descespecial.com Open in urlscan Pro
31.170.160.38  Malicious Activity! Public Scan

4 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request paymentb.php Show response descespecial.com/PRODUTO274225true/	232 KB 80 KB	384ms 117ms	Document text/html	31.170.160.38 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://descespecial.com/PRODUTO274225true/paymentb.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 31.170.160.38 , Cyprus, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / PHP/7.2.34 Resource Hash 801692cf5c5ce9ddf7ad0d49f791aabc10e4177073bc6457f8d129e5cc323bdb Request headers :method GET :authority descespecial.com :scheme https :path /PRODUTO274225true/paymentb.php pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-powered-by PHP/7.2.34 content-type text/html; charset=UTF-8 content-encoding br vary Accept-Encoding date Sat, 13 Feb 2021 00:04:14 GMT server LiteSpeed alt-svc quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
GET H3-Q050	200	jquery-3.2.1.min.js.download Show response descespecial.com/arq_js/forma_de_pagamento/	85 KB 29 KB	240ms 121ms	Script text/plain	31.170.160.38 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://descespecial.com/arq_js/forma_de_pagamento/jquery-3.2.1.min.js.download Requested by Host: descespecial.com URL: https://descespecial.com/PRODUTO274225true/paymentb.php Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 31.170.160.38 , Cyprus, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Request headers Referer https://descespecial.com/PRODUTO274225true/paymentb.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 13 Feb 2021 00:04:14 GMT content-encoding br last-modified Fri, 12 Feb 2021 21:52:46 GMT server LiteSpeed etag "15283-6026f8ae-d7902c4692c05f41;br" vary Accept-Encoding content-type text/plain accept-ranges bytes content-length 29485
GET H3-Q050	200	theme.css descespecial.com/arq_js/forma_de_pagamento/	225 KB 36 KB	255ms 136ms	Stylesheet text/css	31.170.160.38 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://descespecial.com/arq_js/forma_de_pagamento/theme.css Requested by Host: descespecial.com URL: https://descespecial.com/PRODUTO274225true/paymentb.php Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 31.170.160.38 , Cyprus, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash a229155b567e0ba6cd7bbbdf7347aa407c601877d67b077bee398ae15d8c6f5a Request headers Referer https://descespecial.com/PRODUTO274225true/paymentb.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 13 Feb 2021 00:04:14 GMT content-encoding br last-modified Fri, 12 Feb 2021 21:53:05 GMT server LiteSpeed etag "3847f-6026f8c1-5f0ecaa17f8036ef;br" vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes content-length 36339 expires Sat, 20 Feb 2021 00:04:14 GMT
GET H3-Q050	200	main.cf2fd721.css descespecial.com/arq_js/forma_de_pagamento/	14 KB 4 KB	239ms 120ms	Stylesheet text/css	31.170.160.38 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://descespecial.com/arq_js/forma_de_pagamento/main.cf2fd721.css Requested by Host: descespecial.com URL: https://descespecial.com/PRODUTO274225true/paymentb.php Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 31.170.160.38 , Cyprus, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 0a806bf7f89f7b5cce6f60b9f3646826cccf965becf09e7409ff5fc9c36fe528 Request headers Referer https://descespecial.com/PRODUTO274225true/paymentb.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 13 Feb 2021 00:04:14 GMT content-encoding br last-modified Fri, 12 Feb 2021 21:52:51 GMT server LiteSpeed etag "3932-6026f8b3-4d7e27d28df11579;br" vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes content-length 3634 expires Sat, 20 Feb 2021 00:04:14 GMT
GET H3-Q050	200	37g9oiW.png descespecial.com/arq_js/forma_de_pagamento/	2 KB 2 KB	109ms 109ms	Image image/png	31.170.160.38 AS-HOSTINGER
General Check archive.org Show headers Download Go to Show image Full URL https://descespecial.com/arq_js/forma_de_pagamento/37g9oiW.png Requested by Host: descespecial.com URL: https://descespecial.com/PRODUTO274225true/paymentb.php Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 31.170.160.38 , Cyprus, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash e67dcf0c52d2924bd09e897266b477c49347274a5ecfb5ec9f149aee681f7d6a Request headers Referer https://descespecial.com/PRODUTO274225true/paymentb.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 13 Feb 2021 00:04:14 GMT last-modified Fri, 12 Feb 2021 21:52:14 GMT server LiteSpeed etag "86e-6026f88e-cf806e9fdb22c6c2;;;" content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 2158 expires Sat, 20 Feb 2021 00:04:14 GMT
GET H3-Q050	200	voIdYFm.png descespecial.com/arq_js/forma_de_pagamento/	226 B 309 B	110ms 110ms	Image image/png	31.170.160.38 AS-HOSTINGER
General Check archive.org Show headers Download Go to Show image Full URL https://descespecial.com/arq_js/forma_de_pagamento/voIdYFm.png Requested by Host: descespecial.com URL: https://descespecial.com/PRODUTO274225true/paymentb.php Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 31.170.160.38 , Cyprus, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 35d3f0b13a6ef5bf2640f32beb1dae6f00d0635b60d93503cb8ed5c07a870f19 Request headers Referer https://descespecial.com/PRODUTO274225true/paymentb.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 13 Feb 2021 00:04:14 GMT last-modified Fri, 12 Feb 2021 21:53:08 GMT server LiteSpeed etag "e2-6026f8c4-f6b8390250f81266;;;" content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 226 expires Sat, 20 Feb 2021 00:04:14 GMT
GET H3-Q050	200	BS26TUI.png descespecial.com/arq_js/forma_de_pagamento/	395 B 447 B	110ms 110ms	Image image/png	31.170.160.38 AS-HOSTINGER
General Check archive.org Show headers Download Go to Show image Full URL https://descespecial.com/arq_js/forma_de_pagamento/BS26TUI.png Requested by Host: descespecial.com URL: https://descespecial.com/PRODUTO274225true/paymentb.php Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 31.170.160.38 , Cyprus, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash d8dce2fc37c325be3e397968c43cf58f508a658d59eedc2cbad16970f7c10ffe Request headers Referer https://descespecial.com/PRODUTO274225true/paymentb.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 13 Feb 2021 00:04:14 GMT last-modified Fri, 12 Feb 2021 21:52:27 GMT server LiteSpeed etag "18b-6026f89b-bd6cfcd2eb151f5;;;" content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 395 expires Sat, 20 Feb 2021 00:04:14 GMT
GET H3-Q050	200	bootstrap.min Show response descespecial.com/arq_js/forma_de_pagamento/	5 KB 2 KB	110ms 109ms	Script text/plain	31.170.160.38 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://descespecial.com/arq_js/forma_de_pagamento/bootstrap.min Requested by Host: descespecial.com URL: https://descespecial.com/PRODUTO274225true/paymentb.php Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 31.170.160.38 , Cyprus, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 9e23f3aa28a922f8857fa25c0fa34cfe73a30406a7e002adcbedc6cd66948c8e Request headers Referer https://descespecial.com/PRODUTO274225true/paymentb.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 13 Feb 2021 00:04:14 GMT content-encoding br last-modified Fri, 12 Feb 2021 21:52:27 GMT server LiteSpeed etag "13fd-6026f89b-fba8ce8b7a83001b;br" vary Accept-Encoding content-type text/plain accept-ranges bytes content-length 1526
GET		svg_store.min.svg sacola.americanas.com.br/dist-v2.27.1.2700/theme/images/svg/	0 0
GET		svg_store.min.svg sacola.americanas.com.br/dist-v2.27.1.2700/theme/images/svg/	0 0
GET		svg_store.min.svg sacola.americanas.com.br/dist-v2.27.1.2700/theme/images/svg/	0 0
GET		svg_store.min.svg sacola.americanas.com.br/dist-v2.27.1.2700/theme/images/svg/	0 0
GET		svg_store.min.svg sacola.americanas.com.br/dist-v2.27.1.2700/theme/images/svg/	0 0
GET		svg_store.min.svg sacola.americanas.com.br/dist-v2.27.1.2700/theme/images/svg/	0 0
GET		svg_store.min.svg sacola.americanas.com.br/dist-v2.27.1.2700/theme/images/svg/	0 0
GET		svg_store.min.svg sacola.americanas.com.br/dist-v2.27.1.2700/theme/images/svg/	0 0
GET		svg_store.min.svg sacola.americanas.com.br/dist-v2.27.1.2700/theme/images/svg/	0 0
GET		svg_store.min.svg sacola.americanas.com.br/dist-v2.27.1.2700/theme/images/svg/	0 0
GET		svg_store.min.svg sacola.americanas.com.br/dist-v2.27.1.2700/theme/images/svg/	0 0
GET		svg_store.min.svg sacola.americanas.com.br/dist-v2.27.1.2700/theme/images/svg/	0 0
GET H3-Q050	200	saved_resource(1).html Show response descespecial.com/arq_js/forma_de_pagamento/ Frame CA2B	483 B 313 B	109ms 109ms	Document text/html	31.170.160.38 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://descespecial.com/arq_js/forma_de_pagamento/saved_resource(1).html Requested by Host: descespecial.com URL: https://descespecial.com/PRODUTO274225true/paymentb.php Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 31.170.160.38 , Cyprus, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash e3404cde8307c6a9fea5b7ebb51248d50228d20b672bdab30a49af04f5c54842 Request headers :method GET :authority descespecial.com :scheme https :path /arq_js/forma_de_pagamento/saved_resource(1).html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-origin sec-fetch-mode navigate sec-fetch-dest iframe referer https://descespecial.com/PRODUTO274225true/paymentb.php accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://descespecial.com/PRODUTO274225true/paymentb.php Response headers content-type text/html last-modified Fri, 12 Feb 2021 21:52:59 GMT etag "1e3-6026f8bb-fc8d7bdf99f3dd9a;br" accept-ranges bytes content-encoding br vary Accept-Encoding content-length 229 date Sat, 13 Feb 2021 00:04:14 GMT server LiteSpeed
GET H3-Q050	200	uk4BUV9.png descespecial.com/arq_js/forma_de_pagamento/	1 KB 2 KB	109ms 109ms	Image image/png	31.170.160.38 AS-HOSTINGER
General Check archive.org Show headers Download Go to Show image Full URL https://descespecial.com/arq_js/forma_de_pagamento/uk4BUV9.png Requested by Host: descespecial.com URL: https://descespecial.com/PRODUTO274225true/paymentb.php Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 31.170.160.38 , Cyprus, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 9715c541123ac5e56fa3cdd43cb3ae5a3e5d704e6aa22b6af8e89cf15ff50bd3 Request headers Referer https://descespecial.com/PRODUTO274225true/paymentb.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 13 Feb 2021 00:04:14 GMT last-modified Fri, 12 Feb 2021 21:53:07 GMT server LiteSpeed etag "5ec-6026f8c3-ecc8235eb2e2b443;;;" content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 1516 expires Sat, 20 Feb 2021 00:04:14 GMT
GET H3-Q050	200	v1R3yTD.png descespecial.com/arq_js/forma_de_pagamento/	720 B 794 B	109ms 108ms	Image image/png	31.170.160.38 AS-HOSTINGER
General Check archive.org Show headers Download Go to Show image Full URL https://descespecial.com/arq_js/forma_de_pagamento/v1R3yTD.png Requested by Host: descespecial.com URL: https://descespecial.com/PRODUTO274225true/paymentb.php Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 31.170.160.38 , Cyprus, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 6ce6104c02240f9927eef9342263a5d738b31b67519a2604a1116d4cb96dbb3c Request headers Referer https://descespecial.com/PRODUTO274225true/paymentb.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 13 Feb 2021 00:04:14 GMT last-modified Fri, 12 Feb 2021 21:53:07 GMT server LiteSpeed etag "2d0-6026f8c3-6d16fa547ac324ab;;;" content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 720 expires Sat, 20 Feb 2021 00:04:14 GMT
GET H3-Q050	200	thj9SyF.png descespecial.com/arq_js/forma_de_pagamento/	857 B 910 B	109ms 109ms	Image image/png	31.170.160.38 AS-HOSTINGER
General Check archive.org Show headers Download Go to Show image Full URL https://descespecial.com/arq_js/forma_de_pagamento/thj9SyF.png Requested by Host: descespecial.com URL: https://descespecial.com/PRODUTO274225true/paymentb.php Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 31.170.160.38 , Cyprus, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 3e687b8f5ce02d8f5805a37abbf0e39b36246e67fbae197a29443fc85fe8dec0 Request headers Referer https://descespecial.com/PRODUTO274225true/paymentb.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 13 Feb 2021 00:04:14 GMT last-modified Fri, 12 Feb 2021 21:53:05 GMT server LiteSpeed etag "359-6026f8c1-93bb8cf791263255;;;" content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 857 expires Sat, 20 Feb 2021 00:04:14 GMT
GET H2	200	ZUWYbHk.png i.imgur.com/	129 B 453 B	74ms 23ms	Image image/png	151.101.112.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/ZUWYbHk.png Requested by Host: descespecial.com URL: https://descespecial.com/PRODUTO274225true/paymentb.php Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash 2bcdcc3acd0faa5dde3dfd4480e2788d4f79c63075ef8b1cf1610ae6f98d3aaa Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers Referer https://descespecial.com/PRODUTO274225true/paymentb.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 13 Feb 2021 00:04:14 GMT x-content-type-options nosniff age 1339503 x-cache HIT, HIT content-length 129 x-served-by cache-bwi5121-BWI, cache-hhn4071-HHN last-modified Wed, 23 Aug 2017 20:26:09 GMT server cat factory 1.0 x-timer S1613174655.851714,VS0,VE1 etag "90ae582d377ac584b62f7df3053ce90f" strict-transport-security max-age=300 access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 1, 1
GET H2	200	0u1RTox.png i.imgur.com/	907 B 1 KB	77ms 26ms	Image image/png	151.101.112.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/0u1RTox.png Requested by Host: descespecial.com URL: https://descespecial.com/PRODUTO274225true/paymentb.php Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash c6d6bed36dfd6b1e59525cc5303ce0765ba0bd6c8e97181d9cf98c5ada9c6a38 Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers Referer https://descespecial.com/PRODUTO274225true/paymentb.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 13 Feb 2021 00:04:14 GMT x-content-type-options nosniff age 815430 x-cache HIT, HIT content-length 907 x-served-by cache-bwi5141-BWI, cache-hhn4071-HHN last-modified Wed, 23 Aug 2017 19:32:45 GMT server cat factory 1.0 x-timer S1613174655.854004,VS0,VE1 etag "732c29552d443465f3c623b5dc5ca98e" strict-transport-security max-age=300 access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 1, 1
GET H2	200	Moc2hRw.png i.imgur.com/	921 B 1 KB	76ms 25ms	Image image/png	151.101.112.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/Moc2hRw.png Requested by Host: descespecial.com URL: https://descespecial.com/PRODUTO274225true/paymentb.php Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash 7dc4879d8dceecf23f1645ef576fcf684981d6bf2f9800f37697b44f4a9933a0 Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers Referer https://descespecial.com/PRODUTO274225true/paymentb.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 13 Feb 2021 00:04:14 GMT x-content-type-options nosniff age 1317230 x-cache HIT, HIT content-length 921 x-served-by cache-bwi5132-BWI, cache-hhn4071-HHN last-modified Wed, 23 Aug 2017 19:32:48 GMT server cat factory 1.0 x-timer S1613174655.853993,VS0,VE1 etag "eede19ae3768896e0daef81443545c4d" strict-transport-security max-age=300 access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 1, 1
GET H2	200	EABTxgy.png i.imgur.com/	824 B 971 B	76ms 26ms	Image image/png	151.101.112.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/EABTxgy.png Requested by Host: descespecial.com URL: https://descespecial.com/PRODUTO274225true/paymentb.php Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash 70615ad9f34a12a4f449e3a8fbe03977d7a095af4667cdad08957bc6001c41d6 Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers Referer https://descespecial.com/PRODUTO274225true/paymentb.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 13 Feb 2021 00:04:14 GMT x-content-type-options nosniff age 2553509 x-cache HIT, HIT content-length 824 x-served-by cache-bwi5120-BWI, cache-hhn4071-HHN last-modified Wed, 23 Aug 2017 19:32:50 GMT server cat factory 1.0 x-timer S1613174655.853983,VS0,VE1 etag "9f27c36b12557037485a41c06ecc1608" strict-transport-security max-age=300 access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 1, 1
GET H2	200	f1LCqZN.png i.imgur.com/	165 B 314 B	76ms 26ms	Image image/png	151.101.112.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/f1LCqZN.png Requested by Host: descespecial.com URL: https://descespecial.com/PRODUTO274225true/paymentb.php Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash 75f58b1c3c54dc5057418bb3910d02a0a51c0ebb24dee1d69bbcc7dc1c20fdb0 Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers Referer https://descespecial.com/PRODUTO274225true/paymentb.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 13 Feb 2021 00:04:14 GMT x-content-type-options nosniff age 1484387 x-cache HIT, HIT content-length 165 x-served-by cache-bwi5182-BWI, cache-hhn4071-HHN last-modified Wed, 23 Aug 2017 15:04:31 GMT server cat factory 1.0 x-timer S1613174655.853969,VS0,VE1 etag "28e0f75785538fa1fbb80f87388cd088" strict-transport-security max-age=300 access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 1, 1
POST		bootstrap.min www.fatosinacreditaveis.com/api/ads/	0 0
GET H3-Q050	200	saved_resource(2).html Show response descespecial.com/arq_js/forma_de_pagamento/ Frame BD4E	669 B 356 B	109ms 109ms	Document text/html	31.170.160.38 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://descespecial.com/arq_js/forma_de_pagamento/saved_resource(2).html Requested by Host: descespecial.com URL: https://descespecial.com/PRODUTO274225true/paymentb.php Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 31.170.160.38 , Cyprus, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash ef027606a358f4a338015b6c72472eba76d57f69c7d8046ee52ec993737c5621 Request headers :method GET :authority descespecial.com :scheme https :path /arq_js/forma_de_pagamento/saved_resource(2).html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-origin sec-fetch-mode navigate sec-fetch-dest iframe referer https://descespecial.com/PRODUTO274225true/paymentb.php accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://descespecial.com/PRODUTO274225true/paymentb.php Response headers content-type text/html last-modified Fri, 12 Feb 2021 21:52:59 GMT etag "29d-6026f8bb-48d8ed639819793;br" accept-ranges bytes content-encoding br vary Accept-Encoding content-length 273 date Sat, 13 Feb 2021 00:04:14 GMT server LiteSpeed
GET DATA	200 OK	truncated /	189 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ce221fde8f1b7b178d0630750962b524ad2f57a8c5e7896a53b82cb275a7110c Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/png
GET H3-Q050	200	analytics.js.download Show response descespecial.com/arq_js/forma_de_pagamento/ Frame CA2B	34 KB 14 KB	112ms 111ms	Script text/plain	31.170.160.38 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://descespecial.com/arq_js/forma_de_pagamento/analytics.js.download Requested by Host: descespecial.com URL: https://descespecial.com/arq_js/forma_de_pagamento/saved_resource(1).html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 31.170.160.38 , Cyprus, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3 Request headers Referer https://descespecial.com/arq_js/forma_de_pagamento/saved_resource(1).html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 13 Feb 2021 00:04:14 GMT content-encoding br last-modified Fri, 12 Feb 2021 21:52:23 GMT server LiteSpeed etag "89c2-6026f897-fb11f50b1f65c8cf;br" vary Accept-Encoding content-type text/plain accept-ranges bytes content-length 14012
GET H3-Q050	200	js Show response descespecial.com/arq_js/forma_de_pagamento/ Frame CA2B	72 KB 72 KB	115ms 115ms	Script text/plain	31.170.160.38 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://descespecial.com/arq_js/forma_de_pagamento/js Requested by Host: descespecial.com URL: https://descespecial.com/arq_js/forma_de_pagamento/saved_resource(1).html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 31.170.160.38 , Cyprus, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 8bfbb8d7829115efc435b6f529b1afd7ea0b80ebdf2842359b1ff9f2fdbf65ed Request headers Referer https://descespecial.com/arq_js/forma_de_pagamento/saved_resource(1).html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 13 Feb 2021 00:04:14 GMT last-modified Fri, 12 Feb 2021 21:52:49 GMT server LiteSpeed accept-ranges bytes etag "11e61-6026f8b1-8aa789cc0a9ff64b;;;" content-length 73313
GET H3-Q050	404	maconha-e-a-cura-para-o-cancer.html Show response descespecial.com/ Frame E23F	2 KB 991 B	136ms 135ms	Document text/html	31.170.160.38 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://descespecial.com/maconha-e-a-cura-para-o-cancer.html Requested by Host: descespecial.com URL: https://descespecial.com/maconha-e-a-cura-para-o-cancer Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 31.170.160.38 , Cyprus, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e Request headers :method GET :authority descespecial.com :scheme https :path /maconha-e-a-cura-para-o-cancer.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-origin sec-fetch-mode navigate sec-fetch-dest iframe referer https://descespecial.com/maconha-e-a-cura-para-o-cancer accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://descespecial.com/maconha-e-a-cura-para-o-cancer Response headers content-type text/html last-modified Mon, 04 Jan 2021 13:32:52 GMT etag "999-5ff31904-479bf363167dc503;br" accept-ranges bytes content-encoding br vary Accept-Encoding content-length 914 date Sat, 13 Feb 2021 00:04:14 GMT server LiteSpeed
GET H2	200	analytics.js Show response www.google-analytics.com/ Frame CA2B	46 KB 18 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:812::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: descespecial.com URL: https://descespecial.com/arq_js/forma_de_pagamento/js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://descespecial.com/arq_js/forma_de_pagamento/saved_resource(1).html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Fri, 23 Oct 2020 03:00:57 GMT server Golfe2 age 2348 date Fri, 12 Feb 2021 23:25:07 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18817 expires Sat, 13 Feb 2021 01:25:07 GMT
GET H2	200	collect www.google-analytics.com/r/ Frame CA2B	35 B 197 B	14ms 13ms	Image image/gif	2a00:1450:4001:812::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/r/collect?v=1&_v=j68&a=2077487408&t=pageview&_s=1&dl=https%3A%2F%2Fdescespecial.com%2Farq_js%2Fforma_de_pagamento%2Fsaved_resource(1).html&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=&je=0&_u=KEBAAUABE~&jid=1440461078&gjid=1497793006&cid=1256821510.1613174655&tid=UA-118831736-1&_gid=694281265.1613174655&_r=1&gtm=u86&z=758740293 Requested by Host: descespecial.com URL: https://descespecial.com/PRODUTO274225true/paymentb.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://descespecial.com/arq_js/forma_de_pagamento/saved_resource(1).html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sat, 13 Feb 2021 00:04:15 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	style.css descespecial.com/htdocs_error/ Frame E23F	5 KB 1 KB	111ms 111ms	Stylesheet text/css	31.170.160.38 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://descespecial.com/htdocs_error/style.css Requested by Host: descespecial.com URL: https://descespecial.com/maconha-e-a-cura-para-o-cancer.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 31.170.160.38 , Cyprus, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 9a0ca52cd2b9d09bed0eac23e7ff741244d96225fa9afab1b680978c01ab85d3 Request headers Referer https://descespecial.com/maconha-e-a-cura-para-o-cancer.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 13 Feb 2021 00:04:15 GMT content-encoding br last-modified Mon, 04 Jan 2021 13:32:52 GMT server LiteSpeed etag "134e-5ff31904-847415787c51dca9;br" vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes content-length 1254 expires Sat, 20 Feb 2021 00:04:15 GMT
GET H2	200	bootstrap.min.css maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ Frame E23F	118 KB 19 KB	9ms 8ms	Stylesheet text/css	2001:4de0:ac19::1:b:2b HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css Requested by Host: descespecial.com URL: https://descespecial.com/maconha-e-a-cura-para-o-cancer.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software / Resource Hash f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://descespecial.com/maconha-e-a-cura-para-o-cancer.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 13 Feb 2021 00:04:15 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 12 Dec 2018 18:34:07 GMT etag "1544639647" vary Accept-Encoding x-cache HIT content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 19740
GET H2	200	css fonts.googleapis.com/ Frame E23F	21 KB 1 KB	15ms 14ms	Stylesheet text/css	2a00:1450:4001:829::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i Requested by Host: descespecial.com URL: https://descespecial.com/maconha-e-a-cura-para-o-cancer.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 4956068b2f2c2f14c6dd7fb409b7e5a22ab4a41b45c9ad683bc0f77c5853ffba Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://descespecial.com/maconha-e-a-cura-para-o-cancer.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 12 Feb 2021 23:00:48 GMT server ESF date Sat, 13 Feb 2021 00:04:15 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 13 Feb 2021 00:04:15 GMT
GET H3-Q050	200	something-lost.png descespecial.com/htdocs_error/ Frame E23F	106 KB 106 KB	110ms 109ms	Image image/png	31.170.160.38 AS-HOSTINGER
General Check archive.org Show headers Download Go to Show image Full URL https://descespecial.com/htdocs_error/something-lost.png Requested by Host: descespecial.com URL: https://descespecial.com/maconha-e-a-cura-para-o-cancer.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 31.170.160.38 , Cyprus, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash fa0483d6548b10c76a81edc62798719be4d3acd8a6f40c19e2f824d751ba0f4e Request headers Referer https://descespecial.com/maconha-e-a-cura-para-o-cancer.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 13 Feb 2021 00:04:15 GMT last-modified Mon, 04 Jan 2021 13:32:52 GMT server LiteSpeed etag "1a6c1-5ff31904-5d01d65656c4f08b;;;" content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 108225 expires Sat, 20 Feb 2021 00:04:15 GMT
GET H3-Q050	200	analytics.js Show response www.google-analytics.com/ Frame E23F	46 KB 19 KB	26ms 13ms	Script text/javascript	2a00:1450:4001:812::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: descespecial.com URL: https://descespecial.com/maconha-e-a-cura-para-o-cancer.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://descespecial.com/maconha-e-a-cura-para-o-cancer.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Fri, 23 Oct 2020 03:00:57 GMT server Golfe2 age 2348 date Fri, 12 Feb 2021 23:25:07 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18817 expires Sat, 13 Feb 2021 01:25:07 GMT
POST H3-Q050	200	collect Show response www.google-analytics.com/j/ Frame E23F	4 B 190 B	13ms 13ms	XHR text/plain	2a00:1450:4001:812::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1386191197&t=pageview&_s=1&dl=https%3A%2F%2Fdescespecial.com%2Fmaconha-e-a-cura-para-o-cancer.html&ul=en-us&de=UTF-8&dt=Oops%2C%20something%20lost&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=AACAAEABAAAAAC~&jid=1411290682&gjid=1318211216&cid=1256821510.1613174655&tid=UA-26575989-46&_gid=694281265.1613174655&_r=1&_slc=1&z=400806757 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://descespecial.com/maconha-e-a-cura-para-o-cancer.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sat, 13 Feb 2021 00:04:15 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://descespecial.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/ Frame E23F	4 B 125 B	15ms 15ms	XHR text/plain	2a00:1450:400c:c00::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-26575989-46&cid=1256821510.1613174655&jid=1411290682&gjid=1318211216&_gid=694281265.1613174655&_u=AACAAEAAAAAAAC~&z=1557032588 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://descespecial.com/maconha-e-a-cura-para-o-cancer.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Sat, 13 Feb 2021 00:04:15 GMT content-type text/plain access-control-allow-origin https://descespecial.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.com/ads/ Frame E23F	42 B 293 B	18ms 17ms	Image image/gif	2a00:1450:4001:82b::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-26575989-46&cid=1256821510.1613174655&jid=1411290682&_u=AACAAEAAAAAAAC~&z=833303624 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://descespecial.com/maconha-e-a-cura-para-o-cancer.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sat, 13 Feb 2021 00:04:15 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/ Frame E23F	42 B 505 B	35ms 16ms	Image image/gif	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-26575989-46&cid=1256821510.1613174655&jid=1411290682&_u=AACAAEAAAAAAAC~&z=833303624 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://descespecial.com/maconha-e-a-cura-para-o-cancer.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sat, 13 Feb 2021 00:04:15 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST		bootstrap.min www.fatosinacreditaveis.com/api/ads/	0 0
POST		bootstrap.min www.fatosinacreditaveis.com/api/ads/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

sacola.americanas.com.br

URL

https://sacola.americanas.com.br/dist-v2.27.1.2700/theme/images/svg/svg_store.min.svg

Domain

sacola.americanas.com.br

URL

https://sacola.americanas.com.br/dist-v2.27.1.2700/theme/images/svg/svg_store.min.svg

Domain

sacola.americanas.com.br

URL

https://sacola.americanas.com.br/dist-v2.27.1.2700/theme/images/svg/svg_store.min.svg

Domain

sacola.americanas.com.br

URL

https://sacola.americanas.com.br/dist-v2.27.1.2700/theme/images/svg/svg_store.min.svg

Domain

sacola.americanas.com.br

URL

https://sacola.americanas.com.br/dist-v2.27.1.2700/theme/images/svg/svg_store.min.svg

Domain

sacola.americanas.com.br

URL

https://sacola.americanas.com.br/dist-v2.27.1.2700/theme/images/svg/svg_store.min.svg

Domain

sacola.americanas.com.br

URL

https://sacola.americanas.com.br/dist-v2.27.1.2700/theme/images/svg/svg_store.min.svg

Domain

sacola.americanas.com.br

URL

https://sacola.americanas.com.br/dist-v2.27.1.2700/theme/images/svg/svg_store.min.svg

Domain

sacola.americanas.com.br

URL

https://sacola.americanas.com.br/dist-v2.27.1.2700/theme/images/svg/svg_store.min.svg

Domain

sacola.americanas.com.br

URL

https://sacola.americanas.com.br/dist-v2.27.1.2700/theme/images/svg/svg_store.min.svg

Domain

sacola.americanas.com.br

URL

https://sacola.americanas.com.br/dist-v2.27.1.2700/theme/images/svg/svg_store.min.svg

Domain

sacola.americanas.com.br

URL

https://sacola.americanas.com.br/dist-v2.27.1.2700/theme/images/svg/svg_store.min.svg

Domain

www.fatosinacreditaveis.com

URL

https://www.fatosinacreditaveis.com/api/ads/bootstrap.min

Domain

www.fatosinacreditaveis.com

URL

https://www.fatosinacreditaveis.com/api/ads/bootstrap.min

Domain

www.fatosinacreditaveis.com

URL

https://www.fatosinacreditaveis.com/api/ads/bootstrap.min

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Lojas Americanas (Retail)

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery number| _0x1B900 number| _0x1B93A string| _1xU9R1L function| _0x1B974 function| _0x1B9E8 function| _0x1B9AE undefined| _0x1BA22

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.descespecial.com/	1970-01-19 16:06:14	Name: _gat Value: 1
			.descespecial.com/	1970-01-19 16:07:41	Name: _gid Value: GA1.2.694281265.1613174655
			.descespecial.com/	1970-01-19 16:06:14	Name: _gat_gtag_UA_118831736_1 Value: 1
			.descespecial.com/	1970-01-20 09:37:26	Name: _ga Value: GA1.2.1256821510.1613174655

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

descespecial.com
fonts.googleapis.com
i.imgur.com
maxcdn.bootstrapcdn.com
sacola.americanas.com.br
stats.g.doubleclick.net
www.fatosinacreditaveis.com
www.google-analytics.com
www.google.com
www.google.de
sacola.americanas.com.br
www.fatosinacreditaveis.com
151.101.112.193
2001:4de0:ac19::1:b:2b
2a00:1450:4001:80f::2003
2a00:1450:4001:812::200e
2a00:1450:4001:829::200a
2a00:1450:4001:82b::2004
2a00:1450:400c:c00::9c
31.170.160.38
0a806bf7f89f7b5cce6f60b9f3646826cccf965becf09e7409ff5fc9c36fe528
2bcdcc3acd0faa5dde3dfd4480e2788d4f79c63075ef8b1cf1610ae6f98d3aaa
35d3f0b13a6ef5bf2640f32beb1dae6f00d0635b60d93503cb8ed5c07a870f19
3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e
3e687b8f5ce02d8f5805a37abbf0e39b36246e67fbae197a29443fc85fe8dec0
3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3
4956068b2f2c2f14c6dd7fb409b7e5a22ab4a41b45c9ad683bc0f77c5853ffba
6ce6104c02240f9927eef9342263a5d738b31b67519a2604a1116d4cb96dbb3c
70615ad9f34a12a4f449e3a8fbe03977d7a095af4667cdad08957bc6001c41d6
75f58b1c3c54dc5057418bb3910d02a0a51c0ebb24dee1d69bbcc7dc1c20fdb0
7dc4879d8dceecf23f1645ef576fcf684981d6bf2f9800f37697b44f4a9933a0
801692cf5c5ce9ddf7ad0d49f791aabc10e4177073bc6457f8d129e5cc323bdb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8bfbb8d7829115efc435b6f529b1afd7ea0b80ebdf2842359b1ff9f2fdbf65ed
9715c541123ac5e56fa3cdd43cb3ae5a3e5d704e6aa22b6af8e89cf15ff50bd3
9a0ca52cd2b9d09bed0eac23e7ff741244d96225fa9afab1b680978c01ab85d3
9e23f3aa28a922f8857fa25c0fa34cfe73a30406a7e002adcbedc6cd66948c8e
a229155b567e0ba6cd7bbbdf7347aa407c601877d67b077bee398ae15d8c6f5a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
c6d6bed36dfd6b1e59525cc5303ce0765ba0bd6c8e97181d9cf98c5ada9c6a38
ce221fde8f1b7b178d0630750962b524ad2f57a8c5e7896a53b82cb275a7110c
d8dce2fc37c325be3e397968c43cf58f508a658d59eedc2cbad16970f7c10ffe
e3404cde8307c6a9fea5b7ebb51248d50228d20b672bdab30a49af04f5c54842
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e67dcf0c52d2924bd09e897266b477c49347274a5ecfb5ec9f149aee681f7d6a
ef027606a358f4a338015b6c72472eba76d57f69c7d8046ee52ec993737c5621
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fa0483d6548b10c76a81edc62798719be4d3acd8a6f40c19e2f824d751ba0f4e