Report - cerberus.gazin.com.br/login?app_id=U+4BYDmIYKpCrkDA9t/o0Z6lEVqEPmDm&redirect_url=https://nova-assistencia.gazin.com.br/login

Report Overview

Visitedpublic

2024-05-30 17:22:22

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP	Fingerprints
status.geotrust.com	3662	1999-04-04	2017-12-01 09:55:31	2024-05-29 18:18:37	331 B	642 B	192.229.221.95
cerberus.gazin.com.br	unknown	unknown	No data	No data	3.8 kB	5.0 MB	20.195.190.86

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-05-30 17:21:53	medium	Client IP	192.169.69.26	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
2024-05-30 17:21:56	medium	Client IP	192.169.69.26	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
2024-05-30 17:22:00	medium	Client IP	192.169.69.26	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
2024-05-30 17:22:05	medium	Client IP	192.169.69.26	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
2024-05-30 17:22:10	medium	Client IP	192.169.69.26	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
2024-05-30 17:22:18	medium	Client IP	192.169.69.26	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (3)

	URL	From	Size	First Seen	Last Seen
	cerberus.gazin.com.br/static/js/bundle.js	ScriptElement	39 kB	2024-08-19	2024-08-19
URL cerberus.gazin.com.br/static/js/bundle.js IP / ASN 20.195.190.86 #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by ScriptElement Embedded false Resource Info First Seen 2024-08-19 Last Seen 2024-08-19 Times Seen 1 Size 39 kB (38797 bytes) MD5 f6706af8317ad82cf522fa43b09a6c5a SHA1 5f81330f153db8f8a2c33b1b82aeb7820e86666a SHA256 bc07d677b12a23e916e76f968f210a33cfd13b37d44f31594c1d97442e0b66f0 Format Code Loading...

	cerberus.gazin.com.br/static/js/vendors~main.chunk.js	ScriptElement	4.7 MB	2024-08-19	2024-08-19
URL cerberus.gazin.com.br/static/js/vendors~main.chunk.js IP / ASN 20.195.190.86 #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by ScriptElement Embedded false Resource Info First Seen 2024-08-19 Last Seen 2024-08-19 Times Seen 1 Size 4.7 MB (4662431 bytes) MD5 27561044a03ea5bee50e991101577360 SHA1 5e45d176386a9687decf94b69e7529e67be9126e SHA256 a95a97c82c342d100938dd814cab45819f406894acf690e271d022d2de8973a7 Format Code Loading...

	cerberus.gazin.com.br/static/js/main.chunk.js	ScriptElement	304 kB	2024-08-19	2024-08-19
URL cerberus.gazin.com.br/static/js/main.chunk.js IP / ASN 20.195.190.86 #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by ScriptElement Embedded false Resource Info First Seen 2024-08-19 Last Seen 2024-08-19 Times Seen 1 Size 304 kB (304275 bytes) MD5 703673c81600f036135387138171e28e SHA1 9253fd874109131ef1dee11e4220157ef008d6bc SHA256 12bdec8ceb99517d465b26861149472fd8740584ced9a058fd70e4fceff2e3f7 Format Code Loading...

HTTP Transactions (8)

	URL	IP	Response	Size
	status.geotrust.com/	192.229.221.95		471 B
URL status.geotrust.com/ IP / ASN 192.229.221.95 #15133 EDGECAST Requested byN/A Resource Info File typedata First Seen2024-08-19 Last Seen2024-08-19 Times Seen1 Size471 B (471 bytes) MD566d72eea24b499373e5f248b97f68520 SHA1bfb98cd00cdc673bd0ac6793672984fadc64432f SHA25697944db667894709fb133dd4ecca6614210f7920dd710c4e5fe21d3b430ab102 HTTP Headers `POST / HTTP/1.1 Host: status.geotrust.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Cache-Control: max-age=7200 Content-Type: application/ocsp-response Date: Thu, 30 May 2024 17:21:54 GMT Server: ECAcc (amb/6B53) Content-Length: 471`

	GET cerberus.gazin.com.br/login?app_id=U+4BYDmIYKpCrkDA9t/o0Z6lEVqEPmDm&redirect_url=https://nova-assistencia.gazin.com.br/login	20.195.190.86	200 OK	576 B
URL cerberus.gazin.com.br/login?app_id=U+4BYDmIYKpCrkDA9t/o0Z6lEVqEPmDm&redirect_url=https://nova-assistencia.gazin.com.br/login IP / ASN 20.195.190.86 #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested byN/A Resource Info File typeHTML document, ASCII text First Seen2024-08-19 Last Seen2024-08-19 Times Seen1 Size576 B (576 bytes) MD517ef22d35d44007d8139b7e7097393a4 SHA158c5d191ffa9462df75d3c6cb78c484edf885390 SHA2562e77ff0aa1bb868bd33f68a517c497a39ee41b2dc03c14017d1115a4029aa189 Certificate Info IssuerDigiCert Inc Subject.gazin.com.br Fingerprint69:80:58:DD:C2:3A:78:1B:1A:33:5F:78:37:25:12:24:2A:F6:9E:99 ValidityThu, 15 Feb 2024 00:00:00 GMT - Mon, 17 Mar 2025 23:59:59 GMT HTTP Headers GET /login?app_id=U+4BYDmIYKpCrkDA9t/o0Z6lEVqEPmDm&redirect_url=https://nova-assistencia.gazin.com.br/login HTTP/1.1 Host: cerberus.gazin.com.br User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK date: Thu, 30 May 2024 17:21:55 GMT content-type: text/html; charset=UTF-8 content-length: 576 x-powered-by: Express accept-ranges: bytes etag: W/"240-WMXRkf+pRi33XTxst4xITt+IU5A" vary: Accept-Encoding strict-transport-security: max-age=15724800; includeSubDomains X-Firefox-Spdy: h2`

	cerberus.gazin.com.br/sockjs-node	20.195.190.86		576 B
URL cerberus.gazin.com.br/sockjs-node IP / ASN 20.195.190.86 #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested byN/A Resource Info File typeHTML document, ASCII text First Seen2024-08-19 Last Seen2024-08-19 Times Seen1 Size576 B (576 bytes) MD517ef22d35d44007d8139b7e7097393a4 SHA158c5d191ffa9462df75d3c6cb78c484edf885390 SHA2562e77ff0aa1bb868bd33f68a517c497a39ee41b2dc03c14017d1115a4029aa189 Certificate Info IssuerDigiCert Inc Subject.gazin.com.br Fingerprint69:80:58:DD:C2:3A:78:1B:1A:33:5F:78:37:25:12:24:2A:F6:9E:99 ValidityThu, 15 Feb 2024 00:00:00 GMT - Mon, 17 Mar 2025 23:59:59 GMT HTTP Headers GET /sockjs-node HTTP/1.1 Host: cerberus.gazin.com.br User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: https://cerberus.gazin.com.br Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: vB0Q4WZfe++G/0EpNKZB+w== DNT: 1 Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 200 OK Date: Thu, 30 May 2024 17:21:57 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 576 Connection: keep-alive X-Powered-By: Express Accept-Ranges: bytes ETag: W/"240-WMXRkf+pRi33XTxst4xITt+IU5A" Vary: Accept-Encoding Strict-Transport-Security: max-age=15724800; includeSubDomains`

	GET cerberus.gazin.com.br/static/js/main.chunk.js	20.195.190.86	200 OK	304 kB
URL cerberus.gazin.com.br/static/js/main.chunk.js IP / ASN 20.195.190.86 #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested byhttps://cerberus.gazin.com.br/login?app_id=U+4BYDmIYKpCrkDA9t/o0Z6lEVqEPmDm&redirect_url=https://nova-assistencia.gazin.com.br/login Resource Info File typeN/A First Seen0001-01-01 Last Seen2025-08-02 Times Seen5608735 Size304 kB (304275 bytes) MD5d41d8cd98f00b204e9800998ecf8427e SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Certificate Info IssuerDigiCert Inc Subject.gazin.com.br Fingerprint69:80:58:DD:C2:3A:78:1B:1A:33:5F:78:37:25:12:24:2A:F6:9E:99 ValidityThu, 15 Feb 2024 00:00:00 GMT - Mon, 17 Mar 2025 23:59:59 GMT HTTP Headers GET /static/js/main.chunk.js HTTP/1.1 Host: cerberus.gazin.com.br User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://cerberus.gazin.com.br/login?app_id=U+4BYDmIYKpCrkDA9t/o0Z6lEVqEPmDm&redirect_url=https://nova-assistencia.gazin.com.br/login Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK date: Thu, 30 May 2024 17:21:55 GMT content-type: application/javascript; charset=UTF-8 x-powered-by: Express accept-ranges: bytes etag: W/"4a493-klP9h0EJEx7x3uEeQiAVfvAI1rw" vary: Accept-Encoding content-encoding: gzip strict-transport-security: max-age=15724800; includeSubDomains X-Firefox-Spdy: h2`

	GET cerberus.gazin.com.br/sockjs-node	20.195.190.86	200 OK	0 B
URL cerberus.gazin.com.br/sockjs-node IP / ASN 20.195.190.86 #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested byhttps://cerberus.gazin.com.br/login?app_id=U+4BYDmIYKpCrkDA9t/o0Z6lEVqEPmDm&redirect_url=https://nova-assistencia.gazin.com.br/login Resource Info File typeN/A First Seen0001-01-01 Last Seen2025-08-02 Times Seen5608735 Size0 B (0 bytes) MD5d41d8cd98f00b204e9800998ecf8427e SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Certificate Info IssuerDigiCert Inc Subject.gazin.com.br Fingerprint69:80:58:DD:C2:3A:78:1B:1A:33:5F:78:37:25:12:24:2A:F6:9E:99 ValidityThu, 15 Feb 2024 00:00:00 GMT - Mon, 17 Mar 2025 23:59:59 GMT HTTP Headers GET /sockjs-node HTTP/1.1 Host: cerberus.gazin.com.br User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: https://cerberus.gazin.com.br Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: vB0Q4WZfe++G/0EpNKZB+w== DNT: 1 Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 200 OK Date: Thu, 30 May 2024 17:21:57 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 576 Connection: keep-alive X-Powered-By: Express Accept-Ranges: bytes ETag: W/"240-WMXRkf+pRi33XTxst4xITt+IU5A" Vary: Accept-Encoding Strict-Transport-Security: max-age=15724800; includeSubDomains`

	GET cerberus.gazin.com.br/favicon.ico	20.195.190.86	200 OK	1.2 kB
URL cerberus.gazin.com.br/favicon.ico IP / ASN 20.195.190.86 #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested byhttps://cerberus.gazin.com.br/login?app_id=U+4BYDmIYKpCrkDA9t/o0Z6lEVqEPmDm&redirect_url=https://nova-assistencia.gazin.com.br/login Resource Info File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel First Seen2024-08-19 Last Seen2024-08-19 Times Seen1 Size1.2 kB (1150 bytes) MD52f7e86c7a5e14e7f36de218a848ac4bd SHA1bfc530d6f34f4a273f0ea58cb1a4dd2e046a43fa SHA25608786aef91bc48e1c7084ba1b3039dbf6dfd65375461ecc6f24e421900fea8dd Certificate Info IssuerDigiCert Inc Subject.gazin.com.br Fingerprint69:80:58:DD:C2:3A:78:1B:1A:33:5F:78:37:25:12:24:2A:F6:9E:99 ValidityThu, 15 Feb 2024 00:00:00 GMT - Mon, 17 Mar 2025 23:59:59 GMT HTTP Headers GET /favicon.ico HTTP/1.1 Host: cerberus.gazin.com.br User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://cerberus.gazin.com.br/login?app_id=U+4BYDmIYKpCrkDA9t/o0Z6lEVqEPmDm&redirect_url=https://nova-assistencia.gazin.com.br/login Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK date: Thu, 30 May 2024 17:21:57 GMT content-type: image/x-icon x-powered-by: Express accept-ranges: bytes cache-control: public, max-age=0 last-modified: Wed, 27 Mar 2024 13:52:07 GMT etag: W/"47e-18e802eaf58" vary: Accept-Encoding content-encoding: gzip strict-transport-security: max-age=15724800; includeSubDomains X-Firefox-Spdy: h2`

	GET cerberus.gazin.com.br/static/js/bundle.js	20.195.190.86	200 OK	39 kB
URL cerberus.gazin.com.br/static/js/bundle.js IP / ASN 20.195.190.86 #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested byhttps://cerberus.gazin.com.br/login?app_id=U+4BYDmIYKpCrkDA9t/o0Z6lEVqEPmDm&redirect_url=https://nova-assistencia.gazin.com.br/login Resource Info File typeJavaScript source, ASCII text First Seen2024-08-19 Last Seen2024-08-19 Times Seen1 Size39 kB (38797 bytes) MD5f6706af8317ad82cf522fa43b09a6c5a SHA15f81330f153db8f8a2c33b1b82aeb7820e86666a SHA256bc07d677b12a23e916e76f968f210a33cfd13b37d44f31594c1d97442e0b66f0 Certificate Info IssuerDigiCert Inc Subject.gazin.com.br Fingerprint69:80:58:DD:C2:3A:78:1B:1A:33:5F:78:37:25:12:24:2A:F6:9E:99 ValidityThu, 15 Feb 2024 00:00:00 GMT - Mon, 17 Mar 2025 23:59:59 GMT HTTP Headers GET /static/js/bundle.js HTTP/1.1 Host: cerberus.gazin.com.br User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://cerberus.gazin.com.br/login?app_id=U+4BYDmIYKpCrkDA9t/o0Z6lEVqEPmDm&redirect_url=https://nova-assistencia.gazin.com.br/login Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK date: Thu, 30 May 2024 17:21:55 GMT content-type: application/javascript; charset=UTF-8 x-powered-by: Express accept-ranges: bytes etag: W/"978d-X4EzDxU9uPiiwzsbgq63gg6GZmo" vary: Accept-Encoding content-encoding: gzip strict-transport-security: max-age=15724800; includeSubDomains X-Firefox-Spdy: h2`

	GET cerberus.gazin.com.br/static/js/vendors~main.chunk.js	20.195.190.86	200 OK	4.7 MB
URL cerberus.gazin.com.br/static/js/vendors~main.chunk.js IP / ASN 20.195.190.86 #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested byhttps://cerberus.gazin.com.br/login?app_id=U+4BYDmIYKpCrkDA9t/o0Z6lEVqEPmDm&redirect_url=https://nova-assistencia.gazin.com.br/login Resource Info File typeN/A First Seen0001-01-01 Last Seen2025-08-02 Times Seen5608735 Size4.7 MB (4662431 bytes) MD5d41d8cd98f00b204e9800998ecf8427e SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Certificate Info IssuerDigiCert Inc Subject.gazin.com.br Fingerprint69:80:58:DD:C2:3A:78:1B:1A:33:5F:78:37:25:12:24:2A:F6:9E:99 ValidityThu, 15 Feb 2024 00:00:00 GMT - Mon, 17 Mar 2025 23:59:59 GMT HTTP Headers GET /static/js/vendors~main.chunk.js HTTP/1.1 Host: cerberus.gazin.com.br User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://cerberus.gazin.com.br/login?app_id=U+4BYDmIYKpCrkDA9t/o0Z6lEVqEPmDm&redirect_url=https://nova-assistencia.gazin.com.br/login Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK date: Thu, 30 May 2024 17:21:55 GMT content-type: application/javascript; charset=UTF-8 x-powered-by: Express accept-ranges: bytes etag: W/"47249f-XkXRdjhqlofez5S2nnUp5nvpEm4" vary: Accept-Encoding content-encoding: gzip strict-transport-security: max-age=15724800; includeSubDomains X-Firefox-Spdy: h2`

Detections

Host Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (3)

HTTP Transactions (8)

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers