urlscan.io logo urlscan.io
SecurityTrails logo

ac2es1.com Open in urlscan Pro
2a06:98c1:3121::3  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://ac2es1.com/inicio/
Submission Tags: 7864466
Submission: On October 20 via api from GB — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 9 domains to perform 37 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is ac2es1.com.
TLS certificate: Issued by GTS CA 1P5 on October 18th 2022. Valid for: 3 months.
This is the only time ac2es1.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Realize (Financial)

Domain & IP information

IP Address AS Autonomous System
5 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 52.222.236.22 16509 (AMAZON-02)
10 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
6 177.159.103.218 18881 (TELEFONIC...)
1 16.12.0.12 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 18.229.186.199 16509 (AMAZON-02)
3 52.71.122.73 14618 (AMAZON-AES)
37 10
5    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
ac2es1.com
1    52.222.236.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-22.fra56.r.cloudfront.net
js-cdn.dynatrace.com
10    2606:4700::6810:7daf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
3    2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
6    177.159.103.218 (Canoas, Brazil)

ASN18881 (TELEFONICA BRASIL S.A, BR)
PTR: lojasrenner.static.gvt.net.br
www.realizesolucoesfinanceiras.com.br
1    16.12.0.12 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: s3-sa-east-1.amazonaws.com
s3-sa-east-1.amazonaws.com
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
5    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    18.229.186.199 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-229-186-199.sa-east-1.compute.amazonaws.com
cdn.pmweb.com.br
df.pmweb.com.br
3    52.71.122.73 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-122-73.compute-1.amazonaws.com
bf73995led.bf.dynatrace.com
Apex Domain
Subdomains		 Transfer
10 unpkg.com
unpkg.com — Cisco Umbrella Rank: 801
9 KB
6 realizesolucoesfinanceiras.com.br
www.realizesolucoesfinanceiras.com.br
384 KB
5 gstatic.com
www.gstatic.com
395 KB
5 ac2es1.com
ac2es1.com
92 KB
4 dynatrace.com
js-cdn.dynatrace.com — Cisco Umbrella Rank: 6848
bf73995led.bf.dynatrace.com — Cisco Umbrella Rank: 464947
96 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 2
25 KB
2 pmweb.com.br
cdn.pmweb.com.br — Cisco Umbrella Rank: 151666
df.pmweb.com.br — Cisco Umbrella Rank: 148142
10 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 306
86 KB
1 amazonaws.com
s3-sa-east-1.amazonaws.com
516 B
37 9
Domain Requested by
10 unpkg.com ac2es1.com
unpkg.com
js-cdn.dynatrace.com
6 www.realizesolucoesfinanceiras.com.br ac2es1.com
5 www.gstatic.com www.google.com
5 ac2es1.com ac2es1.com
3 bf73995led.bf.dynatrace.com js-cdn.dynatrace.com
3 www.google.com ac2es1.com
1 df.pmweb.com.br js-cdn.dynatrace.com
1 cdn.pmweb.com.br ac2es1.com
1 ajax.googleapis.com ac2es1.com
1 s3-sa-east-1.amazonaws.com ac2es1.com
1 js-cdn.dynatrace.com ac2es1.com
37 11
Subject Issuer Validity Valid
*.ac2es1.com
GTS CA 1P5		 2022-10-18 -
2023-01-16		 3 months crt.sh
js-cdn.dynatrace.com
Amazon		 2022-03-04 -
2023-04-02		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-01 -
2023-06-01		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.realizesolucoesfinanceiras.com.br
Sectigo RSA Domain Validation Secure Server CA		 2022-04-04 -
2023-04-04		 a year crt.sh
*.s3-sa-east-1.amazonaws.com
Amazon		 2021-12-09 -
2022-12-02		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.pmweb.com.br
Amazon		 2022-08-04 -
2023-09-02		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.bf.dynatrace.com
Amazon		 2022-01-08 -
2023-02-06		 a year crt.sh

This page contains 3 frames:

Primary Page: https://ac2es1.com/inicio/
Frame ID: 2741003F8DE1B78F5741EBBFF671DBE9
Requests: 31 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcNwW8UAAAAAJ8eSLfer6Z8Lm28favadVWPryjV&co=aHR0cHM6Ly93d3cucmVhbGl6ZXNvbHVjb2VzZmluYW5jZWlyYXMuY29tLmJyOjQ0Mw..&hl=pt-BR&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&badge=inline&cb=2v5tfq911hky
Frame ID: 18BDB41CAE5008BE13526F0E41E7962A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=pt-BR&v=4rwLQsl5N_ccppoTAwwwMrEN&k=6LcNwW8UAAAAAJ8eSLfer6Z8Lm28favadVWPryjV
Frame ID: 76AA4E69FF0C7C1EEF10254177410AE1
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Cartões Renner

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

37
Requests

100 %
HTTPS

50 %
IPv6

9
Domains

11
Subdomains

10
IPs

3
Countries

1098 kB
Transfer

2502 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ac2es1.com/inicio/ 		817 KB
88 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ac2es1.com/inicio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.1.6
Resource Hash
b70aa045d4ea3a65495777f28434610559c788960aaddda4fe5742bb5ec03afe

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
75ce7f2f087eb992-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 20 Oct 2022 02:59:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P3CoiHNQNLW4Y0tYzrCaT9ZfMffhL%2FauLVm92No%2BejrD%2FIlZ2HPbjwxs8hUVAoQVUGtAC8z0axz8QP3c3O0fMg4LYNk%2BEoGMbTLNDisxhvpSCz2rJ7BUj8P%2FKwXlPD26wxPHk60QBZQ5"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.1.6
189e25234ffe70ce_complete.js
js-cdn.dynatrace.com/jstag/157944990f8/bf73995led/ 		251 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-cdn.dynatrace.com/jstag/157944990f8/bf73995led/189e25234ffe70ce_complete.js
Requested by
Host: ac2es1.com
URL: https://ac2es1.com/inicio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-22.fra56.r.cloudfront.net
Software
/
Resource Hash
23914f55527371b90744442c2038bffbaea0cb5e2c8cee0f073ec46cb99541a7

Request headers

Referer
https://ac2es1.com/
Origin
https://ac2es1.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:18:17 GMT
content-encoding
gzip
via
1.1 a2cac9c5f0e90f8b7fede4ac9aca75ca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
age
2467
x-cache
Hit from cloudfront
x-oneagent-js-injection
true
traffic-source
UNKNOWN
dynatrace-response-id
TJHM5O7VTICY
dynatrace-response-source
Cluster
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
timing-allow-origin
*
x-amz-cf-id
vnLFVsNSiXxmuVExIsumNjc9DgI782nEIXZJ3nfnL_jt7zkEU_gBcw==
expires
Thu, 20 Oct 2022 03:18:17 GMT
ionicons.esm.js
unpkg.com/ionicons@5.5.2/dist/ionicons/ 		399 B
645 B 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/ionicons@5.5.2/dist/ionicons/ionicons.esm.js
Requested by
Host: ac2es1.com
URL: https://ac2es1.com/inicio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20193736d900f0b602a678f804676349764578ab2adcd07ffebb6d06df1afd96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ac2es1.com/
Origin
https://ac2es1.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:59:24 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
11536929
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01G51TSZGK3VFDC2ZHDG4BV2BT-ams
server
cloudflare
etag
W/"18f-B+zGUTbQ1uVsG8y1uf+53Qdwne0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
75ce7f4d1a71b7b5-AMS
p-e26ac56f.js
unpkg.com/ionicons@5.5.2/dist/ionicons/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/ionicons@5.5.2/dist/ionicons/p-e26ac56f.js
Requested by
Host: ac2es1.com
URL: https://ac2es1.com/inicio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
411ebf3f42ff97b8fdcb02ef60f534e0fd011b86878ec33abf2509b4bfe58037
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://unpkg.com/ionicons@5.5.2/dist/ionicons/ionicons.esm.js
Origin
https://ac2es1.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:59:24 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
11536900
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01G51TTEZH7J0BAAS52XNCVHQS-ams
server
cloudflare
etag
W/"1d56-gDHdPSZYuc2h8Mf9Yj/8nfSlS9o"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
75ce7f4e3b56b7b5-AMS
anchor
www.google.com/recaptcha/api2/ Frame 18BD 		43 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcNwW8UAAAAAJ8eSLfer6Z8Lm28favadVWPryjV&co=aHR0cHM6Ly93d3cucmVhbGl6ZXNvbHVjb2VzZmluYW5jZWlyYXMuY29tLmJyOjQ0Mw..&hl=pt-BR&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&badge=inline&cb=2v5tfq911hky
Requested by
Host: ac2es1.com
URL: https://ac2es1.com/inicio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
79a792bede5d7598c888cb39c8cc986f777faafff1eb2ea6994dd0b509f2ac41
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-LHR_BkNYViigRmhws46LTw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ac2es1.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
23269
content-security-policy
script-src 'report-sample' 'nonce-LHR_BkNYViigRmhws46LTw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 20 Oct 2022 02:59:25 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
google-play-badge-reverse.svg
www.realizesolucoesfinanceiras.com.br/cartoes-renner/vectors/ 		11 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.realizesolucoesfinanceiras.com.br/cartoes-renner/vectors/google-play-badge-reverse.svg
Requested by
Host: ac2es1.com
URL: https://ac2es1.com/inicio/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
177.159.103.218 Canoas, Brazil, ASN18881 (TELEFONICA BRASIL S.A, BR),
Reverse DNS
lojasrenner.static.gvt.net.br
Software
/
Resource Hash
e946d863a136a09089fd275d574ff3346bad8327d4ef378c06af35872d9fe56d
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ac2es1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 20 Oct 2022 02:59:27 GMT
Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Encoding
gzip
Last-Modified
Tue, 04 Oct 2022 12:17:43 GMT
ETag
W/"633c2467-2a25"
Vary
Accept-Encoding
X-Frame-Options
deny
Content-Type
image/svg+xml
Transfer-Encoding
chunked
Cache-Control
max-age=315360000
Connection
keep-alive
Server-Timing
dtSInfo;desc="0", dtRpid;desc="1721820449"
X-XSS-Protection
1; mode=block
Expires
Thu, 31 Dec 2037 23:55:55 GMT
celular-login.png
www.realizesolucoesfinanceiras.com.br/cartoes-renner/images/ 		152 KB
153 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.realizesolucoesfinanceiras.com.br/cartoes-renner/images/celular-login.png
Requested by
Host: ac2es1.com
URL: https://ac2es1.com/inicio/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
177.159.103.218 Canoas, Brazil, ASN18881 (TELEFONICA BRASIL S.A, BR),
Reverse DNS
lojasrenner.static.gvt.net.br
Software
/
Resource Hash
7db4ada57262fbacd47bef4e96e3cedda276b9267e6ca4d20adeeb1c24d870b6
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ac2es1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 20 Oct 2022 02:59:27 GMT
Strict-Transport-Security
max-age=16070400; includeSubDomains
Last-Modified
Tue, 04 Oct 2022 12:17:43 GMT
ETag
"633c2467-25e28"
X-Frame-Options
deny
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Server-Timing
dtSInfo;desc="0", dtRpid;desc="-459284588"
Accept-Ranges
bytes
Content-Length
155176
X-XSS-Protection
1; mode=block
Expires
Thu, 31 Dec 2037 23:55:55 GMT
whatsapp.svg
ac2es1.com/cartoes-renner/vectors/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://ac2es1.com/cartoes-renner/vectors/whatsapp.svg
Requested by
Host: ac2es1.com
URL: https://ac2es1.com/inicio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ac2es1.com/inicio/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:59:25 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=chOtRDzlNGhR83Pb1Hzh72l1NQKJWCnZ17wPK521E4bYPmEA4UBIjcjxtj4vWkYHsrHN25sVCj10tW%2FdYtiWqChKg0D%2FAnqzLfpaGoWFfwy0niAgviO9qI7Amc8Ua9lOURNX6KrkPsZC"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
75ce7f521d35b992-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
google-play-badge.svg
www.realizesolucoesfinanceiras.com.br/cartoes-renner/vectors/ 		11 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.realizesolucoesfinanceiras.com.br/cartoes-renner/vectors/google-play-badge.svg
Requested by
Host: ac2es1.com
URL: https://ac2es1.com/inicio/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
177.159.103.218 Canoas, Brazil, ASN18881 (TELEFONICA BRASIL S.A, BR),
Reverse DNS
lojasrenner.static.gvt.net.br
Software
/
Resource Hash
8827f96ace2afe4aeff4c33db4ac86193f38a62cb30d9fbba949e0b72c2a55ff
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ac2es1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 20 Oct 2022 02:59:27 GMT
Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Encoding
gzip
Last-Modified
Tue, 04 Oct 2022 12:17:43 GMT
ETag
W/"633c2467-2a22"
Vary
Accept-Encoding
X-Frame-Options
deny
Content-Type
image/svg+xml
Transfer-Encoding
chunked
Cache-Control
max-age=315360000
Connection
keep-alive
Server-Timing
dtSInfo;desc="0", dtRpid;desc="-494429258"
X-XSS-Protection
1; mode=block
Expires
Thu, 31 Dec 2037 23:55:55 GMT
app-store-badge.svg
www.realizesolucoesfinanceiras.com.br/cartoes-renner/vectors/ 		14 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.realizesolucoesfinanceiras.com.br/cartoes-renner/vectors/app-store-badge.svg
Requested by
Host: ac2es1.com
URL: https://ac2es1.com/inicio/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
177.159.103.218 Canoas, Brazil, ASN18881 (TELEFONICA BRASIL S.A, BR),
Reverse DNS
lojasrenner.static.gvt.net.br
Software
/
Resource Hash
3dd08d21a5c010294a50355af3565a50d08ea4aef83e822114be29171209f109
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ac2es1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 20 Oct 2022 02:59:28 GMT
Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Encoding
gzip
Last-Modified
Tue, 04 Oct 2022 12:17:43 GMT
ETag
W/"633c2467-37b6"
Vary
Accept-Encoding
X-Frame-Options
deny
Content-Type
image/svg+xml
Transfer-Encoding
chunked
Cache-Control
max-age=315360000
Connection
keep-alive
Server-Timing
dtSInfo;desc="0", dtRpid;desc="-1446465695"
X-XSS-Protection
1; mode=block
Expires
Thu, 31 Dec 2037 23:55:55 GMT
bg.png
s3-sa-east-1.amazonaws.com/frame-image-br/ 		0
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-sa-east-1.amazonaws.com/frame-image-br/bg.png?x-id=real&x-r=
Requested by
Host: ac2es1.com
URL: https://ac2es1.com/inicio/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
16.12.0.12 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-sa-east-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ac2es1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 20 Oct 2022 02:59:26 GMT
Last-Modified
Thu, 04 May 2017 08:21:21 GMT
Server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:502/gname:staff/uname:user/gid:20/mode:33188/mtime:1493416832/atime:1493796970/md5:d41d8cd98f00b204e9800998ecf8427e/ctime:1493416832
x-amz-request-id
WT6TZMS5TQA0VMC6
ETag
"d41d8cd98f00b204e9800998ecf8427e"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
0
x-amz-id-2
+5yKj+749zLtbUXOMF7j1MxUA2l+H79B/uLV/qstfcsAO6enOa/fC0uah3sfkTJAMyvqlHO2Dkw=
vendors.bundle-859d26788acf215a201a.js
www.realizesolucoesfinanceiras.com.br/cartoes-renner/js/ 		670 KB
217 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.realizesolucoesfinanceiras.com.br/cartoes-renner/js/vendors.bundle-859d26788acf215a201a.js
Requested by
Host: ac2es1.com
URL: https://ac2es1.com/inicio/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
177.159.103.218 Canoas, Brazil, ASN18881 (TELEFONICA BRASIL S.A, BR),
Reverse DNS
lojasrenner.static.gvt.net.br
Software
/
Resource Hash
1ad62b00c3254649d6f6b6f55525d1c33c7c021bfa3f03b6ce707aac96ccc8e1
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ac2es1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 20 Oct 2022 02:59:27 GMT
Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Encoding
gzip
Last-Modified
Tue, 04 Oct 2022 12:17:43 GMT
ETag
W/"633c2467-a78a6"
Vary
Accept-Encoding
X-Frame-Options
deny
Content-Type
application/javascript
Transfer-Encoding
chunked
Cache-Control
max-age=315360000
Connection
keep-alive
Server-Timing
dtSInfo;desc="0", dtRpid;desc="-1673635985"
X-XSS-Protection
1; mode=block
Expires
Thu, 31 Dec 2037 23:55:55 GMT
main.bundle-a8974a4871d6c1f55629.js
www.realizesolucoesfinanceiras.com.br/cartoes-renner/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.realizesolucoesfinanceiras.com.br/cartoes-renner/js/main.bundle-a8974a4871d6c1f55629.js
Requested by
Host: ac2es1.com
URL: https://ac2es1.com/inicio/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
177.159.103.218 Canoas, Brazil, ASN18881 (TELEFONICA BRASIL S.A, BR),
Reverse DNS
lojasrenner.static.gvt.net.br
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ac2es1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
api.js
www.google.com/recaptcha/ 		913 B
998 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=onLoadRecaptcha&render=explicit&hl=pt-BR
Requested by
Host: ac2es1.com
URL: https://ac2es1.com/inicio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5620fb708e986150a4034534980def1a51c39650ef4c2bb47988f4db4dba85cd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ac2es1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:59:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
585
x-xss-protection
1; mode=block
expires
Thu, 20 Oct 2022 02:59:25 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 		85 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: ac2es1.com
URL: https://ac2es1.com/inicio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ac2es1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 16:14:44 GMT
x-content-type-options
nosniff
age
125081
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
86927
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Oct 2023 16:14:44 GMT
jquery.mask.min.js
ac2es1.com/inicio/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ac2es1.com/inicio/jquery.mask.min.js
Requested by
Host: ac2es1.com
URL: https://ac2es1.com/inicio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5fcbac15c0abed33928ea0df2b92e51d06cc351cce4097f0d1372e967769141

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ac2es1.com/inicio/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:59:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 27 Apr 2018 01:25:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1f7d-56aca5fc16080"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P2Z9MMoD%2FHnyGUIddU4jhu7NLbqQupNrx%2FIQFgeVxHYjkXKxFvqSX0CJzpPrE469HFWxqttjCl5kklZhSMxEmZYCG%2F7MXPCW%2FAjhjVCKSvVwBYdFra4twnuQqkPY5yfy0fuehvp72ZBm"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
75ce7f522d50b992-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
bg-login.svg
ac2es1.com/cartoes-renner/vectors/ 		296 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ac2es1.com/cartoes-renner/vectors/bg-login.svg
Requested by
Host: ac2es1.com
URL: https://ac2es1.com/inicio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
429bd3633bd141e883dd17374fece4d93809e2a3877f6c509f0acd73fb2249bf

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ac2es1.com/inicio/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:59:25 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P3slpBfpsXZwQmeCo5%2Bsn%2Fm8fil1z9tVCkcbYMjsAfvTDCC0wUrdQe7Jp8aJhFMxxZ4TvPiaXBgC6fTtMGmVXW5M0kyIv2bwTbiDG9uqXKZewEQonpJpClpUHBHnursecicNBN9EXBJv"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
75ce7f522d51b992-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
styles__ltr.css
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 18BD 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcNwW8UAAAAAJ8eSLfer6Z8Lm28favadVWPryjV&co=aHR0cHM6Ly93d3cucmVhbGl6ZXNvbHVjb2VzZmluYW5jZWlyYXMuY29tLmJyOjQ0Mw..&hl=pt-BR&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&badge=inline&cb=2v5tfq911hky
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
recaptcha__pt_br.js
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 18BD 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__pt_br.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcNwW8UAAAAAJ8eSLfer6Z8Lm28favadVWPryjV&co=aHR0cHM6Ly93d3cucmVhbGl6ZXNvbHVjb2VzZmluYW5jZWlyYXMuY29tLmJyOjQ0Mw..&hl=pt-BR&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&badge=inline&cb=2v5tfq911hky
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
bg-login.svg
ac2es1.com/cartoes-renner/vectors/ 		296 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ac2es1.com/cartoes-renner/vectors/bg-login.svg
Requested by
Host: ac2es1.com
URL: https://ac2es1.com/inicio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
429bd3633bd141e883dd17374fece4d93809e2a3877f6c509f0acd73fb2249bf

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ac2es1.com/inicio/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:59:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1A%2BF6YZnIwEKl3fDtovOW0V8qox%2BKEtNA18FZzsOfFyPrS%2FsByAA0yrD%2Fyh46m8WK80OyOrTHO61UHawRdl8Q0UsLrbcyv0FpFxLhC1s0Hjgw9z7uRT8wXMJKLe2KVFTTVF2z2ziCvhd"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
75ce7f60f8e7b96c-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
tag.js
cdn.pmweb.com.br/df/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pmweb.com.br/df/tag.js?id=PM-N2FTFQ
Requested by
Host: ac2es1.com
URL: https://ac2es1.com/inicio/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.229.186.199 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-229-186-199.sa-east-1.compute.amazonaws.com
Software
nginx /
Resource Hash
94c081e2ae2f0618d1661bb9267a2ae65addb921bef6464fb1dd7169bd5f55c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ac2es1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 20 Oct 2022 02:59:29 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Last-Modified
Tue, 18 Oct 2022 20:57:17 GMT
Server
nginx
ETag
W/"634f132d-587b"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=300
Connection
keep-alive
Content-Length
9197
Expires
Thu, 20 Oct 2022 03:04:29 GMT
bframe
www.google.com/recaptcha/api2/ Frame 76AA 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=pt-BR&v=4rwLQsl5N_ccppoTAwwwMrEN&k=6LcNwW8UAAAAAJ8eSLfer6Z8Lm28favadVWPryjV
Requested by
Host: ac2es1.com
URL: https://ac2es1.com/inicio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
adfbc7e6a714a0ce10df43f58fe71f68b8247b1ec7b81feccf5c9b681aec9013
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-TJwj66vkNvlkZ8vXHUl7vA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ac2es1.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1119
content-security-policy
script-src 'report-sample' 'nonce-TJwj66vkNvlkZ8vXHUl7vA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 20 Oct 2022 02:59:28 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
recaptcha__pt_br.js
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ 		395 KB
395 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__pt_br.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onLoadRecaptcha&render=explicit&hl=pt-BR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d806e7e494629d2f8365a06754dd78f5a5f01bf8c6359fced05d13149699757b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ac2es1.com/
Origin
https://ac2es1.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 05:36:46 GMT
x-content-type-options
nosniff
age
508962
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
404038
x-xss-protection
0
last-modified
Sun, 02 Oct 2022 20:02:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 14 Oct 2023 05:36:46 GMT
p-5c60b45e.entry.js
unpkg.com/ionicons@5.5.2/dist/ionicons/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/ionicons@5.5.2/dist/ionicons/p-5c60b45e.entry.js
Requested by
Host: unpkg.com
URL: https://unpkg.com/ionicons@5.5.2/dist/ionicons/p-e26ac56f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce00b2696a4a9c7d1326fd09623e8c8f4624c9abdf5424b2cf19b9de2f981f18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ac2es1.com/
Origin
https://ac2es1.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:59:28 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
11536952
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01G51TSNS6SQ56WRXTAZ265PXQ-ams
server
cloudflare
etag
W/"f0c-XGC0Xo+O3L3bEnfKma9bLpz3l0o"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
75ce7f680b6eb7b5-AMS
p-3f680f7e.js
unpkg.com/ionicons@5.5.2/dist/ionicons/ 		809 B
608 B 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/ionicons@5.5.2/dist/ionicons/p-3f680f7e.js
Requested by
Host: ac2es1.com
URL: https://ac2es1.com/inicio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ebe32eb96d80df14656ed485b5c625752e142607e910255e2d19021008c976d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://unpkg.com/ionicons@5.5.2/dist/ionicons/p-5c60b45e.entry.js
Origin
https://ac2es1.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:59:28 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
11536920
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01G51TTBC9G7PPNJEEESB3C7JH-ams
server
cloudflare
etag
W/"329-ka9laISJtweBFGezhbjKpn5aTrg"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
75ce7f683b95b7b5-AMS
calendar-outline.svg
unpkg.com/ionicons@5.5.2/dist/ionicons/svg/ 		758 B
390 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/ionicons@5.5.2/dist/ionicons/svg/calendar-outline.svg
Requested by
Host: js-cdn.dynatrace.com
URL: https://js-cdn.dynatrace.com/jstag/157944990f8/bf73995led/189e25234ffe70ce_complete.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8502ecd820f69485866495504cae4d5dee939f30c5d74aeabfa97cc002fad741
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ac2es1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:59:28 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
11536413
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01G51VA8GBC9W8MQXA0079329X-ams
server
cloudflare
etag
W/"2f6-9r/Kr8vgyT9jP6y9Loc2Y0SN1cM"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
75ce7f687bc2b7b5-AMS
person-outline.svg
unpkg.com/ionicons@5.5.2/dist/ionicons/svg/ 		503 B
432 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/ionicons@5.5.2/dist/ionicons/svg/person-outline.svg
Requested by
Host: js-cdn.dynatrace.com
URL: https://js-cdn.dynatrace.com/jstag/157944990f8/bf73995led/189e25234ffe70ce_complete.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe2b29e0705999a225505dd7f39a1e7160eff7fb04b439cb35485d338a92742f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ac2es1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:59:28 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
11536862
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01G51TWF21YV4BP3MA19REW7ZF-ams
server
cloudflare
etag
W/"1f7-b8r/bmrYGx52/cym/vw2b8Z27r8"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
75ce7f687bc6b7b5-AMS
key-outline.svg
unpkg.com/ionicons@5.5.2/dist/ionicons/svg/ 		727 B
562 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/ionicons@5.5.2/dist/ionicons/svg/key-outline.svg
Requested by
Host: js-cdn.dynatrace.com
URL: https://js-cdn.dynatrace.com/jstag/157944990f8/bf73995led/189e25234ffe70ce_complete.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3f9457e31ebbf210bb21127718dbf6a01203d776896f7b5151ed07d1f8600d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ac2es1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:59:28 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
2381522
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GDJP34NGFC46RQ4PETM8J0Y8-ams
server
cloudflare
etag
W/"2d7-Z4V9ENurcoxNqlfy7T7PwxzgqsU"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
75ce7f687bc8b7b5-AMS
card-outline.svg
unpkg.com/ionicons@5.5.2/dist/ionicons/svg/ 		369 B
336 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/ionicons@5.5.2/dist/ionicons/svg/card-outline.svg
Requested by
Host: js-cdn.dynatrace.com
URL: https://js-cdn.dynatrace.com/jstag/157944990f8/bf73995led/189e25234ffe70ce_complete.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b3b312399bc7b89593ed6bf6d5fe78f6094b2dfb33f581bdf1ec690dace2c4c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ac2es1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:59:28 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
3021997
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GCZK9NJ8GCX91G2F48D9R9M9-ams
server
cloudflare
etag
W/"171-UP4CzjN7mEYqWuvu5AW8ZrL1MOY"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
75ce7f687bcab7b5-AMS
keypad-outline.svg
unpkg.com/ionicons@5.5.2/dist/ionicons/svg/ 		1 KB
354 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/ionicons@5.5.2/dist/ionicons/svg/keypad-outline.svg
Requested by
Host: js-cdn.dynatrace.com
URL: https://js-cdn.dynatrace.com/jstag/157944990f8/bf73995led/189e25234ffe70ce_complete.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e83f00db825f0f723d897317f5891d7d8f753f46ac5e2621b594d688a318f13d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ac2es1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:59:28 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
2743470
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GD7WXMQH2XWNZJWAYYBHFS6T-ams
server
cloudflare
etag
W/"48a-xsylVaRctZ8a6ISyZmODYN9+fq8"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
75ce7f688bcbb7b5-AMS
lock-closed-outline.svg
unpkg.com/ionicons@5.5.2/dist/ionicons/svg/ 		405 B
335 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/ionicons@5.5.2/dist/ionicons/svg/lock-closed-outline.svg
Requested by
Host: js-cdn.dynatrace.com
URL: https://js-cdn.dynatrace.com/jstag/157944990f8/bf73995led/189e25234ffe70ce_complete.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8dab9a0fa46a86448736002bdea06c2eb25faf514d6731626040c00bd36c504c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ac2es1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 02:59:28 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
11536625
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01G51V3QHBMMKKJ8WYGB0F2Y8T-ams
server
cloudflare
etag
W/"195-FspUCYos/Au55UFCMPKMAsl6sSU"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
75ce7f688bd3b7b5-AMS
styles__ltr.css
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 76AA 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=pt-BR&v=4rwLQsl5N_ccppoTAwwwMrEN&k=6LcNwW8UAAAAAJ8eSLfer6Z8Lm28favadVWPryjV
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
recaptcha__pt_br.js
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 76AA 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__pt_br.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=pt-BR&v=4rwLQsl5N_ccppoTAwwwMrEN&k=6LcNwW8UAAAAAJ8eSLfer6Z8Lm28favadVWPryjV
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
bf
bf73995led.bf.dynatrace.com/ 		700 B
961 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bf73995led.bf.dynatrace.com/bf?type=js3&sn=v_4_srv_-2D94_sn_F4ER67PTAI325750PG2OH070KRPD9030&svrid=-94&flavor=cors&vi=EUEIDQETORAHFRCEPKSAAGRDCCEKNEBU-0&modifiedSince=1661969913947&rf=https%3A%2F%2Fac2es1.com%2Finicio%2F&bp=3&app=189e25234ffe70ce&crc=2262286917&en=ovxxhecl&end=1
Requested by
Host: js-cdn.dynatrace.com
URL: https://js-cdn.dynatrace.com/jstag/157944990f8/bf73995led/189e25234ffe70ce_complete.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.122.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-122-73.compute-1.amazonaws.com
Software
/
Resource Hash
af2b79ff513e0d6e76dea0556ef53467ef20ef48ab5060808bdacf45c39c8d7f

Request headers

Referer
https://ac2es1.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://ac2es1.com
x-oneagent-js-injection
true
date
Thu, 20 Oct 2022 02:59:29 GMT
cache-control
no-cache
content-length
700
content-type
text/plain;charset=utf-8
/
df.pmweb.com.br/push/ 		2 B
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://df.pmweb.com.br/push/?aid=PM-N2FTFQ&cid=743641666234769502&sid=695201666234769502&pvw=f354e05d-4b2e-42d9-a09a-5da3b6b2ee08&v=1.19.0&rs=1600x1200&tt=Cart%C3%B5es%20Renner&ws=1600x1200&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F106.0.5249.119%20Safari%2F537.36&url=https%3A%2F%2Fac2es1.com%2Finicio%2F
Requested by
Host: js-cdn.dynatrace.com
URL: https://js-cdn.dynatrace.com/jstag/157944990f8/bf73995led/189e25234ffe70ce_complete.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.229.186.199 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-229-186-199.sa-east-1.compute.amazonaws.com
Software
nginx /
Resource Hash
54d626e08c1c802b305dad30b7e54a82f102390cc92c7d4db112048935236e9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ac2es1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 Oct 2022 02:59:30 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Server
nginx
Content-Type
text/plain
Access-Control-Allow-Origin
https://ac2es1.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2
Expires
0
bf
bf73995led.bf.dynatrace.com/ 		210 B
470 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bf73995led.bf.dynatrace.com/bf?type=js3&sn=v_4_srv_10_sn_F4ER67PTAI325750PG2OH070KRPD9030_app-3A189e25234ffe70ce_1_ol_0_perc_100000_mul_1&svrid=10&flavor=cors&vi=EUEIDQETORAHFRCEPKSAAGRDCCEKNEBU-0&modifiedSince=1666207776965&rf=https%3A%2F%2Fac2es1.com%2Finicio%2F&bp=3&app=189e25234ffe70ce&crc=4265109303&en=ovxxhecl&end=1
Requested by
Host: js-cdn.dynatrace.com
URL: https://js-cdn.dynatrace.com/jstag/157944990f8/bf73995led/189e25234ffe70ce_complete.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.122.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-122-73.compute-1.amazonaws.com
Software
/
Resource Hash
b323b1257fb99e4180993def26c4e5c841ec876896a694648e936eec2cab103c

Request headers

Referer
https://ac2es1.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://ac2es1.com
x-oneagent-js-injection
true
date
Thu, 20 Oct 2022 02:59:30 GMT
cache-control
no-cache
content-length
210
content-type
text/plain;charset=utf-8
bf
bf73995led.bf.dynatrace.com/ 		210 B
469 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bf73995led.bf.dynatrace.com/bf?type=js3&sn=v_4_srv_10_sn_F4ER67PTAI325750PG2OH070KRPD9030_app-3A189e25234ffe70ce_1_ol_0_perc_100000_mul_1&svrid=10&flavor=cors&vi=EUEIDQETORAHFRCEPKSAAGRDCCEKNEBU-0&modifiedSince=1666207776965&rf=https%3A%2F%2Fac2es1.com%2Finicio%2F&bp=3&app=189e25234ffe70ce&crc=3879724378&en=ovxxhecl&end=1
Requested by
Host: js-cdn.dynatrace.com
URL: https://js-cdn.dynatrace.com/jstag/157944990f8/bf73995led/189e25234ffe70ce_complete.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.122.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-122-73.compute-1.amazonaws.com
Software
/
Resource Hash
b323b1257fb99e4180993def26c4e5c841ec876896a694648e936eec2cab103c

Request headers

Referer
https://ac2es1.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://ac2es1.com
x-oneagent-js-injection
true
date
Thu, 20 Oct 2022 02:59:32 GMT
cache-control
no-cache
content-length
210
content-type
text/plain;charset=utf-8

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Realize (Financial)

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| dT_ object| dtrum string| u string| PMTagObject function| pm object| e function| $ object| $jscomp function| isValidCPF object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| Ionicons object| recaptcha function| runTag

8 Cookies

Domain/Path Name / Value
.ac2es1.com/ Name: rxVisitor
Value: 1666234764474DSHHB2NAO340G0PFP8SJG0EVPAV4MDSF
.ac2es1.com/ Name: dtLatC
Value: 42
.ac2es1.com/ Name: dtSa
Value: -
.ac2es1.com/ Name: _pm_id
Value: 743641666234769502
.ac2es1.com/ Name: _pm_sid
Value: 695201666234769502
.ac2es1.com/ Name: rxvt
Value: 1666236569574|1666234764477
.ac2es1.com/ Name: dtPC
Value: -94$34764468_625h-vEUEIDQETORAHFRCEPKSAAGRDCCEKNEBU-0e0
.ac2es1.com/ Name: dtCookie
Value: v_4_srv_10_sn_F4ER67PTAI325750PG2OH070KRPD9030_app-3A189e25234ffe70ce_1_ol_0_perc_100000_mul_1

7 Console Messages

Source Level URL
Text
network error URL: https://ac2es1.com/cartoes-renner/vectors/whatsapp.svg#whatsapp
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ac2es1.com/cartoes-renner/vectors/bg-login.svg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__pt_br.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ac2es1.com/cartoes-renner/vectors/bg-login.svg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__pt_br.js
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ac2es1.com
ajax.googleapis.com
bf73995led.bf.dynatrace.com
cdn.pmweb.com.br
df.pmweb.com.br
js-cdn.dynatrace.com
s3-sa-east-1.amazonaws.com
unpkg.com
www.google.com
www.gstatic.com
www.realizesolucoesfinanceiras.com.br
16.12.0.12
177.159.103.218
18.229.186.199
2606:4700::6810:7daf
2a00:1450:4001:802::2003
2a00:1450:4001:808::2004
2a00:1450:4001:80b::200a
2a06:98c1:3121::3
52.222.236.22
52.71.122.73
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1ad62b00c3254649d6f6b6f55525d1c33c7c021bfa3f03b6ce707aac96ccc8e1
20193736d900f0b602a678f804676349764578ab2adcd07ffebb6d06df1afd96
23914f55527371b90744442c2038bffbaea0cb5e2c8cee0f073ec46cb99541a7
2ebe32eb96d80df14656ed485b5c625752e142607e910255e2d19021008c976d
3dd08d21a5c010294a50355af3565a50d08ea4aef83e822114be29171209f109
411ebf3f42ff97b8fdcb02ef60f534e0fd011b86878ec33abf2509b4bfe58037
429bd3633bd141e883dd17374fece4d93809e2a3877f6c509f0acd73fb2249bf
54d626e08c1c802b305dad30b7e54a82f102390cc92c7d4db112048935236e9c
5620fb708e986150a4034534980def1a51c39650ef4c2bb47988f4db4dba85cd
6b3b312399bc7b89593ed6bf6d5fe78f6094b2dfb33f581bdf1ec690dace2c4c
79a792bede5d7598c888cb39c8cc986f777faafff1eb2ea6994dd0b509f2ac41
7db4ada57262fbacd47bef4e96e3cedda276b9267e6ca4d20adeeb1c24d870b6
8502ecd820f69485866495504cae4d5dee939f30c5d74aeabfa97cc002fad741
8827f96ace2afe4aeff4c33db4ac86193f38a62cb30d9fbba949e0b72c2a55ff
8dab9a0fa46a86448736002bdea06c2eb25faf514d6731626040c00bd36c504c
94c081e2ae2f0618d1661bb9267a2ae65addb921bef6464fb1dd7169bd5f55c6
adfbc7e6a714a0ce10df43f58fe71f68b8247b1ec7b81feccf5c9b681aec9013
af2b79ff513e0d6e76dea0556ef53467ef20ef48ab5060808bdacf45c39c8d7f
b323b1257fb99e4180993def26c4e5c841ec876896a694648e936eec2cab103c
b70aa045d4ea3a65495777f28434610559c788960aaddda4fe5742bb5ec03afe
c5fcbac15c0abed33928ea0df2b92e51d06cc351cce4097f0d1372e967769141
ce00b2696a4a9c7d1326fd09623e8c8f4624c9abdf5424b2cf19b9de2f981f18
d806e7e494629d2f8365a06754dd78f5a5f01bf8c6359fced05d13149699757b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f9457e31ebbf210bb21127718dbf6a01203d776896f7b5151ed07d1f8600d0
e83f00db825f0f723d897317f5891d7d8f753f46ac5e2621b594d688a318f13d
e946d863a136a09089fd275d574ff3346bad8327d4ef378c06af35872d9fe56d
fe2b29e0705999a225505dd7f39a1e7160eff7fb04b439cb35485d338a92742f