size
4.6 kB (4633 bytes)
Hash
b38e2517460997c277a6950395c6bac0
4a96411710624aee6c06c5024fa3ed486b5d99d3
eee9ddcfdef0f4dcfe61dff2400e3782258e4a0323f22674cd6b0a03a9348947

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /links/pubg-skin-V6/img/container.jpg HTTP/1.1
Host: dulliusimoveis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dulliusimoveis.com.br/links/pubg-skin-V6/css/lazaruz.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 01 Dec 2023 18:41:17 GMT
content-type: image/jpeg
content-length: 4633
last-modified: Fri, 01 Dec 2023 18:37:24 GMT
etag: "656a27e4-1219"
expires: Sun, 31 Dec 2023 18:41:17 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FW%2FyYcIUfu7ApsJCimH4jWlBbil8OBE5hnmfouEUueMatEt57CG%2Fc%2BDeu8ux3ba4AZccg7swEc4FPb9OONVQ50Ks4govE21bBinIr7qsB7D4MbOXVsdGR2P3APxpbAuyvhR%2BuXYoeMg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ed76a4fdff56c6-OSL
alt-svc: h3=":443"; ma=86400

dulliusimoveis.com.br/links/pubg-skin-V6/img/event-notification.png

104.21.21.240

200 OK

14 kB

URL GET HTTP/3
dulliusimoveis.com.br/links/pubg-skin-V6/img/event-notification.png
IP
104.21.21.240:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Certificate
IssuerLet's Encrypt
Subjectdulliusimoveis.com.br
Fingerprint01:68:D5:3B:D2:CF:2C:23:DB:A0:C5:87:E1:7C:13:14:78:15:3F:A9
ValidityWed, 11 Oct 2023 12:45:27 GMT - Tue, 09 Jan 2024 12:45:26 GMT

File type
PNG image data, 750 x 129, 8-bit colormap, non-interlaced\012- data
Size
14 kB (14162 bytes)
Hash
7f3e573bc0f0353f0e1b422bfdcac4ce
3abbd5c15c99fad3634eb95363fe7d4a2cac6dc7
fa3843664ab03410d2edda0f611de17d4e130b072532957eda65a2f7a6100710

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /links/pubg-skin-V6/img/event-notification.png HTTP/1.1
Host: dulliusimoveis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dulliusimoveis.com.br/links/pubg-skin-V6/css/lazaruz.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 01 Dec 2023 18:41:17 GMT
content-type: image/png
content-length: 14162
last-modified: Fri, 01 Dec 2023 18:37:24 GMT
etag: "656a27e4-3752"
expires: Sun, 31 Dec 2023 18:41:17 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hgmUoTnHz1skgABA0LuYMSL3BWIIL%2Fj3mwWRp4%2F55rYVaxBo%2F%2F%2F9nF94LWBvU74D0iBk8EbS5QGyLrE9fYI3L1oMwK17ThOgGdok4y3Yy%2FayF1RYmENhsUZroloPdSvEHicxU17Ools%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ed76a50e0c56c6-OSL
alt-svc: h3=":443"; ma=86400

dulliusimoveis.com.br/links/pubg-skin-V6/img/event-title.png

104.21.21.240

200 OK

28 kB

URL GET HTTP/3
dulliusimoveis.com.br/links/pubg-skin-V6/img/event-title.png
IP
104.21.21.240:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Certificate
IssuerLet's Encrypt
Subjectdulliusimoveis.com.br
Fingerprint01:68:D5:3B:D2:CF:2C:23:DB:A0:C5:87:E1:7C:13:14:78:15:3F:A9
ValidityWed, 11 Oct 2023 12:45:27 GMT - Tue, 09 Jan 2024 12:45:26 GMT

File type
PNG image data, 1135 x 306, 8-bit colormap, non-interlaced\012- data
Size
28 kB (28213 bytes)
Hash
e021639e47c88ec4fe7ab3b9bb45df24
18305d85dbeed2ab58dbeaf945e4f378536ce21d
3a905c4a621e3563958980cebd9d9f6694ab38f597319aafb4ae68d382c09dce

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /links/pubg-skin-V6/img/event-title.png HTTP/1.1
Host: dulliusimoveis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dulliusimoveis.com.br/links/pubg-skin-V6/css/lazaruz.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 01 Dec 2023 18:41:17 GMT
content-type: image/png
content-length: 28213
last-modified: Fri, 01 Dec 2023 18:37:24 GMT
etag: "656a27e4-6e35"
expires: Sun, 31 Dec 2023 18:41:17 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BsPetUW981ZoCG1%2B5KbKhZVprJFexZQPp%2F%2FvRNSRy5kto7UHEUNf7cFM0ULcziv6bU1elePTD5e%2B%2BUYXMFvXA1CU3PJlStvWqEkxBa%2BU92yvINhRAQW60H%2FjbS0lSd5RAEMZKT1l9gk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ed76a4fe0b56c6-OSL
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/teko/v20/LYjNdG7kmE0gfaN9pQlEpVsHVQ.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/teko/v20/LYjNdG7kmE0gfaN9pQlEpVsHVQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 14964, version 1.0\012- data
Size
15 kB (14964 bytes)
Hash
d6d554615ae9902f2173476e77d079fa
b5064acc8ba1c63153bfab733b915092e2b62cb6
4a0ce7a531a41b6fb56b8027541951ffe1ad67ab9e49a12ee4816247178d5bca

HTTP Headers

GET /s/teko/v20/LYjNdG7kmE0gfaN9pQlEpVsHVQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dulliusimoveis.com.br
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14964
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 18:32:51 GMT
expires: Thu, 28 Nov 2024 18:32:51 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 24 Aug 2023 21:55:07 GMT
content-type: font/woff2
age: 173306
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/teko/v20/LYjNdG7kmE0gfaN9pQlEpVsHVQ.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/teko/v20/LYjNdG7kmE0gfaN9pQlEpVsHVQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 14964, version 1.0\012- data
Size
15 kB (14964 bytes)
Hash
d6d554615ae9902f2173476e77d079fa
b5064acc8ba1c63153bfab733b915092e2b62cb6
4a0ce7a531a41b6fb56b8027541951ffe1ad67ab9e49a12ee4816247178d5bca

HTTP Headers

GET /s/teko/v20/LYjNdG7kmE0gfaN9pQlEpVsHVQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dulliusimoveis.com.br
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14964
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 18:32:51 GMT
expires: Thu, 28 Nov 2024 18:32:51 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 24 Aug 2023 21:55:07 GMT
content-type: font/woff2
age: 173306
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

i.ibb.co/PYpHF6b/Twitter-Show-Password.png

162.19.58.160

200 OK

28 kB

URL GET HTTP/2
i.ibb.co/PYpHF6b/Twitter-Show-Password.png
IP
162.19.58.160:443
ASN
#16276 OVH SAS

Requested by
https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Certificate
IssuerLet's Encrypt
Subjectibb.co
FingerprintCC:72:96:95:90:7F:15:8E:AC:C5:40:3A:D2:6F:83:A3:DF:5E:72:56
ValidityMon, 09 Oct 2023 14:39:49 GMT - Sun, 07 Jan 2024 14:39:48 GMT

File type
PNG image data, 656 x 656, 8-bit/color RGBA, non-interlaced\012- data
Size
28 kB (28355 bytes)
Hash
2fd203703821d5ce5d18bee2a51b779a
a78d7b1369ce8bc34de57909af142043cae446f0
6b82611fa96f118128b0db9692dd982ca0fe79b1b4d8048946880600cc4f97c8

HTTP Headers

GET /PYpHF6b/Twitter-Show-Password.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dulliusimoveis.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 18:41:17 GMT
content-type: image/png
content-length: 28355
last-modified: Tue, 17 Jan 2023 04:04:57 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

dulliusimoveis.com.br/links/pubg-skin-V6/img/oke.png

104.21.21.240

200 OK

497 kB

URL GET HTTP/3
dulliusimoveis.com.br/links/pubg-skin-V6/img/oke.png
IP
104.21.21.240:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Certificate
IssuerLet's Encrypt
Subjectdulliusimoveis.com.br
Fingerprint01:68:D5:3B:D2:CF:2C:23:DB:A0:C5:87:E1:7C:13:14:78:15:3F:A9
ValidityWed, 11 Oct 2023 12:45:27 GMT - Tue, 09 Jan 2024 12:45:26 GMT

File type
PNG image data, 1500 x 441, 8-bit/color RGBA, non-interlaced\012- data
Size
497 kB (497124 bytes)
Hash
b27b3ca97e9ff7459fd9adfcc4614a55
688417e395ead5034ecd2568ef6a015a4cac4186
a77d25b3926fa43b27e8f08806d31306b475928beea0c87fa62400cd6727de9d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /links/pubg-skin-V6/img/oke.png HTTP/1.1
Host: dulliusimoveis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dulliusimoveis.com.br/links/pubg-skin-V6/css/lazaruz.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 01 Dec 2023 18:41:17 GMT
content-type: image/png
content-length: 497124
last-modified: Fri, 01 Dec 2023 18:37:24 GMT
etag: "656a27e4-795e4"
expires: Sun, 31 Dec 2023 18:41:17 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fvJM6DSYZNGpzfilNAS8JjlyWVXbsTGNpzgRcHo6511jwAQvbCtcKORDR5Z%2ByXuZZ344WowXy3TWBPV8zUaxLxKXM1Q6IpGOJPHrViCqeInvnOl2PEcvFh9FQYc%2Fyh80SoqVk7oeUBU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ed76a50e1456c6-OSL
alt-svc: h3=":443"; ma=86400

dulliusimoveis.com.br/links/pubg-skin-V6/img/lazabox.png

104.21.21.240

200 OK

160 kB

URL GET HTTP/3
dulliusimoveis.com.br/links/pubg-skin-V6/img/lazabox.png
IP
104.21.21.240:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Certificate
IssuerLet's Encrypt
Subjectdulliusimoveis.com.br
Fingerprint01:68:D5:3B:D2:CF:2C:23:DB:A0:C5:87:E1:7C:13:14:78:15:3F:A9
ValidityWed, 11 Oct 2023 12:45:27 GMT - Tue, 09 Jan 2024 12:45:26 GMT

File type
PNG image data, 640 x 858, 8-bit colormap, non-interlaced\012- data
Size
160 kB (159650 bytes)
Hash
24fc7c72be98d6c244b0b137fab9ee7c
e823e88554a5f3641b55974ec585ec5d69169438
8d997a79bfcbc1d22779a8bd379286d8a9094fd0394a07ead6e067d166a0c7ac

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /links/pubg-skin-V6/img/lazabox.png HTTP/1.1
Host: dulliusimoveis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dulliusimoveis.com.br/links/pubg-skin-V6/css/lazaruz.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 01 Dec 2023 18:41:17 GMT
content-type: image/png
content-length: 159650
last-modified: Fri, 01 Dec 2023 18:37:24 GMT
etag: "656a27e4-26fa2"
expires: Sun, 31 Dec 2023 18:41:17 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xUtiS4e7YInjJo9OQ9QvSOUHjApzaCW2gGXc2doF1wo0LFOUgjeinfR4y3ZzjIajLv13mpLY0mD2ZkNLcMIfLPbLYlaLVTmIoZwBDAAKCOEw3snWJifZpth82j4IN7g51efzJ94V%2FT0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ed76a4fe0856c6-OSL
alt-svc: h3=":443"; ma=86400

www.pubgmobile.com/en/images/nav_language.svg

95.101.11.144

200 OK

675 B

URL GET HTTP/2
www.pubgmobile.com/en/images/nav_language.svg
IP
95.101.11.144:443
ASN
#20940 Akamai International B.V.

Requested by
https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Certificate
IssuerDigiCert Inc
Subjectwetv.acc.qq.com
Fingerprint5C:D9:77:1B:16:32:99:FE:C5:2E:BD:E3:86:D8:71:22:B0:1B:6A:3F
ValidityMon, 30 Oct 2023 00:00:00 GMT - Wed, 30 Oct 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (1107), with no line terminators
Size
675 B (675 bytes)
Hash
d8ba211bb1be1a15bf5b0143ca1b009a
215203609a551dcaccf6e434508623f302635f86
a441182568ad88fa9c54384de94a77f64148d3d54df66ea1beff4a11100967c6

HTTP Headers

GET /en/images/nav_language.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dulliusimoveis.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:18 GMT
etag: "62387c82-45b"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 675
date: Fri, 01 Dec 2023 18:41:18 GMT
X-Firefox-Spdy: h2

dulliusimoveis.com.br/links/pubg-skin-V6/fonts/laza.ttf

104.21.21.240

404 Not Found

982 kB

URL GET HTTP/3
dulliusimoveis.com.br/links/pubg-skin-V6/fonts/laza.ttf
IP
104.21.21.240:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Certificate
IssuerLet's Encrypt
Subjectdulliusimoveis.com.br
Fingerprint01:68:D5:3B:D2:CF:2C:23:DB:A0:C5:87:E1:7C:13:14:78:15:3F:A9
ValidityWed, 11 Oct 2023 12:45:27 GMT - Tue, 09 Jan 2024 12:45:26 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
982 kB (982532 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /links/pubg-skin-V6/fonts/laza.ttf HTTP/1.1
Host: dulliusimoveis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
date: Fri, 01 Dec 2023 18:41:18 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9kv4x3hmEXITxPTfoIEWV4RkHtwKOo7R13TPDrOd%2BHpXY3xYqYct%2FKMPew77aFTfK4gut4v4kCgf0E41PKqpXQokmmSrGEGdZIvJ%2BFAuji2ONHVoq3sZXoViH1pad3cDjp%2FcL5XxvX8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ed76a7291e56c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

i.ibb.co/pZDr8sd/Twitter-Hide-Password.png

162.19.58.160

200 OK

28 kB

URL GET HTTP/2
i.ibb.co/pZDr8sd/Twitter-Hide-Password.png
IP
162.19.58.160:443
ASN
#16276 OVH SAS

Requested by
https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Certificate
IssuerLet's Encrypt
Subjectibb.co
FingerprintCC:72:96:95:90:7F:15:8E:AC:C5:40:3A:D2:6F:83:A3:DF:5E:72:56
ValidityMon, 09 Oct 2023 14:39:49 GMT - Sun, 07 Jan 2024 14:39:48 GMT

File type
PNG image data, 656 x 656, 8-bit/color RGBA, non-interlaced\012- data
Size
28 kB (28029 bytes)
Hash
8d1f08b46884df302bf7300fc234832c
5735d57b6fa211c400d439095d5ff2f5bb57e691
e4cff1f68b85c3343554090b3479273a54e5eed2dbb3e56ceb9f86c4ebe8b0e7

HTTP Headers

GET /pZDr8sd/Twitter-Hide-Password.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dulliusimoveis.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 18:41:18 GMT
content-type: image/png
content-length: 28029
last-modified: Tue, 17 Jan 2023 04:04:57 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

104.18.10.207

200 OK

31 kB

URL GET HTTP/2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.18.10.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint34:BC:91:5F:B9:EC:32:2C:D9:73:C7:88:C3:6C:FB:77:E7:70:8D:04
ValidityThu, 30 Nov 2023 00:15:17 GMT - Wed, 28 Feb 2024 00:15:16 GMT

File type
ASCII text, with very long lines (30837)
Size
31 kB (31000 bytes)
Hash
269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

HTTP Headers

GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dulliusimoveis.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 01 Dec 2023 18:41:16 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 10/31/2023 18:48:06
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 722
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: dd809c84048d5afa8e77adc8acacd559
cdn-cache: HIT
cf-cache-status: HIT
age: 830251
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 82ed769dfb4a7127-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

dulliusimoveis.com.br/cdn-cgi/challenge-platform/scripts/jsd/main.js

104.21.21.240

302 Found

7.4 kB

URL GET HTTP/3
dulliusimoveis.com.br/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
104.21.21.240:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Certificate
IssuerLet's Encrypt
Subjectdulliusimoveis.com.br
Fingerprint01:68:D5:3B:D2:CF:2C:23:DB:A0:C5:87:E1:7C:13:14:78:15:3F:A9
ValidityWed, 11 Oct 2023 12:45:27 GMT - Tue, 09 Jan 2024 12:45:26 GMT

File type

Size
7.4 kB (7351 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: dulliusimoveis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 302 Found
date: Fri, 01 Dec 2023 18:41:17 GMT
cache-control: max-age=300, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
vary: accept-encoding
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cLN%2Bm2EtzYeazjMGbPulIIkC3rrXWOuIYqAw%2FIozGpBnbikQW5l4vkHtl1rVx%2BivTUTvwwSVnnYahOKNzHbBIPK76UYrfNM%2FfcQPsVkpIzz4QaPI%2B2S6ppvHvGcDnCluwejupo7pLM0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82ed76a6e8d556c6-OSL
alt-svc: h3=":443"; ma=86400

stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

104.18.10.207

200 OK

31 kB

URL GET HTTP/2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.18.10.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint34:BC:91:5F:B9:EC:32:2C:D9:73:C7:88:C3:6C:FB:77:E7:70:8D:04
ValidityThu, 30 Nov 2023 00:15:17 GMT - Wed, 28 Feb 2024 00:15:16 GMT

File type
ASCII text, with very long lines (30837)
Size
31 kB (31000 bytes)
Hash
269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

HTTP Headers

GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dulliusimoveis.com.br
DNT: 1
Connection: keep-alive
Referer: https://dulliusimoveis.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 01 Dec 2023 18:41:16 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 10/31/2023 18:48:06
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 722
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 94888cbd125a83d87db46d1be77d5a9c
cdn-cache: HIT
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 82ed769e4abab50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

dulliusimoveis.com.br/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

104.21.21.240

200 OK

1.2 kB

URL GET HTTP/3
dulliusimoveis.com.br/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP
104.21.21.240:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Certificate
IssuerLet's Encrypt
Subjectdulliusimoveis.com.br
Fingerprint01:68:D5:3B:D2:CF:2C:23:DB:A0:C5:87:E1:7C:13:14:78:15:3F:A9
ValidityWed, 11 Oct 2023 12:45:27 GMT - Tue, 09 Jan 2024 12:45:26 GMT

File type
HTML document, ASCII text, with very long lines (1271), with no line terminators
Size
1.2 kB (1239 bytes)
Hash
40d981045a7516cdadd00e8dccc9c58d
8b8d9a48c6b9d2fba596034ef5db3dd0f2f781c3
71c7d5fc630ff38080f71945be1e8b0c43140d8c25338056b752495e18739c0c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: dulliusimoveis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 01 Dec 2023 18:41:16 GMT
content-type: application/javascript
last-modified: Tue, 28 Nov 2023 16:06:21 GMT
etag: W/"65660ffd-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t36S1PnZx0HSpSDTJEtyGK%2F2ZkH1dReRkcQ%2FeyP8BnTeN3PCLH4lP%2F1D%2FpUwdGUhfEfnjRGNyYDHPbohv2PnT%2B8ICAJpj8EdF%2Bl4ev9x28Yj0Hy8qPhEo3CKqRYqYRSQ1JiOLB5DJCY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ed769e1bde56c6-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sun, 03 Dec 2023 18:41:16 GMT
cache-control: max-age=172800, public
content-encoding: gzip

dulliusimoveis.com.br/links/pubg-skin-V6/fonts/laza.woff

104.21.21.240

404 Not Found

146 B

URL GET HTTP/3
dulliusimoveis.com.br/links/pubg-skin-V6/fonts/laza.woff
IP
104.21.21.240:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Certificate
IssuerLet's Encrypt
Subjectdulliusimoveis.com.br
Fingerprint01:68:D5:3B:D2:CF:2C:23:DB:A0:C5:87:E1:7C:13:14:78:15:3F:A9
ValidityWed, 11 Oct 2023 12:45:27 GMT - Tue, 09 Jan 2024 12:45:26 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Size
146 B (146 bytes)
Hash
40b3fc14254227ec5012d996bf90c4e1
b0dd06eb5a779151151101337889ff09953f8ac0
740816c1b61e4a8443c26d30d3eecfea04815fca8cd605a142f9d8a35f86ceca

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /links/pubg-skin-V6/fonts/laza.woff HTTP/1.1
Host: dulliusimoveis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Fri, 01 Dec 2023 18:41:17 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VujAOhq9xnBT4i4uIEb5MvBADOvc6gguso6xQ6HnlacL0PNAFqKy96L8CtO0tlY9UbejuDfGkXAWSi1pLzGfLNQJDKWC9ypklw8U4B7DDWb7JYfKif9E2JpKtPU7WLkdv1gni4ZRO7E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ed76a6982c56c6-OSL
alt-svc: h3=":443"; ma=86400

dulliusimoveis.com.br/links/pubg-skin-V6/css/twitter.css

104.21.21.240

200 OK

3.4 kB

URL GET HTTP/3
dulliusimoveis.com.br/links/pubg-skin-V6/css/twitter.css
IP
104.21.21.240:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Certificate
IssuerLet's Encrypt
Subjectdulliusimoveis.com.br
Fingerprint01:68:D5:3B:D2:CF:2C:23:DB:A0:C5:87:E1:7C:13:14:78:15:3F:A9
ValidityWed, 11 Oct 2023 12:45:27 GMT - Tue, 09 Jan 2024 12:45:26 GMT

File type
ASCII text, with very long lines (3663), with no line terminators
Size
3.4 kB (3382 bytes)
Hash
2f138b9153a1305d5a15db20596b1236
a99c093c3ce05c528664977a0fac8c1fa44c66e5
193b40ddcc10aa1df21528b7c8df9935fc71e503376971a0d67ce61d67a58aa4

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /links/pubg-skin-V6/css/twitter.css HTTP/1.1
Host: dulliusimoveis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 01 Dec 2023 18:41:16 GMT
content-type: text/css
last-modified: Fri, 01 Dec 2023 18:37:24 GMT
vary: Accept-Encoding
etag: W/"656a27e4-d36"
expires: Sat, 02 Dec 2023 06:41:16 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wy7Sh8VKA%2FfxDvCj%2B9lbfJNv33ROMQ0d1CixZnGMoGAAYlYoIZ5LojGsYlSSUpPCtcoKfXDpeeSq%2B5pyBH%2Fbp8RgpblMDr6VD6pfFwHkPkp22xaySZ6j9xosQlllLAZwzpqmPJ26BkU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82ed769d8b0756c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

site-assets.fontawesome.com/releases/v6.4.0/css/all.css

104.18.40.68

200 OK

510 kB

URL GET HTTP/2
site-assets.fontawesome.com/releases/v6.4.0/css/all.css
IP
104.18.40.68:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Certificate
IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint6C:69:02:A7:9B:07:84:8E:D0:3D:0A:10:61:8E:01:80:88:37:EF:5E
ValidityTue, 22 Nov 2022 00:00:00 GMT - Sat, 23 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (52040)
Size
510 kB (509883 bytes)
Hash
78f5161e4fd6d47acd0ca77ced2b3b1d
0a1085c73a9e2185b7df9acafbe3468e73f237c7
47aa5aff3a5b873f488c92005ca3ffd0a939ddc4707ec8dd8a4e0e8dff653ab4

HTTP Headers

GET /releases/v6.4.0/css/all.css HTTP/1.1
Host: site-assets.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dulliusimoveis.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 01 Dec 2023 18:41:16 GMT
content-type: text/css
x-amz-id-2: 6PlPBSjIgRvdKHA5ktMz2yEeuCvh23fIy21oVzR4Zqf4o79jwPM+GDwqzKIaUI67RpC7Sv40vKRaOzHMh3ygrQ==
x-amz-request-id: 8F59EKXS65FKMKV7
last-modified: Fri, 24 Mar 2023 15:16:40 GMT
etag: W/"78f5161e4fd6d47acd0ca77ced2b3b1d"
x-amz-server-side-encryption: AES256
cf-cache-status: HIT
age: 1326
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ed769e2c1356c6-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

dulliusimoveis.com.br/links/pubg-skin-V6/css/fonts/laza.woff

104.21.21.240

404 Not Found

146 B

URL GET HTTP/3
dulliusimoveis.com.br/links/pubg-skin-V6/css/fonts/laza.woff
IP
104.21.21.240:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Certificate
IssuerLet's Encrypt
Subjectdulliusimoveis.com.br
Fingerprint01:68:D5:3B:D2:CF:2C:23:DB:A0:C5:87:E1:7C:13:14:78:15:3F:A9
ValidityWed, 11 Oct 2023 12:45:27 GMT - Tue, 09 Jan 2024 12:45:26 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Size
146 B (146 bytes)
Hash
40b3fc14254227ec5012d996bf90c4e1
b0dd06eb5a779151151101337889ff09953f8ac0
740816c1b61e4a8443c26d30d3eecfea04815fca8cd605a142f9d8a35f86ceca

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /links/pubg-skin-V6/css/fonts/laza.woff HTTP/1.1
Host: dulliusimoveis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://dulliusimoveis.com.br/links/pubg-skin-V6/css/lazaruz.css
Cookie: cf_clearance=cJEpGFeaZ2AANpsrSPpIDSCHysnc4plDMpclhPQn9Vw-1701456078-0-1-730ca2d2.73a07051.5b213570-0.2.1701456078
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Fri, 01 Dec 2023 18:41:18 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TCYK%2FTx5QhAvQtlIkg%2BMXRd0Z9ezE96c1mZszfoOJcE0ogzU4PT8PgtW0EyTqrm0s%2F%2B7B9dhIL%2BM%2B2xNht%2FpSBR%2BfHoRS9iaqwyk4RsnyM4dnnUvgYSgeFxdPvaCkeynCHJyGQc%2FDnY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ed76a9bd2f56c6-OSL
alt-svc: h3=":443"; ma=86400

dulliusimoveis.com.br/links/pubg-skin-V6/css/fonts/laza.ttf

104.21.21.240

404 Not Found

146 B

URL GET HTTP/3
dulliusimoveis.com.br/links/pubg-skin-V6/css/fonts/laza.ttf
IP
104.21.21.240:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Certificate
IssuerLet's Encrypt
Subjectdulliusimoveis.com.br
Fingerprint01:68:D5:3B:D2:CF:2C:23:DB:A0:C5:87:E1:7C:13:14:78:15:3F:A9
ValidityWed, 11 Oct 2023 12:45:27 GMT - Tue, 09 Jan 2024 12:45:26 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Size
146 B (146 bytes)
Hash
40b3fc14254227ec5012d996bf90c4e1
b0dd06eb5a779151151101337889ff09953f8ac0
740816c1b61e4a8443c26d30d3eecfea04815fca8cd605a142f9d8a35f86ceca

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /links/pubg-skin-V6/css/fonts/laza.ttf HTTP/1.1
Host: dulliusimoveis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dulliusimoveis.com.br/links/pubg-skin-V6/css/lazaruz.css
Cookie: cf_clearance=cJEpGFeaZ2AANpsrSPpIDSCHysnc4plDMpclhPQn9Vw-1701456078-0-1-730ca2d2.73a07051.5b213570-0.2.1701456078
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Fri, 01 Dec 2023 18:41:18 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mLjohjAHSYNEdvYvcvOGcJtDGvL%2Fn1%2BPxFpgSI%2BTobcJV5jfOg8ng5am9K4472ANpHOb70l6PoZB6wN7v7%2FuJ5EvdkRl2o4ZwGvBrVOvL5DJ0Pjlc%2FQ9Xt9LDc4mnDDnEFQf79aahJs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ed76aa9e1456c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

dulliusimoveis.com.br/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js

104.21.21.240

200 OK

7.4 kB

URL GET HTTP/3
dulliusimoveis.com.br/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
IP
104.21.21.240:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Certificate
IssuerLet's Encrypt
Subjectdulliusimoveis.com.br
Fingerprint01:68:D5:3B:D2:CF:2C:23:DB:A0:C5:87:E1:7C:13:14:78:15:3F:A9
ValidityWed, 11 Oct 2023 12:45:27 GMT - Tue, 09 Jan 2024 12:45:26 GMT

File type
ASCII text, with very long lines (7351), with no line terminators
Size
7.4 kB (7351 bytes)
Hash
1629972918fe4e80545bd3fd8b79f820
6f84db0335b18278d6825f3c268314a79ffc2ed7
01c5023803a466bdf351ec51fe55786cd913f5889cb70489d73adefc480cbdb5

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js HTTP/1.1
Host: dulliusimoveis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 01 Dec 2023 18:41:17 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
vary: accept-encoding
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JAhECLYad5Y3PKEgHY4A6XCc%2BddHN3GyMb0gva8R58Xe9RABM7CHJObyL8h%2FqO0DTFk6e86Z9I8bKuOkYUr9tSy%2FFtr2lq4GYfoFS%2FskhMMvbpuACKbWrRzTiVecMM4jk5AckQznkSc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82ed76a7292656c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

dulliusimoveis.com.br/cdn-cgi/challenge-platform/h/b/jsd/r/82ed769b0ee2569a

104.21.21.240

200 OK

0 B

URL POST HTTP/3
dulliusimoveis.com.br/cdn-cgi/challenge-platform/h/b/jsd/r/82ed769b0ee2569a
IP
104.21.21.240:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Certificate
IssuerLet's Encrypt
Subjectdulliusimoveis.com.br
Fingerprint01:68:D5:3B:D2:CF:2C:23:DB:A0:C5:87:E1:7C:13:14:78:15:3F:A9
ValidityWed, 11 Oct 2023 12:45:27 GMT - Tue, 09 Jan 2024 12:45:26 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/jsd/r/82ed769b0ee2569a HTTP/1.1
Host: dulliusimoveis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12238
Origin: https://dulliusimoveis.com.br
DNT: 1
Connection: keep-alive
Referer: https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 01 Dec 2023 18:41:18 GMT
content-type: text/plain; charset=UTF-8
set-cookie: cf_clearance=cJEpGFeaZ2AANpsrSPpIDSCHysnc4plDMpclhPQn9Vw-1701456078-0-1-730ca2d2.73a07051.5b213570-0.2.1701456078; path=/; expires=Sat, 30-Nov-24 18:41:18 GMT; domain=.dulliusimoveis.com.br; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ozvHDrx52H603P7rwURMputuuotGE%2BRNBhNnmL%2BBDIX6I8yoFxSWWmae%2BNBo5YZq5hJGR1Zf3KaROielwGcxpSK4fhEbZgwPs2lwoUOeBkZ6OrO6r2H5NF1HLNZ5wDepfxpkT9MYihI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82ed76a90c0656c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.pubgmobile.com/common/images/icon_logo.jpg

95.101.11.144

200 OK

982 kB

URL GET HTTP/2
www.pubgmobile.com/common/images/icon_logo.jpg
IP
95.101.11.144:443
ASN
#20940 Akamai International B.V.

Requested by
https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Certificate
IssuerDigiCert Inc
Subjectwetv.acc.qq.com
Fingerprint5C:D9:77:1B:16:32:99:FE:C5:2E:BD:E3:86:D8:71:22:B0:1B:6A:3F
ValidityMon, 30 Oct 2023 00:00:00 GMT - Wed, 30 Oct 2024 23:59:59 GMT

File type
JPEG image data, baseline, precision 8, 1024x1024, components 3\012- data
Size
982 kB (982437 bytes)
Hash
b83d8d3e9beecfac081f4e742d27661c
448330670bef8c2ee17baf6d2410ca974341cb88
5899c82b2f0563679a9c1ee79b5b28f2545864d95c7627c1a70e36a2f034497d

HTTP Headers

GET /common/images/icon_logo.jpg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dulliusimoveis.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: image/jpeg
content-length: 982437
last-modified: Mon, 30 Nov 2020 12:10:45 GMT
etag: "5fc4e145-efda5"
accept-ranges: bytes
cache-control: max-age=175
expires: Fri, 01 Dec 2023 18:44:13 GMT
date: Fri, 01 Dec 2023 18:41:18 GMT
X-Firefox-Spdy: h2

dulliusimoveis.com.br/links/pubg-skin-V6/css/lazaruz.css

104.21.21.240

200 OK

27 kB

URL GET HTTP/3
dulliusimoveis.com.br/links/pubg-skin-V6/css/lazaruz.css
IP
104.21.21.240:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Certificate
IssuerLet's Encrypt
Subjectdulliusimoveis.com.br
Fingerprint01:68:D5:3B:D2:CF:2C:23:DB:A0:C5:87:E1:7C:13:14:78:15:3F:A9
ValidityWed, 11 Oct 2023 12:45:27 GMT - Tue, 09 Jan 2024 12:45:26 GMT

File type
assembler source, ASCII text
Size
27 kB (27054 bytes)
Hash
bedfdc6cfd098f90c8a92ec5ec5dc972
2fac3adc3a96da07a5e8a7a28a4c3876613ac389
fafc9f09bc7b9625dd61be059ab16d3ccd6fc6affa919c90de57c5afcbfcb9b7

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /links/pubg-skin-V6/css/lazaruz.css HTTP/1.1
Host: dulliusimoveis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 01 Dec 2023 18:41:16 GMT
content-type: text/css
last-modified: Fri, 01 Dec 2023 18:37:24 GMT
vary: Accept-Encoding
etag: W/"656a27e4-69ae"
expires: Sat, 02 Dec 2023 06:41:16 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xjTKOwJ5zj5M0gVatHbd5zhUBcENJvtja2Zff71R8yNQiD4J%2BC7uqFuLRw7Pp9Fz2JOQXEgNTzzztadQs7U9PxekifrXXIveDGB3clrmAPgRAfbDauFXrqWNNsEUEPb79iwxeABz%2F0E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82ed769d7af856c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500

142.250.74.106

200 OK

12 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text
Size
12 kB (11603 bytes)
Hash
28abeed290ed65409b9fdac0b8ada4dc
e1b078d816c00c38edcda8f6da63773e43b6bb9b
a54cbba9c5d519add8cafd17df2d5a97757f7f7327667718bb19e1340c5c5b25

HTTP Headers

GET /css?family=Roboto:300,400,500,700|Teko:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dulliusimoveis.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 01 Dec 2023 18:41:17 GMT
date: Fri, 01 Dec 2023 18:41:17 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Teko&display=swap

142.250.74.106

200 OK

1.1 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Teko&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (1159), with no line terminators
Size
1.1 kB (1132 bytes)
Hash
0b52e2c4b5132ebd94353dab35b70fdc
33909660c8b09cf12a48365b48805525825ea862
ef661f53630207bdf0a86068cf51be16e47c34e95673ee6712332fd29fa6fbb2

HTTP Headers

GET /css2?family=Teko&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dulliusimoveis.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 01 Dec 2023 18:41:17 GMT
date: Fri, 01 Dec 2023 18:41:17 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

dulliusimoveis.com.br/links/pubg-skin-V6/js/lazaruzjj1saghf!.js

104.21.21.240

404 Not Found

146 B

URL GET HTTP/3
dulliusimoveis.com.br/links/pubg-skin-V6/js/lazaruzjj1saghf!.js
IP
104.21.21.240:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Certificate
IssuerLet's Encrypt
Subjectdulliusimoveis.com.br
Fingerprint01:68:D5:3B:D2:CF:2C:23:DB:A0:C5:87:E1:7C:13:14:78:15:3F:A9
ValidityWed, 11 Oct 2023 12:45:27 GMT - Tue, 09 Jan 2024 12:45:26 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Size
146 B (146 bytes)
Hash
40b3fc14254227ec5012d996bf90c4e1
b0dd06eb5a779151151101337889ff09953f8ac0
740816c1b61e4a8443c26d30d3eecfea04815fca8cd605a142f9d8a35f86ceca

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /links/pubg-skin-V6/js/lazaruzjj1saghf!.js HTTP/1.1
Host: dulliusimoveis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Fri, 01 Dec 2023 18:41:17 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CPwlvhbIoWfopwuy%2BwNs9ahgS4XWHNIbTqGEf6bn%2F8zDgMhTf1Q2w%2ByJapZbaXsIJxnrPYW5c7%2F%2B2qYz4FBciyVpQx01ztv%2Bi5BWVsv8q%2B2O1kbIs5IK9CAjtjKuUaHgniiXpELvPc4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ed76a5ced156c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

dulliusimoveis.com.br/links/pubg-skin-V6/css/lazaruztanim.css

104.21.21.240

200 OK

0 B

URL GET HTTP/3
dulliusimoveis.com.br/links/pubg-skin-V6/css/lazaruztanim.css
IP
104.21.21.240:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Certificate
IssuerLet's Encrypt
Subjectdulliusimoveis.com.br
Fingerprint01:68:D5:3B:D2:CF:2C:23:DB:A0:C5:87:E1:7C:13:14:78:15:3F:A9
ValidityWed, 11 Oct 2023 12:45:27 GMT - Tue, 09 Jan 2024 12:45:26 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /links/pubg-skin-V6/css/lazaruztanim.css HTTP/1.1
Host: dulliusimoveis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 01 Dec 2023 18:41:16 GMT
content-type: text/css
content-length: 0
last-modified: Fri, 01 Dec 2023 18:37:24 GMT
etag: "656a27e4-0"
expires: Sat, 02 Dec 2023 06:41:16 GMT
cache-control: max-age=43200
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DcQAIBMnbdFRqJtXkn1mJNhwBypoUryfpqP7gQYNJqdcT9hksJcdddBkS79Sxtbjwh%2FhxKj8VQplPxSmH%2BQRcTWfUA2dPoJAJ8tSZs6k6X4r8lJaVrpQ2tIMixBTpGIhEmrVqR%2FMwZA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ed769d7afa56c6-OSL
alt-svc: h3=":443"; ma=86400

dulliusimoveis.com.br/links/pubg-skin-V6/css/facebook.css

104.21.21.240

200 OK

4.1 kB

URL GET HTTP/3
dulliusimoveis.com.br/links/pubg-skin-V6/css/facebook.css
IP
104.21.21.240:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Certificate
IssuerLet's Encrypt
Subjectdulliusimoveis.com.br
Fingerprint01:68:D5:3B:D2:CF:2C:23:DB:A0:C5:87:E1:7C:13:14:78:15:3F:A9
ValidityWed, 11 Oct 2023 12:45:27 GMT - Tue, 09 Jan 2024 12:45:26 GMT

File type
ASCII text, with very long lines (4392), with no line terminators
Size
4.1 kB (4105 bytes)
Hash
3adc29a32c52542550c5c29cf3745026
535971433c82b138b250f7c921b36f3f1152d908
1c6b34f563e3dd9d9e6c582637924e10dbee2b77003a16716952d8d71981a320

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /links/pubg-skin-V6/css/facebook.css HTTP/1.1
Host: dulliusimoveis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 01 Dec 2023 18:41:16 GMT
content-type: text/css
last-modified: Fri, 01 Dec 2023 18:37:24 GMT
vary: Accept-Encoding
etag: W/"656a27e4-1009"
expires: Sat, 02 Dec 2023 06:41:16 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sU%2Fm47ZurMlUwXyBua%2BKpCYDAKV7u8A5WAEY7pBfCi%2BFQ7f3n5TDKP9v0C3qL7TbadB97iWvsn1Q%2BlCSxiuVAz0XOU3%2BpKWA7TYyvo9vq29VgEIEnTiyQU%2FPfOFVFNTqLwh00jUlTrE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82ed769d8afb56c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

dulliusimoveis.com.br/links/pubg-skin-V6/js/lazaruzjj1saghf!.js

104.21.21.240

404 Not Found

146 B

URL GET HTTP/3
dulliusimoveis.com.br/links/pubg-skin-V6/js/lazaruzjj1saghf!.js
IP
104.21.21.240:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Certificate
IssuerLet's Encrypt
Subjectdulliusimoveis.com.br
Fingerprint01:68:D5:3B:D2:CF:2C:23:DB:A0:C5:87:E1:7C:13:14:78:15:3F:A9
ValidityWed, 11 Oct 2023 12:45:27 GMT - Tue, 09 Jan 2024 12:45:26 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Size
146 B (146 bytes)
Hash
40b3fc14254227ec5012d996bf90c4e1
b0dd06eb5a779151151101337889ff09953f8ac0
740816c1b61e4a8443c26d30d3eecfea04815fca8cd605a142f9d8a35f86ceca

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /links/pubg-skin-V6/js/lazaruzjj1saghf!.js HTTP/1.1
Host: dulliusimoveis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Fri, 01 Dec 2023 18:41:16 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JtG6TLRniT29i3%2FFiUKeDBholMB27n1gSWnsekG%2FfYMK84u6z5PiB9TwP2%2FOXGElsQeYFF923ZGWcN2Omm0UKNz0qdrOOHESF86Fid0unp9xbNi5AETeRk1Jep9XYAuwJuKQWPVbn%2FM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ed769e2c1156c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

dulliusimoveis.com.br/links/pubg-skin-V6/css/fonts/laza.woff2

104.21.21.240

404 Not Found

146 B

URL GET HTTP/3
dulliusimoveis.com.br/links/pubg-skin-V6/css/fonts/laza.woff2
IP
104.21.21.240:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dulliusimoveis.com.br/links/pubg-skin-V6/jj1saghf.php
Certificate
IssuerLet's Encrypt
Subjectdulliusimoveis.com.br
Fingerprint01:68:D5:3B:D2:CF:2C:23:DB:A0:C5:87:E1:7C:13:14:78:15:3F:A9
ValidityWed, 11 Oct 2023 12:45:27 GMT - Tue, 09 Jan 2024 12:45:26 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Size
146 B (146 bytes)
Hash
40b3fc14254227ec5012d996bf90c4e1
b0dd06eb5a779151151101337889ff09953f8ac0
740816c1b61e4a8443c26d30d3eecfea04815fca8cd605a142f9d8a35f86ceca

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /links/pubg-skin-V6/css/fonts/laza.woff2 HTTP/1.1
Host: dulliusimoveis.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://dulliusimoveis.com.br/links/pubg-skin-V6/css/lazaruz.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Fri, 01 Dec 2023 18:41:18 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KPw%2FdaITOZ0glS4OBnvlEVhIbXp8vkXwMmCwQXNN4bzNdO5AjALbnkS97TChTmb1uCPZUW4wJ1D%2BKOk9nmzLjXGPfkvbL3lt%2Br95q9yLtQyeepoKUfmBXA47EWb1QlIcXIfdKe6xzdg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ed76a91c4756c6-OSL
alt-svc: h3=":443"; ma=86400

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (70)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations