intermed-client.cf Open in urlscan Pro
2606:4700:30::681c:b0b Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://intermed-client.cf/inter/inter/
Submission: On March 28 via manual (March 28th 2019, 7:21:37 pm UTC) from BR

Summary HTTP 41 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 41 HTTP transactions. The main IP is 2606:4700:30::681c:b0b, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is intermed-client.cf.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on March 25th 2019. Valid for: a year.

This is the only time intermed-client.cf was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Banco Inter (Banking)

Domain & IP information

	IP Address	AS Autonomous System
34	2606:4700:30:... 2606:4700:30::681c:b0b	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2606:4700:10:... 2606:4700:10::6814:432e	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	52.95.164.59 52.95.164.59	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	151.101.2.110 151.101.2.110	54113 (FASTLY) (FASTLY - Fastly)
1	162.247.242.20 162.247.242.20	23467 (NEWRELIC-...) (NEWRELIC-AS-1 - New Relic)
41	6

34 2606:4700:30::681c:b0b (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

intermed-client.cf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:432e (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn.000webhost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.95.164.59 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-sa-east-1.amazonaws.com

s3-sa-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.110 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.242.20 (United States)

ASN23467 (NEWRELIC-AS-1 - New Relic, US)
PTR: bam-8.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	intermed-client.cf intermed-client.cf	377 KB
3	gstatic.com fonts.gstatic.com	68 KB
1	nr-data.net bam.nr-data.net	254 B
1	newrelic.com js-agent.newrelic.com	9 KB
1	amazonaws.com s3-sa-east-1.amazonaws.com	516 B
1	000webhost.com cdn.000webhost.com	2 KB
41	6

	Domain	Requested by
34	intermed-client.cf	intermed-client.cf
3	fonts.gstatic.com	intermed-client.cf
1	bam.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	intermed-client.cf
1	s3-sa-east-1.amazonaws.com	intermed-client.cf
1	cdn.000webhost.com	intermed-client.cf
41	6

This site contains links to these domains. Also see Links.

Domain
www.symantec.com
www.000webhost.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-03-25` - `2020-03-25`	a year	crt.sh
*.000webhost.com COMODO RSA Domain Validation Secure Server CA	`2018-10-19` - `2020-12-17`	2 years	crt.sh
*.s3-sa-east-1.amazonaws.com DigiCert Baltimore CA-2 G2	`2018-11-08` - `2019-11-06`	a year	crt.sh
*.google.com Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-03-21` - `2020-03-21`	a year	crt.sh
*.nr-data.net GeoTrust RSA CA 2018	`2018-01-11` - `2020-03-17`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://intermed-client.cf/inter/inter/
Frame ID: F8981AA14F4F9E3040B35DC1FBCB3D3C
Requests: 41 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /cloudflare/i

List.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^List$/i

New Relic (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^NREUM/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js/i

Page Statistics

41
Requests

100 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

6
IPs

2
Countries

457 kB
Transfer

950 kB
Size

1
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.symantec.com/pt/br/ssl-certificates
Title: Site Seguro

Search URL Search Domain Scan URL

URL: https://www.000webhost.com/?utm_source=000webhostapp&utm_campaign=000_logo&utm_medium=website&utm_content=footer_img

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
intermed-client.cf/inter/inter/ 30 KB
10 KB 298ms
250ms Document
text/html 2606:4700:30::681c:b0b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://intermed-client.cf/inter/inter/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:b0b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b902c472d45c3081f53901ffbed553b2192e527a6f1a3a03659fbd3efe159d33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: intermed-client.cf
:scheme: https
:path: /inter/inter/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Thu, 28 Mar 2019 19:21:20 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=dc20e15545f99f0871109ad71841679261553800880; expires=Fri, 27-Mar-20 19:21:20 GMT; path=/; domain=.intermed-client.cf; HttpOnly; Secure
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-request-id: c0177a587f9612858651a0c736c793b6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 4bebf76d4c8963d3-FRA
content-encoding: br

GET
H2 200 theme.css
intermed-client.cf/inter/inter/resources/ 25 KB
4 KB 246ms
242ms Stylesheet
text/css 2606:4700:30::681c:b0b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://intermed-client.cf/inter/inter/resources/theme.css

Requested by

Host: intermed-client.cf
URL: https://intermed-client.cf/inter/inter/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:b0b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9a39dfc98f782d66be17e3ceb984aba53a462d2b4ee0409010746f0b98f3c29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /inter/inter/resources/theme.css
pragma: no-cache
cookie: __cfduid=dc20e15545f99f0871109ad71841679261553800880
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: intermed-client.cf
referer: https://intermed-client.cf/inter/inter/
:scheme: https
:method: GET
Referer: https://intermed-client.cf/inter/inter/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 28 Mar 2019 19:21:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Mon, 25 Mar 2019 22:49:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=14400
cf-ray: 4bebf76eef3163d3-FRA
x-xss-protection: 1; mode=block
x-request-id: 2872fb2c04329c1464ada38eece42284
expires: Thu, 28 Mar 2019 23:21:20 GMT

GET
H2 200 estilos-novo-layout.css
intermed-client.cf/inter/inter/resources/ 152 KB
27 KB 236ms
232ms Stylesheet
text/css 2606:4700:30::681c:b0b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://intermed-client.cf/inter/inter/resources/estilos-novo-layout.css

Requested by

Host: intermed-client.cf
URL: https://intermed-client.cf/inter/inter/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:b0b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

247fa6146dd8feb811c43967c377b2797d711535d8f61d66ebbebbe3fbb522a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /inter/inter/resources/estilos-novo-layout.css
pragma: no-cache
cookie: __cfduid=dc20e15545f99f0871109ad71841679261553800880
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: intermed-client.cf
referer: https://intermed-client.cf/inter/inter/
:scheme: https
:method: GET
Referer: https://intermed-client.cf/inter/inter/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 28 Mar 2019 19:21:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Mon, 25 Mar 2019 22:49:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=14400
cf-ray: 4bebf76eef3263d3-FRA
x-xss-protection: 1; mode=block
x-request-id: be56105266885b8b6e71ec6c8064e965
expires: Thu, 28 Mar 2019 23:21:20 GMT

GET
H2 200 unsemantic-grid-responsive-tablet.css
intermed-client.cf/inter/inter/resources/ 54 KB
3 KB 223ms
218ms Stylesheet
text/css 2606:4700:30::681c:b0b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://intermed-client.cf/inter/inter/resources/unsemantic-grid-responsive-tablet.css

Requested by

Host: intermed-client.cf
URL: https://intermed-client.cf/inter/inter/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:b0b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4722adc68f89d20e21a7f98ae1af5b262b8fe695fccd5ea68cc381a5b434857

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /inter/inter/resources/unsemantic-grid-responsive-tablet.css
pragma: no-cache
cookie: __cfduid=dc20e15545f99f0871109ad71841679261553800880
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: intermed-client.cf
referer: https://intermed-client.cf/inter/inter/
:scheme: https
:method: GET
Referer: https://intermed-client.cf/inter/inter/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 28 Mar 2019 19:21:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Mon, 25 Mar 2019 22:49:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=14400
cf-ray: 4bebf76eef3363d3-FRA
x-xss-protection: 1; mode=block
x-request-id: 13edc7b61fd9bbb75a337f323dcb94f4
expires: Thu, 28 Mar 2019 23:21:20 GMT

GET
H2 200 158c4169c0 Show response
intermed-client.cf/inter/inter/resources/ 57 B
140 B 230ms
227ms Script
text/plain 2606:4700:30::681c:b0b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://intermed-client.cf/inter/inter/resources/158c4169c0

Requested by

Host: intermed-client.cf
URL: https://intermed-client.cf/inter/inter/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:b0b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /inter/inter/resources/158c4169c0
pragma: no-cache
cookie: __cfduid=dc20e15545f99f0871109ad71841679261553800880
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: intermed-client.cf
referer: https://intermed-client.cf/inter/inter/
:scheme: https
:method: GET
Referer: https://intermed-client.cf/inter/inter/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 28 Mar 2019 19:21:20 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 22:49:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
accept-ranges: bytes
cf-ray: 4bebf76eef3663d3-FRA
content-length: 57
x-xss-protection: 1; mode=block
x-request-id: 797b9ed5b3fbbb4a52d8725a48e27e4b

GET
H2 200 nr-892.js Show response
intermed-client.cf/inter/inter/resources/ 22 KB
8 KB 356ms
353ms Script
application/javascript 2606:4700:30::681c:b0b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://intermed-client.cf/inter/inter/resources/nr-892.js

Requested by

Host: intermed-client.cf
URL: https://intermed-client.cf/inter/inter/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:b0b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

daaccf2befd88ba6e8275e519494f0ae4cb8af38bec15a1b64988a8f08976abb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /inter/inter/resources/nr-892.js
pragma: no-cache
cookie: __cfduid=dc20e15545f99f0871109ad71841679261553800880
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: intermed-client.cf
referer: https://intermed-client.cf/inter/inter/
:scheme: https
:method: GET
Referer: https://intermed-client.cf/inter/inter/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 28 Mar 2019 19:21:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 25 Mar 2019 22:49:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=14400
cf-ray: 4bebf76eef3763d3-FRA
x-xss-protection: 1; mode=block
x-request-id: 793ef7e7b457bd56170d14675911a73a
expires: Thu, 28 Mar 2019 23:21:20 GMT

GET
H2 200 jquery.jsf Show response
intermed-client.cf/inter/inter/resources/ 105 KB
36 KB 246ms
243ms Script
text/plain 2606:4700:30::681c:b0b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://intermed-client.cf/inter/inter/resources/jquery.jsf

Requested by

Host: intermed-client.cf
URL: https://intermed-client.cf/inter/inter/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:b0b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6be08d782165ce3f7d792f7b0574ee595cd242986a81af1c873c3ab571cffc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /inter/inter/resources/jquery.jsf
pragma: no-cache
cookie: __cfduid=dc20e15545f99f0871109ad71841679261553800880
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: intermed-client.cf
referer: https://intermed-client.cf/inter/inter/
:scheme: https
:method: GET
Referer: https://intermed-client.cf/inter/inter/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 28 Mar 2019 19:21:20 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 22:49:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/plain; charset=UTF-8
status: 200
cf-ray: 4bebf76eef3863d3-FRA
x-xss-protection: 1; mode=block
x-request-id: 17b1a296435dd2570ae0cb2d076ef915

GET
H2 200 core.jsf Show response
intermed-client.cf/inter/inter/resources/ 30 KB
30 KB 220ms
218ms Script
text/plain 2606:4700:30::681c:b0b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://intermed-client.cf/inter/inter/resources/core.jsf

Requested by

Host: intermed-client.cf
URL: https://intermed-client.cf/inter/inter/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:b0b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

414b6a0449cfa4ac4200e228dc41b51051838c9596b25a11c078ddda529e1264

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /inter/inter/resources/core.jsf
pragma: no-cache
cookie: __cfduid=dc20e15545f99f0871109ad71841679261553800880
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: intermed-client.cf
referer: https://intermed-client.cf/inter/inter/
:scheme: https
:method: GET
Referer: https://intermed-client.cf/inter/inter/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 28 Mar 2019 19:21:20 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 22:49:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
accept-ranges: bytes
cf-ray: 4bebf76eef3963d3-FRA
content-length: 30517
x-xss-protection: 1; mode=block
x-request-id: 1c19ff387128ac1f384e5fab02ca33b6

GET
H2 200 idlemonitor.jsf Show response
intermed-client.cf/inter/inter/resources/ 3 KB
1 KB 220ms
218ms Script
text/plain 2606:4700:30::681c:b0b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://intermed-client.cf/inter/inter/resources/idlemonitor.jsf

Requested by

Host: intermed-client.cf
URL: https://intermed-client.cf/inter/inter/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:b0b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

885d3edafab78ea25bb24cc75b438d06f81cf85d0ba5d6b285fce7b139d20d58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /inter/inter/resources/idlemonitor.jsf
pragma: no-cache
cookie: __cfduid=dc20e15545f99f0871109ad71841679261553800880
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: intermed-client.cf
referer: https://intermed-client.cf/inter/inter/
:scheme: https
:method: GET
Referer: https://intermed-client.cf/inter/inter/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 28 Mar 2019 19:21:20 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 22:49:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/plain; charset=UTF-8
status: 200
cf-ray: 4bebf76eef3a63d3-FRA
x-xss-protection: 1; mode=block
x-request-id: 68c3838f0449b1b869be057785ad1008

GET
H2 200 jquery-plugins.jsf Show response
intermed-client.cf/inter/inter/resources/ 240 KB
63 KB 242ms
239ms Script
text/plain 2606:4700:30::681c:b0b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://intermed-client.cf/inter/inter/resources/jquery-plugins.jsf

Requested by

Host: intermed-client.cf
URL: https://intermed-client.cf/inter/inter/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:b0b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

52b40de909fd01b6f5082e706a7875626f4e9be207bfe5dffdcfe433cee407d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /inter/inter/resources/jquery-plugins.jsf
pragma: no-cache
cookie: __cfduid=dc20e15545f99f0871109ad71841679261553800880
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: intermed-client.cf
referer: https://intermed-client.cf/inter/inter/
:scheme: https
:method: GET
Referer: https://intermed-client.cf/inter/inter/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 28 Mar 2019 19:21:20 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 22:49:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/plain; charset=UTF-8
status: 200
cf-ray: 4bebf76eef3c63d3-FRA
x-xss-protection: 1; mode=block
x-request-id: be0d769f24c58cfa4b8fd481894de82b

GET
H2 200 jsf.jsf Show response
intermed-client.cf/inter/inter/resources/ 29 KB
29 KB 238ms
236ms Script
text/plain 2606:4700:30::681c:b0b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://intermed-client.cf/inter/inter/resources/jsf.jsf

Requested by

Host: intermed-client.cf
URL: https://intermed-client.cf/inter/inter/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:b0b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b0be69b99c792a65888fbe902369d5540931b527e50d5b12918f16d3c7d1dec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /inter/inter/resources/jsf.jsf
pragma: no-cache
cookie: __cfduid=dc20e15545f99f0871109ad71841679261553800880
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: intermed-client.cf
referer: https://intermed-client.cf/inter/inter/
:scheme: https
:method: GET
Referer: https://intermed-client.cf/inter/inter/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 28 Mar 2019 19:21:20 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 22:49:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
accept-ranges: bytes
cf-ray: 4bebf76eef3e63d3-FRA
content-length: 29188
x-xss-protection: 1; mode=block
x-request-id: c18bc596a7137f3ddcfb0e65c983bb8d

GET
H2 200 css.css
intermed-client.cf/inter/inter/resources/ 4 KB
518 B 231ms
229ms Stylesheet
text/css 2606:4700:30::681c:b0b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://intermed-client.cf/inter/inter/resources/css.css

Requested by

Host: intermed-client.cf
URL: https://intermed-client.cf/inter/inter/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:b0b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c05068de0e8495501dc931a2a66f80be8c40fb0b53fe9d0e13fdbcbf114d02ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /inter/inter/resources/css.css
pragma: no-cache
cookie: __cfduid=dc20e15545f99f0871109ad71841679261553800880
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: intermed-client.cf
referer: https://intermed-client.cf/inter/inter/
:scheme: https
:method: GET
Referer: https://intermed-client.cf/inter/inter/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 28 Mar 2019 19:21:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Mon, 25 Mar 2019 22:49:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=14400
cf-ray: 4bebf76eef3563d3-FRA
x-xss-protection: 1; mode=block
x-request-id: 934a3156a9054e358a5d514f33370818
expires: Thu, 28 Mar 2019 23:21:20 GMT

GET
H2 200 logo.jpg
intermed-client.cf/inter/inter/resources/ 7 KB
7 KB 241ms
239ms Image
image/jpeg 2606:4700:30::681c:b0b
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://intermed-client.cf/inter/inter/resources/logo.jpg

Requested by

Host: intermed-client.cf
URL: https://intermed-client.cf/inter/inter/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:b0b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8cf8a8b1482f13c264ff86ff4d6567ed4101bdb3d8c8d7fe38b28883caf4c9c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /inter/inter/resources/logo.jpg
pragma: no-cache
cookie: __cfduid=dc20e15545f99f0871109ad71841679261553800880
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: intermed-client.cf
referer: https://intermed-client.cf/inter/inter/
:scheme: https
:method: GET
Referer: https://intermed-client.cf/inter/inter/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 28 Mar 2019 19:21:20 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
status: 200
content-length: 6913
x-xss-protection: 1; mode=block
x-request-id: b64b0085b86696c93952325696614482
last-modified: Mon, 25 Mar 2019 22:49:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 4bebf76eef4163d3-FRA
expires: Thu, 28 Mar 2019 23:21:20 GMT

GET
H2 200 logo-conta-digital-banco-inter.png
intermed-client.cf/inter/inter/resources/ 61 KB
61 KB 260ms
258ms Image
image/png 2606:4700:30::681c:b0b
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://intermed-client.cf/inter/inter/resources/logo-conta-digital-banco-inter.png

Requested by

Host: intermed-client.cf
URL: https://intermed-client.cf/inter/inter/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:b0b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cae460ff5637ca082a9fd22ea16dcfe671f152b887d8c34d67d6b346b82ce03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /inter/inter/resources/logo-conta-digital-banco-inter.png
pragma: no-cache
cookie: __cfduid=dc20e15545f99f0871109ad71841679261553800880
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: intermed-client.cf
referer: https://intermed-client.cf/inter/inter/
:scheme: https
:method: GET
Referer: https://intermed-client.cf/inter/inter/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 28 Mar 2019 19:21:20 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
status: 200
content-length: 62020
x-xss-protection: 1; mode=block
x-request-id: d05a2fe39b54bcacb8d2ddd6a1e76b5f
last-modified: Mon, 25 Mar 2019 22:49:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 4bebf76eef4263d3-FRA
expires: Thu, 28 Mar 2019 23:21:20 GMT

GET
H2 200 promocao-interpag-hb-banco-inter.jpg
intermed-client.cf/inter/inter/resources/ 55 KB
55 KB 251ms
250ms Image
image/jpeg 2606:4700:30::681c:b0b
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://intermed-client.cf/inter/inter/resources/promocao-interpag-hb-banco-inter.jpg

Requested by

Host: intermed-client.cf
URL: https://intermed-client.cf/inter/inter/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:b0b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

88374c1c82f47f5af7c3f88f1faf7ec6ffbbb63232e0e554d8c6165bb8c98151

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /inter/inter/resources/promocao-interpag-hb-banco-inter.jpg
pragma: no-cache
cookie: __cfduid=dc20e15545f99f0871109ad71841679261553800880
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: intermed-client.cf
referer: https://intermed-client.cf/inter/inter/
:scheme: https
:method: GET
Referer: https://intermed-client.cf/inter/inter/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 28 Mar 2019 19:21:21 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
status: 200
content-length: 56009
x-xss-protection: 1; mode=block
x-request-id: 13b833999f68776ce42f46e9a466fb4e
last-modified: Mon, 25 Mar 2019 22:49:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 4bebf7720c8863d3-FRA
expires: Thu, 28 Mar 2019 23:21:21 GMT

GET
H2 200 bt-up-down-white.png
intermed-client.cf/inter/inter/resources/ 996 B
1 KB 241ms
236ms Image
image/png 2606:4700:30::681c:b0b
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://intermed-client.cf/inter/inter/resources/bt-up-down-white.png

Requested by

Host: intermed-client.cf
URL: https://intermed-client.cf/inter/inter/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:b0b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0061c42ebc58e0286e1ecb47b5e3d04a0a0074021e0dcf8643d1de4f8c72052

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /inter/inter/resources/bt-up-down-white.png
pragma: no-cache
cookie: __cfduid=dc20e15545f99f0871109ad71841679261553800880
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: intermed-client.cf
referer: https://intermed-client.cf/inter/inter/
:scheme: https
:method: GET
Referer: https://intermed-client.cf/inter/inter/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 28 Mar 2019 19:21:21 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
status: 200
content-length: 996
x-xss-protection: 1; mode=block
x-request-id: e471bdc0b28068d24ce940ddd6db5d5b
last-modified: Mon, 25 Mar 2019 22:49:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 4bebf7721c9963d3-FRA
expires: Thu, 28 Mar 2019 23:21:21 GMT

GET
H2 200 bt-up-down.png
intermed-client.cf/inter/inter/resources/ 1005 B
1 KB 216ms
212ms Image
image/png 2606:4700:30::681c:b0b
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://intermed-client.cf/inter/inter/resources/bt-up-down.png

Requested by

Host: intermed-client.cf
URL: https://intermed-client.cf/inter/inter/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:b0b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8b7e4f100d5ad5b6c884c2078c3f921c1ac34ab6fbf21bc74adba311944f1b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /inter/inter/resources/bt-up-down.png
pragma: no-cache
cookie: __cfduid=dc20e15545f99f0871109ad71841679261553800880
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: intermed-client.cf
referer: https://intermed-client.cf/inter/inter/
:scheme: https
:method: GET
Referer: https://intermed-client.cf/inter/inter/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 28 Mar 2019 19:21:21 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
status: 200
content-length: 1005
x-xss-protection: 1; mode=block
x-request-id: 7a5a2ea2b04fe52acf9909f4ced667e2
last-modified: Mon, 25 Mar 2019 22:49:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 4bebf7721c9a63d3-FRA
expires: Thu, 28 Mar 2019 23:21:21 GMT

GET
H2 200 norton-secured.png
intermed-client.cf/inter/inter/resources/ 5 KB
5 KB 224ms
220ms Image
image/png 2606:4700:30::681c:b0b
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://intermed-client.cf/inter/inter/resources/norton-secured.png

Requested by

Host: intermed-client.cf
URL: https://intermed-client.cf/inter/inter/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:b0b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

893480e212db73becff06eaae16d9239cfeed43943c9ebe7756bf47ff23099c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /inter/inter/resources/norton-secured.png
pragma: no-cache
cookie: __cfduid=dc20e15545f99f0871109ad71841679261553800880
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: intermed-client.cf
referer: https://intermed-client.cf/inter/inter/
:scheme: https
:method: GET
Referer: https://intermed-client.cf/inter/inter/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 28 Mar 2019 19:21:21 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
status: 200
content-length: 4936
x-xss-protection: 1; mode=block
x-request-id: c8a5dbb9407a23b9ec5bfebb96a449eb
last-modified: Mon, 25 Mar 2019 22:49:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 4bebf7721c9b63d3-FRA
expires: Thu, 28 Mar 2019 23:21:21 GMT

GET
H2 200 redirect.jsf Show response
intermed-client.cf/inter/inter/resources/ 557 B
642 B 120ms
119ms Script
text/plain 2606:4700:30::681c:b0b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://intermed-client.cf/inter/inter/resources/redirect.jsf

Requested by

Host: intermed-client.cf
URL: https://intermed-client.cf/inter/inter/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:b0b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7372645797974eec6b01d283197fad798b7696065105c934c840ad4b18b59f69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /inter/inter/resources/redirect.jsf
pragma: no-cache
cookie: __cfduid=dc20e15545f99f0871109ad71841679261553800880
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: intermed-client.cf
referer: https://intermed-client.cf/inter/inter/
:scheme: https
:method: GET
Referer: https://intermed-client.cf/inter/inter/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 28 Mar 2019 19:21:20 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 22:49:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
accept-ranges: bytes
cf-ray: 4bebf77069ee63d3-FRA
content-length: 557
x-xss-protection: 1; mode=block
x-request-id: 6f48ec42b977759d4ff89cfd3e913382

GET
H2 200 locale-primefaces.jsf Show response
intermed-client.cf/inter/inter/resources/ 981 B
1 KB 242ms
241ms Script
text/plain 2606:4700:30::681c:b0b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://intermed-client.cf/inter/inter/resources/locale-primefaces.jsf

Requested by

Host: intermed-client.cf
URL: https://intermed-client.cf/inter/inter/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:b0b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

bcab2d0c7967d5329ae36685fec7db7942beadf74def2fb26116056aa87768d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /inter/inter/resources/locale-primefaces.jsf
pragma: no-cache
cookie: __cfduid=dc20e15545f99f0871109ad71841679261553800880
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: intermed-client.cf
referer: https://intermed-client.cf/inter/inter/
:scheme: https
:method: GET
Referer: https://intermed-client.cf/inter/inter/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 28 Mar 2019 19:21:20 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 22:49:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
accept-ranges: bytes
cf-ray: 4bebf7708a2163d3-FRA
content-length: 981
x-xss-protection: 1; mode=block
x-request-id: 705a2b6a4f495e4566bb0167c4fd3cfd

GET
H2 200 ComponetUtils.jsf Show response
intermed-client.cf/inter/inter/resources/ 6 KB
6 KB 129ms
129ms Script
text/plain 2606:4700:30::681c:b0b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://intermed-client.cf/inter/inter/resources/ComponetUtils.jsf

Requested by

Host: intermed-client.cf
URL: https://intermed-client.cf/inter/inter/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:b0b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3cefe2fae6a19807e6986d9f3222c6de05b25342301c3e4913b79d55478aa35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /inter/inter/resources/ComponetUtils.jsf
pragma: no-cache
cookie: __cfduid=dc20e15545f99f0871109ad71841679261553800880
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: intermed-client.cf
referer: https://intermed-client.cf/inter/inter/
:scheme: https
:method: GET
Referer: https://intermed-client.cf/inter/inter/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 28 Mar 2019 19:21:20 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 22:49:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
accept-ranges: bytes
cf-ray: 4bebf7712b0863d3-FRA
content-length: 5764
x-xss-protection: 1; mode=block
x-request-id: 4dc8ffb3d3f857eb9b25e5f38d46b864

GET
H2 200 mascara.jsf Show response
intermed-client.cf/inter/inter/resources/ 4 KB
4 KB 125ms
124ms Script
text/plain 2606:4700:30::681c:b0b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://intermed-client.cf/inter/inter/resources/mascara.jsf

Requested by

Host: intermed-client.cf
URL: https://intermed-client.cf/inter/inter/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:b0b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

246ad9f75362c4b15f32df2f776c842ab1479575cd035ee4403ed522659f872f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /inter/inter/resources/mascara.jsf
pragma: no-cache
cookie: __cfduid=dc20e15545f99f0871109ad71841679261553800880
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: intermed-client.cf
referer: https://intermed-client.cf/inter/inter/
:scheme: https
:method: GET
Referer: https://intermed-client.cf/inter/inter/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 28 Mar 2019 19:21:21 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 22:49:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
accept-ranges: bytes
cf-ray: 4bebf7720c7e63d3-FRA
content-length: 4413
x-xss-protection: 1; mode=block
x-request-id: af04dad1b0f16cd590bc3ad9d25763f3

GET
H2 200 util.jsf Show response
intermed-client.cf/inter/inter/resources/ 7 KB
7 KB 125ms
124ms Script
text/plain 2606:4700:30::681c:b0b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://intermed-client.cf/inter/inter/resources/util.jsf

Requested by

Host: intermed-client.cf
URL: https://intermed-client.cf/inter/inter/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:b0b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e4b338ce5bef2fcc1d3f516141d41047fc8cb8ce6d54238e3d5a57d34844714

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /inter/inter/resources/util.jsf
pragma: no-cache
cookie: __cfduid=dc20e15545f99f0871109ad71841679261553800880
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: intermed-client.cf
referer: https://intermed-client.cf/inter/inter/
:scheme: https
:method: GET
Referer: https://intermed-client.cf/inter/inter/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 28 Mar 2019 19:21:21 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 22:49:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
accept-ranges: bytes
cf-ray: 4bebf7720c8063d3-FRA
content-length: 7379
x-xss-protection: 1; mode=block
x-request-id: d9e0e718d5ce4d2653c9723cfcc28a2b

GET
H2 200 footer-powered-by-000webhost-white2.png
cdn.000webhost.com/000webhost/logo/ 2 KB
2 KB 18ms
15ms Image
image/webp 2606:4700:10::6814:432e
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.000webhost.com/000webhost/logo/footer-powered-by-000webhost-white2.png
Requested by: Host: intermed-client.cf
URL: https://intermed-client.cf/inter/inter/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:432e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86f2673ec74a632865109a76b2232f4f5b3587daa219e07a17ef1d9c76a0fda5

Request headers

Referer: https://intermed-client.cf/inter/inter/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 28 Mar 2019 19:21:20 GMT
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=2046
status: 200
content-disposition: inline; filename="footer-powered-by-000webhost-white2.webp"
cf-bgj: imgq:100
x-hostinger-datacenter: srv
content-length: 1696
last-modified: Thu, 28 Mar 2019 15:45:24 GMT
server: cloudflare
etag: "5c9cec14-7fe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=14400
x-hostinger-node: nl-srv-cdn2
accept-ranges: bytes
cf-ray: 4bebf7721cca9732-FRA
expires: Thu, 28 Mar 2019 23:21:20 GMT

GET
H/1.1 200
OK bg.png
s3-sa-east-1.amazonaws.com/frame-image-br/ 0
516 B 837ms
216ms Image
image/png 52.95.164.59
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-sa-east-1.amazonaws.com/frame-image-br/bg.png?x-id=bin&x-r=
Requested by: Host: intermed-client.cf
URL: https://intermed-client.cf/inter/inter/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.164.59 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-sa-east-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://intermed-client.cf/inter/inter/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 28 Mar 2019 19:21:22 GMT
Last-Modified: Thu, 04 May 2017 08:21:21 GMT
Server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:502/gname:staff/uname:user/gid:20/mode:33188/mtime:1493416832/atime:1493796970/md5:d41d8cd98f00b204e9800998ecf8427e/ctime:1493416832
x-amz-request-id: 9B5F5AE794233600
ETag: "d41d8cd98f00b204e9800998ecf8427e"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 0
x-amz-id-2: W9Kho0NTA+VO74QIovwiUMZEx7RDoRnx3L+ZL+OyZZVsf0d4E14b0DmUstOMzU/y/gmODgMBjEg=

GET
H2 404 sprite-ico-ib.svg.jsf
intermed-client.cf/javax.faces.resource/ 14 KB
14 KB 128ms
127ms Image
text/html 2606:4700:30::681c:b0b
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://intermed-client.cf/javax.faces.resource/sprite-ico-ib.svg.jsf?ln=img&v=14764

Requested by

Host: intermed-client.cf
URL: https://intermed-client.cf/inter/inter/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:b0b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

627c2fd168c193d82811b4247102557da92730def9b89cf66f8b2b050bd2b6e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /javax.faces.resource/sprite-ico-ib.svg.jsf?ln=img&v=14764
pragma: no-cache
cookie: __cfduid=dc20e15545f99f0871109ad71841679261553800880
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: intermed-client.cf
referer: https://intermed-client.cf/inter/inter/resources/estilos-novo-layout.css
:scheme: https
:method: GET
Referer: https://intermed-client.cf/inter/inter/resources/estilos-novo-layout.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 28 Mar 2019 19:21:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html; charset=UTF-8
status: 404
cf-ray: 4bebf7721caa63d3-FRA
x-xss-protection: 1; mode=block
x-request-id: 531d53a21c2708e5796c3d9a87eaa6d9

GET
H2 404 bt-select.jpg.jsf
intermed-client.cf/javax.faces.resource/ 3 KB
3 KB 127ms
127ms Image
text/html 2606:4700:30::681c:b0b
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://intermed-client.cf/javax.faces.resource/bt-select.jpg.jsf?ln=img&v=14764

Requested by

Host: intermed-client.cf
URL: https://intermed-client.cf/inter/inter/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:b0b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a42315c423da1749b81522a85b4986104d128022aafca21dad7868acb59cc70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /javax.faces.resource/bt-select.jpg.jsf?ln=img&v=14764
pragma: no-cache
cookie: __cfduid=dc20e15545f99f0871109ad71841679261553800880
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: intermed-client.cf
referer: https://intermed-client.cf/inter/inter/resources/estilos-novo-layout.css
:scheme: https
:method: GET
Referer: https://intermed-client.cf/inter/inter/resources/estilos-novo-layout.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 28 Mar 2019 19:21:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html; charset=UTF-8
status: 404
cf-ray: 4bebf7721cab63d3-FRA
x-xss-protection: 1; mode=block
x-request-id: 742e0cb43424fd48c7b55e18c9272187

GET
H2 404 roboto-light-webfont.woff2.jsf
intermed-client.cf/javax.faces.resource/ 0
0 130ms
129ms Font
text/html 2606:4700:30::681c:b0b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://intermed-client.cf/javax.faces.resource/roboto-light-webfont.woff2.jsf?ln=font&v=14764

Requested by

Host: intermed-client.cf
URL: https://intermed-client.cf/inter/inter/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:b0b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /javax.faces.resource/roboto-light-webfont.woff2.jsf?ln=font&v=14764
pragma: no-cache
cookie: __cfduid=dc20e15545f99f0871109ad71841679261553800880
origin: https://intermed-client.cf
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: intermed-client.cf
referer: https://intermed-client.cf/inter/inter/resources/estilos-novo-layout.css
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://intermed-client.cf/inter/inter/resources/estilos-novo-layout.css
Origin: https://intermed-client.cf

Response headers

date: Thu, 28 Mar 2019 19:21:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html; charset=UTF-8
status: 404
cf-ray: 4bebf7722cb363d3-FRA
x-xss-protection: 1; mode=block
x-request-id: 66d7336c23b9630d14134a8f3d18f5cc

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v14/ 23 KB
23 KB 7ms
5ms Font
font/woff2 2a00:1450:4001:809::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v14/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: intermed-client.cf
URL: https://intermed-client.cf/inter/inter/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:809::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

1670565574aab8aa0a287a4cd8f49cf0d8b0959ebe344f90ca8af696ede9c23b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://intermed-client.cf/inter/inter/resources/css.css
Origin: https://intermed-client.cf

Response headers

date: Sat, 09 Mar 2019 03:41:03 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 18:23:15 GMT
server: sffe
age: 1698017
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 23316
x-xss-protection: 1; mode=block
expires: Sun, 08 Mar 2020 03:41:03 GMT

GET
H2 404 play-bold-webfont.woff2.jsf
intermed-client.cf/javax.faces.resource/ 0
0 120ms
119ms Font
text/html 2606:4700:30::681c:b0b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://intermed-client.cf/javax.faces.resource/play-bold-webfont.woff2.jsf?ln=font&v=14764

Requested by

Host: intermed-client.cf
URL: https://intermed-client.cf/inter/inter/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:b0b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /javax.faces.resource/play-bold-webfont.woff2.jsf?ln=font&v=14764
pragma: no-cache
cookie: __cfduid=dc20e15545f99f0871109ad71841679261553800880
origin: https://intermed-client.cf
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: intermed-client.cf
referer: https://intermed-client.cf/inter/inter/resources/estilos-novo-layout.css
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://intermed-client.cf/inter/inter/resources/estilos-novo-layout.css
Origin: https://intermed-client.cf

Response headers

date: Thu, 28 Mar 2019 19:21:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html; charset=UTF-8
status: 404
cf-ray: 4bebf7722cbc63d3-FRA
x-xss-protection: 1; mode=block
x-request-id: e676314e3608d56305e8bdad24bc6209

GET
H2 404 roboto-medium-webfont.woff2.jsf
intermed-client.cf/javax.faces.resource/ 0
0 233ms
233ms Font
text/html 2606:4700:30::681c:b0b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://intermed-client.cf/javax.faces.resource/roboto-medium-webfont.woff2.jsf?ln=font&v=14764

Requested by

Host: intermed-client.cf
URL: https://intermed-client.cf/inter/inter/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:b0b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /javax.faces.resource/roboto-medium-webfont.woff2.jsf?ln=font&v=14764
pragma: no-cache
cookie: __cfduid=dc20e15545f99f0871109ad71841679261553800880
origin: https://intermed-client.cf
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: intermed-client.cf
referer: https://intermed-client.cf/inter/inter/resources/estilos-novo-layout.css
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://intermed-client.cf/inter/inter/resources/estilos-novo-layout.css
Origin: https://intermed-client.cf

Response headers

date: Thu, 28 Mar 2019 19:21:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html; charset=UTF-8
status: 404
cf-ray: 4bebf7722cc063d3-FRA
x-xss-protection: 1; mode=block
x-request-id: 85206267a9f649d3909289848be9aaa7

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v14/ 23 KB
23 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v14/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: intermed-client.cf
URL: https://intermed-client.cf/inter/inter/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:809::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

9e42e92231a8198158ff0296ba69f0495069daaad816faed54cd356247ca451b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://intermed-client.cf/inter/inter/resources/css.css
Origin: https://intermed-client.cf

Response headers

date: Sat, 09 Mar 2019 02:36:33 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 18:24:02 GMT
server: sffe
age: 1701887
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 23208
x-xss-protection: 1; mode=block
expires: Sun, 08 Mar 2020 02:36:33 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v14/ 22 KB
22 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v14/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: intermed-client.cf
URL: https://intermed-client.cf/inter/inter/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:809::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

ead13ccfbdea5462c3af37aa6ae04e64ed65a31c33f76e46da5e86ec85c52064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://intermed-client.cf/inter/inter/resources/css.css
Origin: https://intermed-client.cf

Response headers

date: Sat, 09 Mar 2019 03:03:46 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 18:24:09 GMT
server: sffe
age: 1700254
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 22820
x-xss-protection: 1; mode=block
expires: Sun, 08 Mar 2020 03:03:46 GMT

GET
H2 404 play-bold-webfont.woff.jsf
intermed-client.cf/javax.faces.resource/ 0
0 131ms
128ms Font
text/html 2606:4700:30::681c:b0b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://intermed-client.cf/javax.faces.resource/play-bold-webfont.woff.jsf?ln=font&v=14764

Requested by

Host: intermed-client.cf
URL: https://intermed-client.cf/inter/inter/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:b0b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /javax.faces.resource/play-bold-webfont.woff.jsf?ln=font&v=14764
pragma: no-cache
cookie: __cfduid=dc20e15545f99f0871109ad71841679261553800880
origin: https://intermed-client.cf
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: intermed-client.cf
referer: https://intermed-client.cf/inter/inter/resources/estilos-novo-layout.css
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://intermed-client.cf/inter/inter/resources/estilos-novo-layout.css
Origin: https://intermed-client.cf

Response headers

date: Thu, 28 Mar 2019 19:21:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html; charset=UTF-8
status: 404
cf-ray: 4bebf772ee5463d3-FRA
x-xss-protection: 1; mode=block
x-request-id: e4aa18752c16fef915a21c66b0685193

GET
H2 404 roboto-light-webfont.woff.jsf
intermed-client.cf/javax.faces.resource/ 0
0 128ms
128ms Font
text/html 2606:4700:30::681c:b0b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://intermed-client.cf/javax.faces.resource/roboto-light-webfont.woff.jsf?ln=font&v=14764

Requested by

Host: intermed-client.cf
URL: https://intermed-client.cf/inter/inter/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:b0b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /javax.faces.resource/roboto-light-webfont.woff.jsf?ln=font&v=14764
pragma: no-cache
cookie: __cfduid=dc20e15545f99f0871109ad71841679261553800880
origin: https://intermed-client.cf
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: intermed-client.cf
referer: https://intermed-client.cf/inter/inter/resources/estilos-novo-layout.css
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://intermed-client.cf/inter/inter/resources/estilos-novo-layout.css
Origin: https://intermed-client.cf

Response headers

date: Thu, 28 Mar 2019 19:21:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html; charset=UTF-8
status: 404
cf-ray: 4bebf772fe5963d3-FRA
x-xss-protection: 1; mode=block
x-request-id: 70ac685c812b535e35221c5881214fbd

GET
H2 404 roboto-medium-webfont.woff.jsf
intermed-client.cf/javax.faces.resource/ 0
0 163ms
163ms Font
text/html 2606:4700:30::681c:b0b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://intermed-client.cf/javax.faces.resource/roboto-medium-webfont.woff.jsf?ln=font&v=14764

Requested by

Host: intermed-client.cf
URL: https://intermed-client.cf/inter/inter/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:b0b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /javax.faces.resource/roboto-medium-webfont.woff.jsf?ln=font&v=14764
pragma: no-cache
cookie: __cfduid=dc20e15545f99f0871109ad71841679261553800880
origin: https://intermed-client.cf
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: intermed-client.cf
referer: https://intermed-client.cf/inter/inter/resources/estilos-novo-layout.css
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://intermed-client.cf/inter/inter/resources/estilos-novo-layout.css
Origin: https://intermed-client.cf

Response headers

date: Thu, 28 Mar 2019 19:21:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html; charset=UTF-8
status: 404
cf-ray: 4bebf773bf5c63d3-FRA
x-xss-protection: 1; mode=block
x-request-id: dcab6fe1f6426d8b549ff839e76daa2e

GET
H2 404 play-bold-webfont.ttf.jsf
intermed-client.cf/javax.faces.resource/ 0
0 154ms
152ms Font
text/html 2606:4700:30::681c:b0b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://intermed-client.cf/javax.faces.resource/play-bold-webfont.ttf.jsf?ln=font&v=14764

Requested by

Host: intermed-client.cf
URL: https://intermed-client.cf/inter/inter/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:b0b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /javax.faces.resource/play-bold-webfont.ttf.jsf?ln=font&v=14764
pragma: no-cache
cookie: __cfduid=dc20e15545f99f0871109ad71841679261553800880
origin: https://intermed-client.cf
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: intermed-client.cf
referer: https://intermed-client.cf/inter/inter/resources/estilos-novo-layout.css
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://intermed-client.cf/inter/inter/resources/estilos-novo-layout.css
Origin: https://intermed-client.cf

Response headers

date: Thu, 28 Mar 2019 19:21:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html; charset=UTF-8
status: 404
cf-ray: 4bebf773cf7063d3-FRA
x-xss-protection: 1; mode=block
x-request-id: 51252f6bfd13b777f9d2a2bfa1d0f0f1

GET
H2 404 roboto-light-webfont.ttf.jsf
intermed-client.cf/javax.faces.resource/ 0
0 144ms
144ms Font
text/html 2606:4700:30::681c:b0b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://intermed-client.cf/javax.faces.resource/roboto-light-webfont.ttf.jsf?ln=font&v=14764

Requested by

Host: intermed-client.cf
URL: https://intermed-client.cf/inter/inter/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:b0b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /javax.faces.resource/roboto-light-webfont.ttf.jsf?ln=font&v=14764
pragma: no-cache
cookie: __cfduid=dc20e15545f99f0871109ad71841679261553800880
origin: https://intermed-client.cf
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: intermed-client.cf
referer: https://intermed-client.cf/inter/inter/resources/estilos-novo-layout.css
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://intermed-client.cf/inter/inter/resources/estilos-novo-layout.css
Origin: https://intermed-client.cf

Response headers

date: Thu, 28 Mar 2019 19:21:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html; charset=UTF-8
status: 404
cf-ray: 4bebf773cf7163d3-FRA
x-xss-protection: 1; mode=block
x-request-id: 6142c134d18bc72dd225ce761b6993c8

GET
H2 404 roboto-medium-webfont.ttf.jsf
intermed-client.cf/javax.faces.resource/ 0
0 148ms
148ms Font
text/html 2606:4700:30::681c:b0b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://intermed-client.cf/javax.faces.resource/roboto-medium-webfont.ttf.jsf?ln=font&v=14764

Requested by

Host: intermed-client.cf
URL: https://intermed-client.cf/inter/inter/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:b0b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /javax.faces.resource/roboto-medium-webfont.ttf.jsf?ln=font&v=14764
pragma: no-cache
cookie: __cfduid=dc20e15545f99f0871109ad71841679261553800880
origin: https://intermed-client.cf
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: intermed-client.cf
referer: https://intermed-client.cf/inter/inter/resources/estilos-novo-layout.css
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://intermed-client.cf/inter/inter/resources/estilos-novo-layout.css
Origin: https://intermed-client.cf

Response headers

date: Thu, 28 Mar 2019 19:21:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html; charset=UTF-8
status: 404
cf-ray: 4bebf774b95c63d3-FRA
x-xss-protection: 1; mode=block
x-request-id: 1c9e98e03b0134ac1c3510ae8f934e52

GET
H2 200 nr-892.min.js Show response
js-agent.newrelic.com/ 22 KB
9 KB 22ms
21ms Script
application/javascript 151.101.2.110
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-892.min.js
Requested by: Host: intermed-client.cf
URL: https://intermed-client.cf/inter/inter/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.110 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: daaccf2befd88ba6e8275e519494f0ae4cb8af38bec15a1b64988a8f08976abb

Request headers

Referer: https://intermed-client.cf/inter/inter/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 28 Mar 2019 19:21:21 GMT
content-encoding: gzip
x-amz-request-id: 103B6CB00B7FAE72
x-cache: HIT
status: 200
content-length: 8668
x-amz-id-2: iQzv5OThhHaXad4TXUfWpouHHN6Ra4qhFATZHIVJFJm57NW7LD+vlxpAt47Q9lzkmBCoK5luvDw=
x-served-by: cache-hhn1538-HHN
last-modified: Wed, 28 Feb 2018 23:33:44 GMT
server: AmazonS3
x-timer: S1553800882.814770,VS0,VE0
etag: "909528a7d6813f32e1de34aeb7a3adf6"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 388

GET
H/1.1 200
OK 158c4169c0 Show response
bam.nr-data.net/1/ 57 B
254 B 468ms
112ms Script
text/javascript 162.247.242.20
New Relic

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/158c4169c0?a=16713249&sa=1&v=892.e77dac2&t=Unnamed%20Transaction&rst=1678&be=815&fe=835&dc=120&f=%5B%22err%22,%22xhr%22,%22stn%22%5D&perf=%7B%22timing%22:%7B%22of%22:1553800880157,%22n%22:0,%22dl%22:301,%22di%22:935,%22ds%22:935,%22de%22:935,%22dc%22:1650,%22l%22:1650,%22le%22:1651,%22f%22:0,%22dn%22:1,%22dne%22:1,%22c%22:1,%22ce%22:48,%22s%22:6,%22rq%22:48,%22rp%22:298,%22rpe%22:410%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-892.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.20 , United States, ASN23467 (NEWRELIC-AS-1 - New Relic, US),
Reverse DNS: bam-8.nr-data.net
Software: /
Resource Hash: 5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d

Request headers

Referer: https://intermed-client.cf/inter/inter/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: text/javascript;charset=ISO-8859-1
Content-Length: 57
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banco Inter (Banking)

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.intermed-client.cf/	1970-01-19 08:22:16	Name: __cfduid Value: dc20e15545f99f0871109ad71841679261553800880

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
cdn.000webhost.com
fonts.gstatic.com
intermed-client.cf
js-agent.newrelic.com
s3-sa-east-1.amazonaws.com
151.101.2.110
162.247.242.20
2606:4700:10::6814:432e
2606:4700:30::681c:b0b
2a00:1450:4001:809::2003
52.95.164.59
1670565574aab8aa0a287a4cd8f49cf0d8b0959ebe344f90ca8af696ede9c23b
246ad9f75362c4b15f32df2f776c842ab1479575cd035ee4403ed522659f872f
247fa6146dd8feb811c43967c377b2797d711535d8f61d66ebbebbe3fbb522a8
2a42315c423da1749b81522a85b4986104d128022aafca21dad7868acb59cc70
414b6a0449cfa4ac4200e228dc41b51051838c9596b25a11c078ddda529e1264
4e4b338ce5bef2fcc1d3f516141d41047fc8cb8ce6d54238e3d5a57d34844714
52b40de909fd01b6f5082e706a7875626f4e9be207bfe5dffdcfe433cee407d1
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
627c2fd168c193d82811b4247102557da92730def9b89cf66f8b2b050bd2b6e5
7372645797974eec6b01d283197fad798b7696065105c934c840ad4b18b59f69
7b0be69b99c792a65888fbe902369d5540931b527e50d5b12918f16d3c7d1dec
7cae460ff5637ca082a9fd22ea16dcfe671f152b887d8c34d67d6b346b82ce03
86f2673ec74a632865109a76b2232f4f5b3587daa219e07a17ef1d9c76a0fda5
88374c1c82f47f5af7c3f88f1faf7ec6ffbbb63232e0e554d8c6165bb8c98151
885d3edafab78ea25bb24cc75b438d06f81cf85d0ba5d6b285fce7b139d20d58
893480e212db73becff06eaae16d9239cfeed43943c9ebe7756bf47ff23099c7
8cf8a8b1482f13c264ff86ff4d6567ed4101bdb3d8c8d7fe38b28883caf4c9c3
9e42e92231a8198158ff0296ba69f0495069daaad816faed54cd356247ca451b
a3cefe2fae6a19807e6986d9f3222c6de05b25342301c3e4913b79d55478aa35
b902c472d45c3081f53901ffbed553b2192e527a6f1a3a03659fbd3efe159d33
bcab2d0c7967d5329ae36685fec7db7942beadf74def2fb26116056aa87768d1
c0061c42ebc58e0286e1ecb47b5e3d04a0a0074021e0dcf8643d1de4f8c72052
c05068de0e8495501dc931a2a66f80be8c40fb0b53fe9d0e13fdbcbf114d02ce
d4722adc68f89d20e21a7f98ae1af5b262b8fe695fccd5ea68cc381a5b434857
d8b7e4f100d5ad5b6c884c2078c3f921c1ac34ab6fbf21bc74adba311944f1b5
d9a39dfc98f782d66be17e3ceb984aba53a462d2b4ee0409010746f0b98f3c29
daaccf2befd88ba6e8275e519494f0ae4cb8af38bec15a1b64988a8f08976abb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6be08d782165ce3f7d792f7b0574ee595cd242986a81af1c873c3ab571cffc3
ead13ccfbdea5462c3af37aa6ae04e64ed65a31c33f76e46da5e86ec85c52064

intermed-client.cf Open in urlscan Pro 2606:4700:30::681c:b0b Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

41 Requests

100 %HTTPS

50 %IPv6

6 Domains

6 Subdomains

6 IPs

2 Countries

457 kBTransfer

950 kBSize

1 Cookies

2 Outgoing links

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

intermed-client.cf Open in urlscan Pro
2606:4700:30::681c:b0b Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

100 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

6
IPs

2
Countries

457 kB
Transfer

950 kB
Size

1
Cookies

41 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!