Report - salaobeaumontt.com.br/verification/INTERAC/UpdateVerifyPrss!/TangerineBank/?key=d9137167bd64e20ac849bfb4b9d4c9d4804cd98c

Report Overview

Visited public
2024-09-19 17:34:17
Tags
Submit Tags
URL
salaobeaumontt.com.br/verification/INTERAC/UpdateVerifyPrss!/TangerineBank/?key=d9137167bd64e20ac849bfb4b9d4c9d4804cd98c
Finishing URL
salaobeaumontt.com.br/verification/INTERAC/UpdateVerifyPrss!/TangerineBank/?key=d9137167bd64e20ac849bfb4b9d4c9d4804cd98c
IP / ASN
172.67.183.86
#13335 CLOUDFLARENET
Title
Login | Tangerine

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-09-18 18:12:18	327 B	888 B	23.36.76.249
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17 22:46:33	2024-09-19 07:30:25	1.0 kB	85 kB	104.17.25.14
static.cloudflareinsights.com	1294	2019-08-30	2019-09-24 16:34:56	2024-09-19 08:36:58	506 B	84 kB	104.16.79.73
www.tangerine.ca	384473	2006-12-06	2014-04-09 18:26:47	2024-09-19 18:40:18	433 B	4.3 kB	23.44.47.8
salaobeaumontt.com.br	unknown	2022-04-06	2016-02-11 23:29:18	2024-09-19 18:39:56	1.8 kB	16 kB	104.21.18.204

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-09-19	medium	salaobeaumontt.com.br	Sinkholed
2024-09-19	medium	salaobeaumontt.com.br	Sinkholed
2024-09-19	medium	salaobeaumontt.com.br	Sinkholed

ThreatFox

No alerts detected

JavaScript (1)

	URL	From	Size	First Seen	Last Seen
	static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015	ScriptElement	20 kB	2024-06-07	2025-07-25
Pretty URL static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 IP 104.16.79.73 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-06-07 09:21 Last Seen2025-07-25 03:33 Times Seen97736 Hash ec18af6d41f6f278b6aed3bdabffa7bc 62c9e2cab76b888829f3c5335e91c320b22329ae 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f Loading...

HTTP Transactions (8)

URL IP Response Size

r10.o.lencr.org/

23.36.76.249

504 B

URL
r10.o.lencr.org/
IP
23.36.76.249:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
946bd983da8ed3f6d5c12abcab5273e0
eaf94210f1202240080722b9f0a78aa64b6cc1b3
f772e410f6d95169a72a7473bf8ff96f7c642b0e8cd820c34b9debdfc367c44e

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "F772E410F6D95169A72A7473BF8FF96F7C642B0E8CD820C34B9DEBDFC367C44E"
Last-Modified: Tue, 17 Sep 2024 14:37:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13497
Expires: Thu, 19 Sep 2024 21:18:49 GMT
Date: Thu, 19 Sep 2024 17:33:52 GMT
Connection: keep-alive

GET cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

104.17.25.14

200 OK

5.6 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salaobeaumontt.com.br/verification/INTERAC/UpdateVerifyPrss!/TangerineBank/?key=d9137167bd64e20ac849bfb4b9d4c9d4804cd98c
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint00:EC:C6:E9:D9:C1:6D:05:88:6E:33:AF:3B:E7:7B:86:81:20:66:CA
ValidityWed, 31 Jul 2024 04:16:10 GMT - Tue, 29 Oct 2024 04:16:09 GMT

File type
ASCII text, with very long lines (30837)
Size
5.6 kB (5631 bytes)
Hash
269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

HTTP Headers

GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://salaobeaumontt.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 19 Sep 2024 17:33:53 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 79242
expires: Tue, 09 Sep 2025 17:33:53 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hZJXrCcgqREHpsTEohe4w4zdK5RLnSdIu2a7R2d1OKvehaJSYvLugnyxYECtXniftumflWy%2B%2BQEOTPs8PgMBF44RZWqUH1IFYTB6kxolF%2BnDOZcCS%2Bfj6Zli3Cne7KneAANnZlRy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8c5b52c64cc656c6-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

104.16.79.73

200 OK

84 kB

URL GET HTTP/2
static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
IP
104.16.79.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salaobeaumontt.com.br/verification/INTERAC/UpdateVerifyPrss!/TangerineBank/?key=d9137167bd64e20ac849bfb4b9d4c9d4804cd98c
Certificate
IssuerGoogle Trust Services
Subjectcloudflareinsights.com
FingerprintFB:0A:B6:18:33:15:47:A9:D8:B5:ED:D3:1B:EE:13:FF:3F:80:C4:E6
ValidityTue, 03 Sep 2024 08:38:23 GMT - Mon, 02 Dec 2024 08:38:22 GMT

File type
gzip compressed data, from Unix
Size
84 kB (84038 bytes)
Hash
9cb1e17e9b52fd58ca2e7c723b39d134
23da4529d25d5234a63b02ff5d76b4b830c9238b
51c89f2e10a738481ceffa710ade67ec98a5da277054e536e883c0c78c2a5c4c

HTTP Headers

GET /beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://salaobeaumontt.com.br
DNT: 1
Connection: keep-alive
Referer: https://salaobeaumontt.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 19 Sep 2024 17:33:53 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/"2024.6.1"
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 8c5b52c65dffb4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

GET www.tangerine.ca/app/favicon.ico

23.44.47.8

2.4 kB

URL GET
www.tangerine.ca/app/favicon.ico
IP
23.44.47.8:0
ASN
#7545 TPG Telecom Limited

Requested by
https://salaobeaumontt.com.br/verification/INTERAC/UpdateVerifyPrss!/TangerineBank/?key=d9137167bd64e20ac849bfb4b9d4c9d4804cd98c
Certificate
IssuerDigiCert Inc
Subjectwww.tangerine.ca
Fingerprint61:C5:20:BB:C7:9F:29:7F:09:10:23:8D:70:5E:21:00:1F:42:B3:E5
ValidityWed, 21 Feb 2024 00:00:00 GMT - Thu, 07 Nov 2024 23:59:59 GMT

File type
MS Windows icon resource - 4 icons, 64x64, 32 bits/pixel, 32x32, 32 bits/pixel
Size
2.4 kB (2439 bytes)
Hash
b67eb16e142894e094046a5e21e31c93
62e40c68884164eacc75afb3f53248dae641aaf3
4d65452dc9d4b2047e8feaa4c19d1aee1d2676e57edb96eaff15d31f79e908f2

HTTP Headers

GET /app/favicon.ico HTTP/1.1
Host: www.tangerine.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://salaobeaumontt.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: https://www.tangerine.ca
x-frame-options: DENY
content-security-policy: default-src *.tangerine.ca; script-src 'self' *.twitter.com *.googleapis.com *.iovation.com *.cloudfront.net *.iesnare.com *.plaid.com *.tangerine.ca *.kampyle.com *.facebook.net *.ceros.com *.google-analytics.com *.googletagmanager.com *.fintelconnect.com *.amazon-adsystem.com *.google.com *.gstatic.com 'unsafe-inline' 'unsafe-eval'; style-src *.tangerine.ca *.kampyle.com *.googletagmanager.com *.googleapis.com 'unsafe-inline' 'unsafe-eval'; img-src *.iesnare.com *.googleapis.com *.google-analytics.com *.doubleclick.net *.kampyle.com *.cloudfront.net *.gstatic.com *.facebook.com *.doubleclick.net *.tangerine.ca data:; object-src *.iesnare.com *.tangerine.ca; font-src *.tangerine.ca *.kampyle.com *.gstatic.com *.googleapis.com 'self' data:; media-src *.tangerine.ca; frame-src *.iesnare.com *.e-signlive.ca *.memcyco.com *.plaid.com *.ceros.com *.kampyle.com *.youtube.com *.doubleclick.net *.tangerine.ca *.google.com *.amazon-adsystem.com; connect-src 'self' *.iesnare.com *.tangerine.ca *.doubleclick.net *.cloudfront.net *.plaid.com *.kampyle.com *.google-analytics.com *.cookielaw.org *.onetrust.com *.googleapis.com *.google.com *.amazon-adsystem.com *.amazon; frame-ancestors *.tangerine.ca; worker-src 'self' blob:; child-src 'self' blob:;
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
last-modified: Wed, 28 Aug 2024 14:09:01 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
server-timing: dtSInfo;desc="0", dtRpid;desc="1976273044"
content-length: 2439
content-type: image/x-icon
cache-control: private, max-age=813261
expires: Sun, 29 Sep 2024 03:28:14 GMT
date: Thu, 19 Sep 2024 17:33:53 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2

POST salaobeaumontt.com.br/cdn-cgi/rum?

104.21.18.204

204 No Content

0 B

URL POST HTTP/3
salaobeaumontt.com.br/cdn-cgi/rum?
IP
104.21.18.204:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salaobeaumontt.com.br/verification/INTERAC/UpdateVerifyPrss!/TangerineBank/?key=d9137167bd64e20ac849bfb4b9d4c9d4804cd98c
Certificate
IssuerGoogle Trust Services
Subjectsalaobeaumontt.com.br
FingerprintD7:D6:F1:FA:FF:9E:0B:9C:87:A7:D0:84:0A:D0:4D:7D:1C:7A:63:7A
ValidityMon, 16 Sep 2024 03:43:10 GMT - Sun, 15 Dec 2024 03:43:09 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: salaobeaumontt.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1200
Origin: https://salaobeaumontt.com.br
DNT: 1
Connection: keep-alive
Referer: https://salaobeaumontt.com.br/verification/INTERAC/UpdateVerifyPrss!/TangerineBank/?key=d9137167bd64e20ac849bfb4b9d4c9d4804cd98c
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
date: Thu, 19 Sep 2024 17:33:53 GMT
access-control-allow-origin: https://salaobeaumontt.com.br
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 8c5b52c8cd6d62b9-HAM
x-frame-options: DENY
x-content-type-options: nosniff

GET salaobeaumontt.com.br/verification/INTERAC/UpdateVerifyPrss!/files/logo_CA000614_FULL_IMAGE.svg

104.21.18.204

200 OK

7.1 kB

URL GET HTTP/3
salaobeaumontt.com.br/verification/INTERAC/UpdateVerifyPrss!/files/logo_CA000614_FULL_IMAGE.svg
IP
104.21.18.204:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salaobeaumontt.com.br/verification/INTERAC/UpdateVerifyPrss!/TangerineBank/?key=d9137167bd64e20ac849bfb4b9d4c9d4804cd98c
Certificate
IssuerGoogle Trust Services
Subjectsalaobeaumontt.com.br
FingerprintD7:D6:F1:FA:FF:9E:0B:9C:87:A7:D0:84:0A:D0:4D:7D:1C:7A:63:7A
ValidityMon, 16 Sep 2024 03:43:10 GMT - Sun, 15 Dec 2024 03:43:09 GMT

File type
SVG Scalable Vector Graphics image
Size
7.1 kB (7148 bytes)
Hash
9e5507062242352e84594d5aa5696f36
72548d9a43d849848f5ca10ad12aab7cf6856d90
ee6d0948f5ec58535976dd107b40f22c3866029dea7ffef548d508e3bdaf200c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /verification/INTERAC/UpdateVerifyPrss!/files/logo_CA000614_FULL_IMAGE.svg HTTP/1.1
Host: salaobeaumontt.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://salaobeaumontt.com.br/verification/INTERAC/UpdateVerifyPrss!/TangerineBank/?key=d9137167bd64e20ac849bfb4b9d4c9d4804cd98c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 19 Sep 2024 17:33:53 GMT
content-type: image/svg+xml
last-modified: Wed, 22 Jun 2022 10:16:34 GMT
cache-control: max-age=14400
cf-cache-status: MISS
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GLWq1EyHXte10ZfK7lzrE0kPVeCJXM7%2F6LvwUYPjSFkLGVrk5Fiq0Zy09ltaUpUUhtzMK%2BcZN3j0WgNfZ%2FEoZETDxu%2F2uTTwD3BW65vhUoiK%2FYV0%2BLTr%2Fq%2Fax1M9rvNQevYZzp8M8EU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains
server: cloudflare
cf-ray: 8c5b52c6293d62b9-HAM
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

104.17.25.14

200 OK

77 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://salaobeaumontt.com.br/verification/INTERAC/UpdateVerifyPrss!/TangerineBank/?key=d9137167bd64e20ac849bfb4b9d4c9d4804cd98c
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint00:EC:C6:E9:D9:C1:6D:05:88:6E:33:AF:3B:E7:7B:86:81:20:66:CA
ValidityWed, 31 Jul 2024 04:16:10 GMT - Tue, 29 Oct 2024 04:16:09 GMT

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

HTTP Headers

GET /ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://salaobeaumontt.com.br
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 19 Sep 2024 17:33:53 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 77160
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5eb03e5f-12d68"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 3173
expires: Tue, 09 Sep 2025 17:33:53 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0rkwG67gWHdVVQXsxn8%2Buez54JaALVt9Sg86PZkHtWaSbxn5Kvm6VVqdVxsBmU1jg5OqHamScSpBD1kj%2BvvOgT0UNucMbgb%2FaziCpYWV19%2FCZaYojcQeP0G0UslJIm2EEDITvs8R"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8c5b52c719a55687-OSL
alt-svc: h3=":443"; ma=86400

GET salaobeaumontt.com.br/verification/INTERAC/UpdateVerifyPrss!/TangerineBank/?key=d9137167bd64e20ac849bfb4b9d4c9d4804cd98c

104.21.18.204

200 OK

6.9 kB

URL User Request GET HTTP/2
salaobeaumontt.com.br/verification/INTERAC/UpdateVerifyPrss!/TangerineBank/?key=d9137167bd64e20ac849bfb4b9d4c9d4804cd98c
IP
104.21.18.204:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectsalaobeaumontt.com.br
FingerprintD7:D6:F1:FA:FF:9E:0B:9C:87:A7:D0:84:0A:D0:4D:7D:1C:7A:63:7A
ValidityMon, 16 Sep 2024 03:43:10 GMT - Sun, 15 Dec 2024 03:43:09 GMT

File type
HTML document, ASCII text, with very long lines (7648), with no line terminators
Size
6.9 kB (6888 bytes)
Hash
b24a29be9bd81d19f64d61465b6390da
6f6046bed64a5af923a9441195976e859fcdfa31
91884220176e3307dd5f5c08d8b519ec6ac795727a45b0c1a668da77d7273fc9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /verification/INTERAC/UpdateVerifyPrss!/TangerineBank/?key=d9137167bd64e20ac849bfb4b9d4c9d4804cd98c HTTP/1.1
Host: salaobeaumontt.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 19 Sep 2024 17:33:52 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oQ9ojSQVQFRq%2FMWn2CJ%2B%2BnDaiEgfXPY38AOcBSdoYFJjqbfXJudDY5rpqNal8nHowET%2FpnfCr1QAz9K3FrANKZ0lQ8qJU%2FpSQt2TX12vPonrnaP31Qp53CVpgtcQZZyHUP%2F0DpuVbKI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 8c5b52c25a7b62ef-HAM
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (1)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (8)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL POST HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate