dfeagagegasss.web.app Open in urlscan Pro
2620:0:890::100 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://dfeagagegasss.web.app/
Submission: On August 28 via automatic, source openphish (August 28th 2023, 2:38:08 am UTC) — Scanned from DE

Summary HTTP 44 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 8 domains to perform 44 HTTP transactions. The main IP is 2620:0:890::100, located in United States and belongs to FASTLY, US. The main domain is dfeagagegasss.web.app.
TLS certificate: Issued by GTS CA 1D4 on July 10th 2023. Valid for: 3 months.

This is the only time dfeagagegasss.web.app was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Realize (Financial)

Domain & IP information

	IP Address	AS Autonomous System
4	2620:0:890::100 2620:0:890::100	54113 (FASTLY) (FASTLY)
16	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	18.231.42.49 18.231.42.49	16509 (AMAZON-02) (AMAZON-02)
8	200.248.113.245 200.248.113.245	4230 (CLARO S.A.) (CLARO S.A.)
4	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	16.12.0.48 16.12.0.48	16509 (AMAZON-02) (AMAZON-02)
44	8

4 2620:0:890::100 (United States)

ASN54113 (FASTLY, US)

dfeagagegasss.web.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rfeageagasg.web.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.231.42.49 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-231-42-49.sa-east-1.compute.amazonaws.com

cdn.pmweb.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 200.248.113.245 (Gravataí, Brazil)

ASN4230 (CLARO S.A., BR)

www.realizesolucoesfinanceiras.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 16.12.0.48 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: s3-sa-east-1.amazonaws.com

s3-sa-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	gstatic.com www.gstatic.com	360 KB
8	google.com www.google.com — Cisco Umbrella Rank: 2	69 KB
8	realizesolucoesfinanceiras.com.br www.realizesolucoesfinanceiras.com.br	385 KB
4	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	62 KB
4	web.app dfeagagegasss.web.app rfeageagasg.web.app	819 KB
2	pmweb.com.br cdn.pmweb.com.br — Cisco Umbrella Rank: 388092	19 KB
1	amazonaws.com s3-sa-east-1.amazonaws.com	516 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	21 KB
44	8

	Domain	Requested by
16	www.gstatic.com	dfeagagegasss.web.app www.google.com
8	www.google.com	dfeagagegasss.web.app
8	www.realizesolucoesfinanceiras.com.br	dfeagagegasss.web.app
4	cdnjs.cloudflare.com	dfeagagegasss.web.app
3	dfeagagegasss.web.app	dfeagagegasss.web.app
2	cdn.pmweb.com.br	dfeagagegasss.web.app
1	s3-sa-east-1.amazonaws.com	dfeagagegasss.web.app
1	www.google-analytics.com	dfeagagegasss.web.app
1	rfeageagasg.web.app	dfeagagegasss.web.app
44	9

This site contains links to these domains. Also see Links.

Domain
www.realizesolucoesfinanceiras.com.br
www.lojasrenner.com.br
www.google.com
play.google.com
apps.apple.com
rennerchat.flexcontact.com.br
wa.me

Subject Issuer	Validity	Valid
web.app GTS CA 1D4	`2023-07-10` - `2023-10-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.pmweb.com.br Amazon RSA 2048 M02	`2023-07-20` - `2024-08-16`	a year	crt.sh
*.realizesolucoesfinanceiras.com.br Sectigo RSA Domain Validation Secure Server CA	`2023-02-27` - `2024-03-29`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.s3-sa-east-1.amazonaws.com Amazon RSA 2048 M01	`2023-04-11` - `2024-02-07`	10 months	crt.sh
*.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://dfeagagegasss.web.app/
Frame ID: F3906B7C967EC77021BE8228D2931617
Requests: 23 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcNwW8UAAAAAJ8eSLfer6Z8Lm28favadVWPryjV&co=aHR0cHM6Ly93d3cucmVhbGl6ZXNvbHVjb2VzZmluYW5jZWlyYXMuY29tLmJyOjQ0Mw..&hl=pt-BR&v=PRMRaAwB3KlylGQR57Dyk-pF&size=invisible&badge=inline&cb=w8nbvdy4oe3d
Frame ID: A725DB6AFEAE8DB73EAB496049C8E3D4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcNwW8UAAAAAJ8eSLfer6Z8Lm28favadVWPryjV&co=aHR0cHM6Ly93d3cucmVhbGl6ZXNvbHVjb2VzZmluYW5jZWlyYXMuY29tLmJyOjQ0Mw..&hl=pt-BR&v=PRMRaAwB3KlylGQR57Dyk-pF&size=invisible&badge=inline&cb=w8nbvdy4oe3d
Frame ID: 430B4FA5904829026884334138107A8E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=pt-BR&v=PRMRaAwB3KlylGQR57Dyk-pF&k=6LcNwW8UAAAAAJ8eSLfer6Z8Lm28favadVWPryjV
Frame ID: 8BEBEE4A4B7C00D9BF54F0106A4973FD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=pt-BR&v=PRMRaAwB3KlylGQR57Dyk-pF&k=6LdEFCYUAAAAAC1Rh720cXamDZUowCeVugk96fj5
Frame ID: 9534A10FA8C81D459980028EE3165E35
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=pt-BR&v=PRMRaAwB3KlylGQR57Dyk-pF&k=6LcNwW8UAAAAAJ8eSLfer6Z8Lm28favadVWPryjV
Frame ID: 3E0D62D19A43BCC40C18491E9861A907
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=pt-BR&v=PRMRaAwB3KlylGQR57Dyk-pF&k=6LdEFCYUAAAAAC1Rh720cXamDZUowCeVugk96fj5
Frame ID: DF9A777B5A186300E585549746CED679
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=pt-BR&v=PRMRaAwB3KlylGQR57Dyk-pF&k=6LcNwW8UAAAAAJ8eSLfer6Z8Lm28favadVWPryjV
Frame ID: F8F758CF07A4DE919A792A6368EFBDEF
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Cartões Renner

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

44
Requests

100 %
HTTPS

63 %
IPv6

8
Domains

9
Subdomains

8
IPs

3
Countries

1734 kB
Transfer

4247 kB
Size

2
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://www.realizesolucoesfinanceiras.com.br/site/

Search URL Search Domain Scan URL

URL: http://www.lojasrenner.com.br/
Title: ir para a loja virtual

Search URL Search Domain Scan URL

URL: https://www.google.com/intl/en/policies/privacy/
Title: Termos

Search URL Search Domain Scan URL

URL: https://www.google.com/intl/en/policies/terms/
Title: Privacidade

Search URL Search Domain Scan URL

URL: https://www.realizesolucoesfinanceiras.com.br/cartoes-renner/login/portal-negociacao
Title: conheça o portal de negociação

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=br.com.lojasrenner&hl=pt-BR

Search URL Search Domain Scan URL

URL: https://apps.apple.com/br/app/lojas-renner-roupas-perfumes/id567763947

Search URL Search Domain Scan URL

URL: https://www.realizesolucoesfinanceiras.com.br/site/cartao_renner/
Title: Cartão Renner

Search URL Search Domain Scan URL

URL: https://www.realizesolucoesfinanceiras.com.br/site/meu-cartao/
Title: Meu Cartão

Search URL Search Domain Scan URL

URL: https://www.realizesolucoesfinanceiras.com.br/site/app_cartao_renner/
Title: Quero Cartão Renner

Search URL Search Domain Scan URL

URL: https://www.realizesolucoesfinanceiras.com.br/site/contato
Title: Contato

Search URL Search Domain Scan URL

URL: https://www.realizesolucoesfinanceiras.com.br/site/institucional
Title: Institucional

Search URL Search Domain Scan URL

URL: https://www.realizesolucoesfinanceiras.com.br/cartoes-renner/duvidas-frequentes/cartao-renner
Title: Cartão Renner

Search URL Search Domain Scan URL

URL: https://www.realizesolucoesfinanceiras.com.br/cartoes-renner/duvidas-frequentes/meu-cartao
Title: Meu Cartão

Search URL Search Domain Scan URL

URL: https://www.realizesolucoesfinanceiras.com.br/site/perguntas-frequentes
Title: Saque Rápido e Seguros

Search URL Search Domain Scan URL

URL: https://www.realizesolucoesfinanceiras.com.br/images/relatorio-governanca/download/2d74c7a135c98327b39e82f8638a6437.pdf
Title: Privacidade e Segurança

Search URL Search Domain Scan URL

URL: https://www.realizesolucoesfinanceiras.com.br/site/central-negociacao
Title: Central de Negociação

Search URL Search Domain Scan URL

URL: https://www.realizesolucoesfinanceiras.com.br/cartoes-renner/login
Title: Acessa Sua Conta

Search URL Search Domain Scan URL

URL: https://rennerchat.flexcontact.com.br/RennerChat_DeficientesAuditivos/
Title: Para acessar o canal de atendimento por vídeo, clique aqui.

Search URL Search Domain Scan URL

URL: https://wa.me/555139214004?text=Oi,%20Clara
Title: +55 (51) 3921 4004

Search URL Search Domain Scan URL

URL: https://www.realizesolucoesfinanceiras.com.br/uploads/institucional_cadastro/20/AtendimentoAuditivosFala.pdf
Title: Orientações para Representantes de Deficientes Auditivos ou de Fala

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

44 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
dfeagagegasss.web.app/ 688 KB
64 KB 53ms
8ms Document
text/html 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://dfeagagegasss.web.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5926b8a8e637c4024cd8ad9fee2b6ed2d03458724268e8da69d32370147aea50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=3600
content-encoding: br
content-length: 65629
content-type: text/html; charset=utf-8
date: Mon, 28 Aug 2023 02:38:01 GMT
etag: "6231884f7cf844f52a131a2034fad57d824499242f86502f1bf366152e6d885e-br"
last-modified: Sun, 27 Aug 2023 21:43:43 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
x-cache-hits: 1
x-served-by: cache-fra-eddf8230094-FRA
x-timer: S1693190282.585399,VS0,VE1

GET
H2 200 recaptcha__pt_br.js Show response
www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/ 441 KB
178 KB 39ms
9ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/recaptcha__pt_br.js

Requested by

Host: dfeagagegasss.web.app
URL: https://dfeagagegasss.web.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54d1a61d6215692d68349ef1e4eaad316d113a24a0c0a29ddbcc7e000613fcfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dfeagagegasss.web.app/
Origin: https://dfeagagegasss.web.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 23:49:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10087
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 181245
x-xss-protection: 0
last-modified: Sun, 06 Aug 2023 12:02:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 26 Aug 2024 23:49:54 GMT

GET
H/1.1 200
OK tag.js Show response
cdn.pmweb.com.br/df/ 22 KB
9 KB 823ms
198ms Script
application/javascript 18.231.42.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.pmweb.com.br/df/tag.js?id=PM-N2FTFQ

Requested by

Host: dfeagagegasss.web.app
URL: https://dfeagagegasss.web.app/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.231.42.49 São Paulo, Brazil, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-231-42-49.sa-east-1.compute.amazonaws.com

Software

nginx /

Resource Hash

94c081e2ae2f0618d1661bb9267a2ae65addb921bef6464fb1dd7169bd5f55c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfeagagegasss.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 02:38:02 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Last-Modified: Mon, 21 Aug 2023 21:05:17 GMT
Server: nginx
ETag: W/"64e3d18d-587b"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=300
Connection: keep-alive
Content-Length: 9197
Expires: Mon, 28 Aug 2023 02:43:02 GMT

GET
H2 200 script.js Show response
rfeageagasg.web.app/ 7 KB
2 KB 75ms
7ms Script
text/javascript 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://rfeageagasg.web.app/script.js

Requested by

Host: dfeagagegasss.web.app
URL: https://dfeagagegasss.web.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

995efd7054d5c17ceb16d65061b113ee8bacc8feec0cecb70bb276c387bbac7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfeagagegasss.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230094-FRA
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Mon, 28 Aug 2023 02:38:01 GMT
last-modified: Sun, 27 Aug 2023 21:52:37 GMT
x-timer: S1693190282.667488,VS0,VE1
etag: "beb734a88a3c8c4fade754f9ee858f8af6b306938185391eb0d7d905e8c500f6-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2340
x-cache-hits: 1

GET
H/1.1 200
OK 3.bundle-b50fd5103304ce6835d8.js Show response
www.realizesolucoesfinanceiras.com.br/cartoes-renner/js/ 0
0 1750ms
257ms Script
text/html 200.248.113.245
CLARO S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://www.realizesolucoesfinanceiras.com.br/cartoes-renner/js/3.bundle-b50fd5103304ce6835d8.js
Requested by: Host: dfeagagegasss.web.app
URL: https://dfeagagegasss.web.app/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.248.113.245 Gravataí, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfeagagegasss.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H/1.1 200
OK 2.bundle-f1f55db44dc2d8d8d302.js Show response
www.realizesolucoesfinanceiras.com.br/cartoes-renner/js/ 0
0 1757ms
258ms Script
text/html 200.248.113.245
CLARO S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://www.realizesolucoesfinanceiras.com.br/cartoes-renner/js/2.bundle-f1f55db44dc2d8d8d302.js
Requested by: Host: dfeagagegasss.web.app
URL: https://dfeagagegasss.web.app/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.248.113.245 Gravataí, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfeagagegasss.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ 85 KB
28 KB 32ms
12ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: dfeagagegasss.web.app
URL: https://dfeagagegasss.web.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfeagagegasss.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 02:38:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1590911
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27501
last-modified: Thu, 22 Jun 2023 11:06:06 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942b1e-6b6d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QbAjuJBgINI53ofXHvm29yLJffz4bmbV24kiORKahN7yI7SVB%2FzPWvi%2BQBuGuiAQLKTPP6h0iCaQd5SkFYXHSaFMjAcEucievek6dhyWAKXFD6%2BI9G8WvC52ICmSGjelpjeh%2BYYthApVtbsWdo%2FSDTI8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7fd92cfc4ea0372d-FRA
expires: Sat, 17 Aug 2024 02:38:01 GMT

GET
H2 200 jquery.mask.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.11/ 8 KB
3 KB 36ms
17ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.11/jquery.mask.min.js

Requested by

Host: dfeagagegasss.web.app
URL: https://dfeagagegasss.web.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f81fd50565c42b28d0c131ee55dce21472cfe3ef3f5572e04f279b9898149d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfeagagegasss.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 02:38:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 6580410
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2995
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-1f33"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ZoXZT9Y7pR5yNB%2BX1lltDP5ekWlqMyfY8o%2FfV5fpN%2F7PjCYanocT8QqS2VmjdR52LAtagCMTQMQXwUIt%2BGUilp1zLBMeJa8InHf544PVI6Hq%2F8MCEV0JNSBdyjg1e%2BHhhrLAiGrfm7fteNcVK33zCYc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7fd92cfc4ea2372d-FRA
expires: Sat, 17 Aug 2024 02:38:01 GMT

GET
H/1.1 200
OK google-play-badge-reverse.svg
www.realizesolucoesfinanceiras.com.br/cartoes-renner/vectors/ 11 KB
5 KB 666ms
237ms Image
image/svg+xml 200.248.113.245
CLARO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.realizesolucoesfinanceiras.com.br/cartoes-renner/vectors/google-play-badge-reverse.svg

Requested by

Host: dfeagagegasss.web.app
URL: https://dfeagagegasss.web.app/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

200.248.113.245 Gravataí, Brazil, ASN4230 (CLARO S.A., BR),

Reverse DNS

Software

Resource Hash

e946d863a136a09089fd275d574ff3346bad8327d4ef378c06af35872d9fe56d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfeagagegasss.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 02:38:03 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Wed, 26 Jul 2023 19:15:25 GMT
ETag: W/"64c170cd-2a25"
Vary: Accept-Encoding
X-Frame-Options: deny
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Cache-Control: max-age=315360000
Connection: keep-alive
Server-Timing: dtSInfo;desc="0", dtRpid;desc="28067207"
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK celular-login.png
www.realizesolucoesfinanceiras.com.br/cartoes-renner/images/ 152 KB
153 KB 692ms
259ms Image
image/png 200.248.113.245
CLARO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.realizesolucoesfinanceiras.com.br/cartoes-renner/images/celular-login.png

Requested by

Host: dfeagagegasss.web.app
URL: https://dfeagagegasss.web.app/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

200.248.113.245 Gravataí, Brazil, ASN4230 (CLARO S.A., BR),

Reverse DNS

Software

Resource Hash

7db4ada57262fbacd47bef4e96e3cedda276b9267e6ca4d20adeeb1c24d870b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfeagagegasss.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 02:38:03 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Wed, 26 Jul 2023 19:15:25 GMT
ETag: "64c170cd-25e28"
X-Frame-Options: deny
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1955361209"
Accept-Ranges: bytes
Content-Length: 155176
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK google-play-badge.svg
www.realizesolucoesfinanceiras.com.br/cartoes-renner/vectors/ 11 KB
5 KB 725ms
256ms Image
image/svg+xml 200.248.113.245
CLARO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.realizesolucoesfinanceiras.com.br/cartoes-renner/vectors/google-play-badge.svg

Requested by

Host: dfeagagegasss.web.app
URL: https://dfeagagegasss.web.app/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

200.248.113.245 Gravataí, Brazil, ASN4230 (CLARO S.A., BR),

Reverse DNS

Software

Resource Hash

8827f96ace2afe4aeff4c33db4ac86193f38a62cb30d9fbba949e0b72c2a55ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfeagagegasss.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 02:38:03 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Wed, 26 Jul 2023 19:15:25 GMT
ETag: W/"64c170cd-2a22"
Vary: Accept-Encoding
X-Frame-Options: deny
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Cache-Control: max-age=315360000
Connection: keep-alive
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1374559761"
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK app-store-badge.svg
www.realizesolucoesfinanceiras.com.br/cartoes-renner/vectors/ 14 KB
4 KB 905ms
238ms Image
image/svg+xml 200.248.113.245
CLARO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.realizesolucoesfinanceiras.com.br/cartoes-renner/vectors/app-store-badge.svg

Requested by

Host: dfeagagegasss.web.app
URL: https://dfeagagegasss.web.app/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

200.248.113.245 Gravataí, Brazil, ASN4230 (CLARO S.A., BR),

Reverse DNS

Software

Resource Hash

3dd08d21a5c010294a50355af3565a50d08ea4aef83e822114be29171209f109

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfeagagegasss.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 02:38:04 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Wed, 26 Jul 2023 19:15:25 GMT
ETag: W/"64c170cd-37b6"
Vary: Accept-Encoding
X-Frame-Options: deny
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Cache-Control: max-age=315360000
Connection: keep-alive
Server-Timing: dtSInfo;desc="0", dtRpid;desc="726726898"
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 30ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: dfeagagegasss.web.app
URL: https://dfeagagegasss.web.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfeagagegasss.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 28 Aug 2023 01:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2900
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 28 Aug 2023 03:49:43 GMT

GET
H/1.1 200
OK vendors.bundle-859d26788acf215a201a.js Show response
www.realizesolucoesfinanceiras.com.br/cartoes-renner/js/ 670 KB
218 KB 252ms
252ms Script
application/javascript 200.248.113.245
CLARO S.A.

General

Check archive.org

Show headers Download Go to

Full URL

https://www.realizesolucoesfinanceiras.com.br/cartoes-renner/js/vendors.bundle-859d26788acf215a201a.js

Requested by

Host: dfeagagegasss.web.app
URL: https://dfeagagegasss.web.app/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

200.248.113.245 Gravataí, Brazil, ASN4230 (CLARO S.A., BR),

Reverse DNS

Software

Resource Hash

1ad62b00c3254649d6f6b6f55525d1c33c7c021bfa3f03b6ce707aac96ccc8e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfeagagegasss.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 02:38:03 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Wed, 26 Jul 2023 19:15:25 GMT
ETag: W/"64c170cd-a78a6"
Vary: Accept-Encoding
X-Frame-Options: deny
Content-Type: application/javascript
Transfer-Encoding: chunked
Cache-Control: max-age=315360000
Connection: keep-alive
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1521528743"
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK main.bundle-af99510fd5623f73dd00.js Show response
www.realizesolucoesfinanceiras.com.br/cartoes-renner/js/ 0
0 668ms
238ms Script
text/html 200.248.113.245
CLARO S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://www.realizesolucoesfinanceiras.com.br/cartoes-renner/js/main.bundle-af99510fd5623f73dd00.js
Requested by: Host: dfeagagegasss.web.app
URL: https://dfeagagegasss.web.app/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.248.113.245 Gravataí, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfeagagegasss.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 81ms
57ms Script
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onLoadRecaptcha&render=explicit&hl=pt-BR

Requested by

Host: dfeagagegasss.web.app
URL: https://dfeagagegasss.web.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

264587d2318e6db0e79047f72827194adbbb3bd33db8b9d1d9bc4a7374539100

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfeagagegasss.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 02:38:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 860
x-xss-protection: 1; mode=block
expires: Mon, 28 Aug 2023 02:38:03 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame A725 55 KB
31 KB 45ms
40ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcNwW8UAAAAAJ8eSLfer6Z8Lm28favadVWPryjV&co=aHR0cHM6Ly93d3cucmVhbGl6ZXNvbHVjb2VzZmluYW5jZWlyYXMuY29tLmJyOjQ0Mw..&hl=pt-BR&v=PRMRaAwB3KlylGQR57Dyk-pF&size=invisible&badge=inline&cb=w8nbvdy4oe3d

Requested by

Host: dfeagagegasss.web.app
URL: https://dfeagagegasss.web.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

81d4ca3c2375c265bace9d9c70b59b9712194fc830a4499c566affcfdf6c0e64

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UfV3s2CubgYgPYn-zwK7qA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dfeagagegasss.web.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 31444
content-security-policy: script-src 'report-sample' 'nonce-UfV3s2CubgYgPYn-zwK7qA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 02:38:03 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ 85 KB
27 KB 13ms
13ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: dfeagagegasss.web.app
URL: https://dfeagagegasss.web.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfeagagegasss.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 02:38:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1590913
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27501
last-modified: Thu, 22 Jun 2023 11:06:06 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942b1e-6b6d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QmJwuyScaajRsghZcSJjjsMgQZWsM2xUmkXPJq0rTjf%2B5fNbFb59ABFnxNZwUN3SII3rulxG49%2FTfo%2FA%2FNCUNC9OL%2Fl89rbufr3tkyrUS2QPNc5k8UjOqPFMGhqATjx3tZj5wLUwy4uwxQVNE%2BYXKc87"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7fd92d07588a372d-FRA
expires: Sat, 17 Aug 2024 02:38:03 GMT

GET
H3 200 jquery.mask.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.11/ 8 KB
4 KB 16ms
15ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.11/jquery.mask.min.js

Requested by

Host: dfeagagegasss.web.app
URL: https://dfeagagegasss.web.app/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f81fd50565c42b28d0c131ee55dce21472cfe3ef3f5572e04f279b9898149d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfeagagegasss.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 02:38:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 979458
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2996
last-modified: Thu, 22 Jun 2023 11:06:05 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942b1d-bb4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uQKSSLnhx5upB3Oaqf%2FljWqB5m68IJEJE0g53utWBuL%2FOEFiXvxKmbQim9Rq21leLnt8gj6Y72ooWd583uN5BiNl6s7m4YoQLSn%2BptQfelbm5Py9JqcFiJDo6%2BaiW6CeDApr6kYUv6Tzr%2FM1Tiy8yo1I"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7fd92d078c6d037c-FRA
expires: Sat, 17 Aug 2024 02:38:03 GMT

GET
H3 404 styles__ltr.css
www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/ Frame A725 0
0 41ms
23ms Stylesheet
text/html 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/styles__ltr.css
Requested by: Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcNwW8UAAAAAJ8eSLfer6Z8Lm28favadVWPryjV&co=aHR0cHM6Ly93d3cucmVhbGl6ZXNvbHVjb2VzZmluYW5jZWlyYXMuY29tLmJyOjQ0Mw..&hl=pt-BR&v=PRMRaAwB3KlylGQR57Dyk-pF&size=invisible&badge=inline&cb=w8nbvdy4oe3d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 404 recaptcha__pt_br.js
www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/ Frame A725 0
0 134ms
117ms Script
text/html 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/recaptcha__pt_br.js
Requested by: Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcNwW8UAAAAAJ8eSLfer6Z8Lm28favadVWPryjV&co=aHR0cHM6Ly93d3cucmVhbGl6ZXNvbHVjb2VzZmluYW5jZWlyYXMuY29tLmJyOjQ0Mw..&hl=pt-BR&v=PRMRaAwB3KlylGQR57Dyk-pF&size=invisible&badge=inline&cb=w8nbvdy4oe3d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 430B 55 KB
31 KB 45ms
44ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: dfeagagegasss.web.app
URL: https://dfeagagegasss.web.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fa36422ad6a4f8488bc693807a0f3d599922eeb4d25bc2352ff12bb5fd02551d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zNTHFpWuXEe0wCPnahkH2w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dfeagagegasss.web.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 31346
content-security-policy: script-src 'report-sample' 'nonce-zNTHFpWuXEe0wCPnahkH2w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 02:38:03 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 whatsapp.svg
dfeagagegasss.web.app/cartoes-renner/vectors/ 688 KB
64 KB 11ms
9ms Other
text/html 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://dfeagagegasss.web.app/cartoes-renner/vectors/whatsapp.svg

Requested by

Host: dfeagagegasss.web.app
URL: https://dfeagagegasss.web.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5926b8a8e637c4024cd8ad9fee2b6ed2d03458724268e8da69d32370147aea50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfeagagegasss.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230094-FRA
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Mon, 28 Aug 2023 02:38:03 GMT
last-modified: Sun, 27 Aug 2023 21:43:43 GMT
x-timer: S1693190283.468320,VS0,VE3
etag: "6231884f7cf844f52a131a2034fad57d824499242f86502f1bf366152e6d885e-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/html; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 65629
x-cache-hits: 1

GET
H/1.1 200
OK bg.png
s3-sa-east-1.amazonaws.com/frame-image-br/ 0
516 B 628ms
213ms Image
image/png 16.12.0.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-sa-east-1.amazonaws.com/frame-image-br/bg.png?x-id=real&x-r=
Requested by: Host: dfeagagegasss.web.app
URL: https://dfeagagegasss.web.app/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 16.12.0.48 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-sa-east-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfeagagegasss.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 02:38:04 GMT
Last-Modified: Thu, 04 May 2017 08:21:21 GMT
Server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:502/gname:staff/uname:user/gid:20/mode:33188/mtime:1493416832/atime:1493796970/md5:d41d8cd98f00b204e9800998ecf8427e/ctime:1493416832
x-amz-request-id: F1FP5JEKCGDFY0DK
ETag: "d41d8cd98f00b204e9800998ecf8427e"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 0
x-amz-id-2: J7UnXD4nZJ18OBMHiHN2EEESVFywENan17j8JZ5ydnRrjbIqA46iLhsn/DlD8+Um7Ns5Jf7qs1E=

GET
H2 200 bg-login.svg
dfeagagegasss.web.app/cartoes-renner/vectors/ 688 KB
688 KB 12ms
11ms Image
text/html 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dfeagagegasss.web.app/cartoes-renner/vectors/bg-login.svg

Requested by

Host: dfeagagegasss.web.app
URL: https://dfeagagegasss.web.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfeagagegasss.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230094-FRA
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Mon, 28 Aug 2023 02:38:03 GMT
last-modified: Sun, 27 Aug 2023 21:43:43 GMT
x-timer: S1693190283.471085,VS0,VE1
etag: "6231884f7cf844f52a131a2034fad57d824499242f86502f1bf366152e6d885e-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/html; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 65629
x-cache-hits: 1

GET
H3 404 styles__ltr.css
www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/ Frame 430B 0
0 171ms
170ms Stylesheet
text/html 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/styles__ltr.css
Requested by: Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcNwW8UAAAAAJ8eSLfer6Z8Lm28favadVWPryjV&co=aHR0cHM6Ly93d3cucmVhbGl6ZXNvbHVjb2VzZmluYW5jZWlyYXMuY29tLmJyOjQ0Mw..&hl=pt-BR&v=PRMRaAwB3KlylGQR57Dyk-pF&size=invisible&badge=inline&cb=w8nbvdy4oe3d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 404 recaptcha__pt_br.js
www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/ Frame 430B 0
0 94ms
94ms Script
text/html 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/recaptcha__pt_br.js
Requested by: Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcNwW8UAAAAAJ8eSLfer6Z8Lm28favadVWPryjV&co=aHR0cHM6Ly93d3cucmVhbGl6ZXNvbHVjb2VzZmluYW5jZWlyYXMuY29tLmJyOjQ0Mw..&hl=pt-BR&v=PRMRaAwB3KlylGQR57Dyk-pF&size=invisible&badge=inline&cb=w8nbvdy4oe3d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H/1.1 200
OK tag.js Show response
cdn.pmweb.com.br/df/ 22 KB
9 KB 198ms
198ms Script
application/javascript 18.231.42.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.pmweb.com.br/df/tag.js?id=PM-N2FTFQ

Requested by

Host: dfeagagegasss.web.app
URL: https://dfeagagegasss.web.app/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.231.42.49 São Paulo, Brazil, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-231-42-49.sa-east-1.compute.amazonaws.com

Software

nginx /

Resource Hash

94c081e2ae2f0618d1661bb9267a2ae65addb921bef6464fb1dd7169bd5f55c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfeagagegasss.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 02:38:04 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Last-Modified: Mon, 21 Aug 2023 21:05:17 GMT
Server: nginx
ETag: W/"64e3d18d-587b"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=300
Connection: keep-alive
Content-Length: 9197
Expires: Mon, 28 Aug 2023 02:43:04 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 8BEB 7 KB
1 KB 26ms
20ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=pt-BR&v=PRMRaAwB3KlylGQR57Dyk-pF&k=6LcNwW8UAAAAAJ8eSLfer6Z8Lm28favadVWPryjV

Requested by

Host: dfeagagegasss.web.app
URL: https://dfeagagegasss.web.app/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9488f000bdd5f272edc1655eb3883eee05571cc0bc96b33453afc02c28d28ef4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qvpqztB97hlit10aeye38g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dfeagagegasss.web.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1163
content-security-policy: script-src 'report-sample' 'nonce-qvpqztB97hlit10aeye38g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 02:38:04 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 9534 7 KB
1 KB 31ms
26ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=pt-BR&v=PRMRaAwB3KlylGQR57Dyk-pF&k=6LdEFCYUAAAAAC1Rh720cXamDZUowCeVugk96fj5

Requested by

Host: dfeagagegasss.web.app
URL: https://dfeagagegasss.web.app/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c11d35ef4a285a16816851b69613b83dee621045dcb3887907ec204ef1110fed

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ogsnIcGfOKBsE8XQrLOWIg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dfeagagegasss.web.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1162
content-security-policy: script-src 'report-sample' 'nonce-ogsnIcGfOKBsE8XQrLOWIg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 02:38:04 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 3E0D 7 KB
1 KB 24ms
20ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=pt-BR&v=PRMRaAwB3KlylGQR57Dyk-pF&k=6LcNwW8UAAAAAJ8eSLfer6Z8Lm28favadVWPryjV

Requested by

Host: dfeagagegasss.web.app
URL: https://dfeagagegasss.web.app/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

43eac2fa95d29590b8d70e84fe571972c4dcc8757299bcabfd7906f48fb25fd1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-O1Si6x0uq-b1GYibe9B2uA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dfeagagegasss.web.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1163
content-security-policy: script-src 'report-sample' 'nonce-O1Si6x0uq-b1GYibe9B2uA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 02:38:04 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame DF9A 7 KB
1 KB 25ms
23ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=pt-BR&v=PRMRaAwB3KlylGQR57Dyk-pF&k=6LdEFCYUAAAAAC1Rh720cXamDZUowCeVugk96fj5

Requested by

Host: dfeagagegasss.web.app
URL: https://dfeagagegasss.web.app/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

165ed42cca119291cdc6339e663362e3f2b7c9d6736ee9c6ffa4878061ea2b6a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cdEyWsS4Zgr59oV6GRKaQg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dfeagagegasss.web.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1160
content-security-policy: script-src 'report-sample' 'nonce-cdEyWsS4Zgr59oV6GRKaQg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 02:38:04 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame F8F7 7 KB
1 KB 25ms
24ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=pt-BR&v=PRMRaAwB3KlylGQR57Dyk-pF&k=6LcNwW8UAAAAAJ8eSLfer6Z8Lm28favadVWPryjV

Requested by

Host: dfeagagegasss.web.app
URL: https://dfeagagegasss.web.app/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1b6944668cdd7a70290c0fe0b9df97fd17105a50a42bec5fee434e4b0f4e3d9c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EgbZsh450jmHnojMzW2cWQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dfeagagegasss.web.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1164
content-security-policy: script-src 'report-sample' 'nonce-EgbZsh450jmHnojMzW2cWQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 02:38:04 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 recaptcha__pt_br.js Show response
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ 453 KB
182 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__pt_br.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onLoadRecaptcha&render=explicit&hl=pt-BR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c65a6437232aa7209941f6aea8e03ea12f10bb225e1b019575883bb83c9e3995

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dfeagagegasss.web.app/
Origin: https://dfeagagegasss.web.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 11:24:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 400421
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 186203
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 02:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Aug 2024 11:24:23 GMT

GET
H3 404 styles__ltr.css
www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/ Frame 8BEB 0
0 325ms
322ms Stylesheet
text/html 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/styles__ltr.css
Requested by: Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=pt-BR&v=PRMRaAwB3KlylGQR57Dyk-pF&k=6LcNwW8UAAAAAJ8eSLfer6Z8Lm28favadVWPryjV
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 404 recaptcha__pt_br.js
www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/ Frame 8BEB 0
0 63ms
60ms Script
text/html 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/recaptcha__pt_br.js
Requested by: Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=pt-BR&v=PRMRaAwB3KlylGQR57Dyk-pF&k=6LcNwW8UAAAAAJ8eSLfer6Z8Lm28favadVWPryjV
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 404 styles__ltr.css
www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/ Frame 3E0D 0
0 341ms
340ms Stylesheet
text/html 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/styles__ltr.css
Requested by: Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=pt-BR&v=PRMRaAwB3KlylGQR57Dyk-pF&k=6LcNwW8UAAAAAJ8eSLfer6Z8Lm28favadVWPryjV
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 404 recaptcha__pt_br.js
www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/ Frame 3E0D 0
0 381ms
379ms Script
text/html 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/recaptcha__pt_br.js
Requested by: Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=pt-BR&v=PRMRaAwB3KlylGQR57Dyk-pF&k=6LcNwW8UAAAAAJ8eSLfer6Z8Lm28favadVWPryjV
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 404 styles__ltr.css
www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/ Frame DF9A 0
0 655ms
654ms Stylesheet
text/html 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/styles__ltr.css
Requested by: Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=pt-BR&v=PRMRaAwB3KlylGQR57Dyk-pF&k=6LdEFCYUAAAAAC1Rh720cXamDZUowCeVugk96fj5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 404 recaptcha__pt_br.js
www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/ Frame DF9A 0
0 769ms
767ms Script
text/html 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/recaptcha__pt_br.js
Requested by: Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=pt-BR&v=PRMRaAwB3KlylGQR57Dyk-pF&k=6LdEFCYUAAAAAC1Rh720cXamDZUowCeVugk96fj5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 404 styles__ltr.css
www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/ Frame F8F7 0
0 598ms
597ms Stylesheet
text/html 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/styles__ltr.css
Requested by: Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=pt-BR&v=PRMRaAwB3KlylGQR57Dyk-pF&k=6LcNwW8UAAAAAJ8eSLfer6Z8Lm28favadVWPryjV
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 404 recaptcha__pt_br.js
www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/ Frame F8F7 0
0 595ms
594ms Script
text/html 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/recaptcha__pt_br.js
Requested by: Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=pt-BR&v=PRMRaAwB3KlylGQR57Dyk-pF&k=6LcNwW8UAAAAAJ8eSLfer6Z8Lm28favadVWPryjV
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 404 styles__ltr.css
www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/ Frame 9534 0
0 642ms
641ms Stylesheet
text/html 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/styles__ltr.css
Requested by: Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=pt-BR&v=PRMRaAwB3KlylGQR57Dyk-pF&k=6LdEFCYUAAAAAC1Rh720cXamDZUowCeVugk96fj5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 404 recaptcha__pt_br.js
www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/ Frame 9534 0
0 787ms
786ms Script
text/html 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/recaptcha__pt_br.js
Requested by: Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=pt-BR&v=PRMRaAwB3KlylGQR57Dyk-pF&k=6LdEFCYUAAAAAC1Rh720cXamDZUowCeVugk96fj5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Realize (Financial)

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.dfeagagegasss.web.app/	1970-01-20 23:55:50	Name: _pm_id Value: 587321693190282423
			.dfeagagegasss.web.app/	1970-01-20 14:19:52	Name: _pm_sid Value: 690101693190282424

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/styles__ltr.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/recaptcha__pt_br.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/recaptcha__pt_br.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/styles__ltr.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/recaptcha__pt_br.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/styles__ltr.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/styles__ltr.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/recaptcha__pt_br.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/recaptcha__pt_br.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/styles__ltr.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/styles__ltr.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/styles__ltr.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/recaptcha__pt_br.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/recaptcha__pt_br.js Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.pmweb.com.br
cdnjs.cloudflare.com
dfeagagegasss.web.app
rfeageagasg.web.app
s3-sa-east-1.amazonaws.com
www.google-analytics.com
www.google.com
www.gstatic.com
www.realizesolucoesfinanceiras.com.br
16.12.0.48
18.231.42.49
200.248.113.245
2606:4700::6811:180e
2620:0:890::100
2a00:1450:4001:80f::2004
2a00:1450:4001:828::200e
2a00:1450:4001:829::2003
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
165ed42cca119291cdc6339e663362e3f2b7c9d6736ee9c6ffa4878061ea2b6a
1ad62b00c3254649d6f6b6f55525d1c33c7c021bfa3f03b6ce707aac96ccc8e1
1b6944668cdd7a70290c0fe0b9df97fd17105a50a42bec5fee434e4b0f4e3d9c
264587d2318e6db0e79047f72827194adbbb3bd33db8b9d1d9bc4a7374539100
3dd08d21a5c010294a50355af3565a50d08ea4aef83e822114be29171209f109
43eac2fa95d29590b8d70e84fe571972c4dcc8757299bcabfd7906f48fb25fd1
54d1a61d6215692d68349ef1e4eaad316d113a24a0c0a29ddbcc7e000613fcfa
5926b8a8e637c4024cd8ad9fee2b6ed2d03458724268e8da69d32370147aea50
7db4ada57262fbacd47bef4e96e3cedda276b9267e6ca4d20adeeb1c24d870b6
7f81fd50565c42b28d0c131ee55dce21472cfe3ef3f5572e04f279b9898149d5
81d4ca3c2375c265bace9d9c70b59b9712194fc830a4499c566affcfdf6c0e64
8827f96ace2afe4aeff4c33db4ac86193f38a62cb30d9fbba949e0b72c2a55ff
9488f000bdd5f272edc1655eb3883eee05571cc0bc96b33453afc02c28d28ef4
94c081e2ae2f0618d1661bb9267a2ae65addb921bef6464fb1dd7169bd5f55c6
995efd7054d5c17ceb16d65061b113ee8bacc8feec0cecb70bb276c387bbac7f
c11d35ef4a285a16816851b69613b83dee621045dcb3887907ec204ef1110fed
c65a6437232aa7209941f6aea8e03ea12f10bb225e1b019575883bb83c9e3995
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e946d863a136a09089fd275d574ff3346bad8327d4ef378c06af35872d9fe56d
fa36422ad6a4f8488bc693807a0f3d599922eeb4d25bc2352ff12bb5fd02551d

dfeagagegasss.web.app Open in urlscan Pro 2620:0:890::100 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

44 Requests

100 %HTTPS

63 %IPv6

8 Domains

9 Subdomains

8 IPs

3 Countries

1734 kBTransfer

4247 kBSize

2 Cookies

21 Outgoing links

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

dfeagagegasss.web.app Open in urlscan Pro
2620:0:890::100 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

100 %
HTTPS

63 %
IPv6

8
Domains

9
Subdomains

8
IPs

3
Countries

1734 kB
Transfer

4247 kB
Size

2
Cookies

44 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!