petroleum.h1.guarany.net Open in urlscan Pro
89.116.191.247 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://petroleum.h1.guarany.net/
Effective URL:
https://petroleum.h1.guarany.net/login?back_to=%2F
Submission: On August 14 via api (August 14th 2024, 1:20:36 pm UTC) from US — Scanned from DE

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 12 HTTP transactions. The main IP is 89.116.191.247, located in Phoenix, United States and belongs to AS-HOSTINGER, CY. The main domain is petroleum.h1.guarany.net.
TLS certificate: Issued by E6 on August 13th 2024. Valid for: 3 months.

This is the only time petroleum.h1.guarany.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 9	89.116.191.247 89.116.191.247	47583 (AS-HOSTINGER) (AS-HOSTINGER)
3	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
12	3

9 89.116.191.247 (Phoenix, United States) 1 redirects

ASN47583 (AS-HOSTINGER, CY)
PTR: srv576993.hstgr.cloud

petroleum.h1.guarany.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.recaptcha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	guarany.net 1 redirects petroleum.h1.guarany.net	605 KB
3	recaptcha.net www.recaptcha.net — Cisco Umbrella Rank: 1812	1 KB
1	gstatic.com www.gstatic.com	212 KB
12	3

	Domain	Requested by
9	petroleum.h1.guarany.net	1 redirects petroleum.h1.guarany.net
3	www.recaptcha.net	petroleum.h1.guarany.net www.gstatic.com
1	www.gstatic.com	www.recaptcha.net
12	3

This site contains no links.

Subject Issuer	Validity	Valid
aerojet.sirca.guarany.net E6	`2024-08-13` - `2024-11-11`	3 months	crt.sh
misc.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://petroleum.h1.guarany.net/login?back_to=%2F
Frame ID: B621DBC84CF209F2ABE671B0F0092A13
Requests: 10 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LfN7l8lAAAAADGMtawn3_3iH543E81IVuyMdOgK&co=aHR0cHM6Ly9wZXRyb2xldW0uaDEuZ3VhcmFueS5uZXQ6NDQz&hl=de&v=hfUfsXWZFeg83qqxrK27GB8P&size=invisible&cb=l1md37n8ccoc
Frame ID: 637F5BF331BC40420B037A2477FF5BFD
Requests: 1 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LfN7l8lAAAAADGMtawn3_3iH543E81IVuyMdOgK&co=aHR0cHM6Ly9wZXRyb2xldW0uaDEuZ3VhcmFueS5uZXQ6NDQz&hl=de&v=hfUfsXWZFeg83qqxrK27GB8P&size=normal&cb=i0b6vkym9tp0
Frame ID: 62E0BE96504938B972383D86DA751D3F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sirca - Login

Page URL History Show full URLs

https://petroleum.h1.guarany.net/ HTTP 302
https://petroleum.h1.guarany.net/login?back_to=%2F Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

12
Requests

33 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

817 kB
Transfer

2773 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://petroleum.h1.guarany.net/ HTTP 302
https://petroleum.h1.guarany.net/login?back_to=%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
petroleum.h1.guarany.net/
Redirect Chain

https://petroleum.h1.guarany.net/
https://petroleum.h1.guarany.net/login?back_to=%2F

7 KB
4 KB

161ms
160ms

Document
text/html

89.116.191.247
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://petroleum.h1.guarany.net/login?back_to=%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

89.116.191.247 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

srv576993.hstgr.cloud

Software

nginx /

Resource Hash

cbb3daf3d02530a509c0502aad1a74d6b5253b205b8b7d25d2c2eae35d41ed84

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control: max-age=0, private, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 14 Aug 2024 13:20:31 GMT
etag: W/"cbb3daf3d02530a509c0502aad1a74d6"
link: </assets/application-0cb090ae9318bcfc2f8d43b9db63c381a6fc89d09dfac906574f1eb5526edfd2.css>; rel=preload; as=style; nopush,</assets/login-f433592ec134a2db5af8695827bc07f65d7588b8ed42fcd5a953a212a602513b.css>; rel=preload; as=style; nopush,</assets/application-7327a610eb9e74f3f91f609cb387567214566350894a989d9571886f01a5782b.js>; rel=preload; as=script; nopush
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=15724800; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 87f5f5b2-1e60-4321-8ba9-7a7ee12d5600
x-runtime: 0.010144
x-xss-protection: 0

Redirect headers

cache-control: no-cache
content-type: text/html; charset=utf-8
date: Wed, 14 Aug 2024 13:20:31 GMT
location: https://petroleum.h1.guarany.net/login?back_to=%2F
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=15724800; includeSubdomains
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: c7cf1141-d512-4895-b778-d637bc408452
x-runtime: 0.003703
x-xss-protection: 0

GET
H2 200 application-0cb090ae9318bcfc2f8d43b9db63c381a6fc89d09dfac906574f1eb5526edfd2.css
petroleum.h1.guarany.net/assets/ 276 KB
50 KB 152ms
151ms Stylesheet
text/css 89.116.191.247
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://petroleum.h1.guarany.net/assets/application-0cb090ae9318bcfc2f8d43b9db63c381a6fc89d09dfac906574f1eb5526edfd2.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

89.116.191.247 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

srv576993.hstgr.cloud

Software

nginx /

Resource Hash

a7a9668b3f5dd8ce0ab2fe1780239c22f9edbd9d4e422a1bb4f62ed4dae3a253

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubdomains

Request headers

Referer: https://petroleum.h1.guarany.net/login?back_to=%2F
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 13:20:31 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubdomains
last-modified: Wed, 14 Aug 2024 00:31:13 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
content-length: 51208

GET
H2 200 login-f433592ec134a2db5af8695827bc07f65d7588b8ed42fcd5a953a212a602513b.css
petroleum.h1.guarany.net/assets/ 898 B
624 B 444ms
444ms Stylesheet
text/css 89.116.191.247
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://petroleum.h1.guarany.net/assets/login-f433592ec134a2db5af8695827bc07f65d7588b8ed42fcd5a953a212a602513b.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

89.116.191.247 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

srv576993.hstgr.cloud

Software

nginx /

Resource Hash

a016ffffb7b4a2cd7a6ba7d1b8817f8a09a03635cebd9a06b835aba370c12140

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubdomains

Request headers

Referer: https://petroleum.h1.guarany.net/login?back_to=%2F
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 13:20:31 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubdomains
last-modified: Fri, 09 Aug 2024 13:16:35 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
content-length: 448

GET
H2 200 application-7327a610eb9e74f3f91f609cb387567214566350894a989d9571886f01a5782b.js Show response
petroleum.h1.guarany.net/assets/ 1 MB
271 KB 444ms
444ms Script
application/javascript 89.116.191.247
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://petroleum.h1.guarany.net/assets/application-7327a610eb9e74f3f91f609cb387567214566350894a989d9571886f01a5782b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

89.116.191.247 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

srv576993.hstgr.cloud

Software

nginx /

Resource Hash

99386512aa77c8b5747733cfb3832deef1a3c3bae09d30bba75d6590f0520b21

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubdomains

Request headers

Referer: https://petroleum.h1.guarany.net/login?back_to=%2F
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 13:20:31 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubdomains
last-modified: Wed, 14 Aug 2024 00:31:13 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
content-length: 276628

GET
H2 200 sirca-logo-d9d7a90c46910926a8ab5b7ff35b57f204747278daf7acd0845359d54ecbd608.svg
petroleum.h1.guarany.net/assets/ 9 KB
4 KB 435ms
434ms Image
image/svg+xml 89.116.191.247
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://petroleum.h1.guarany.net/assets/sirca-logo-d9d7a90c46910926a8ab5b7ff35b57f204747278daf7acd0845359d54ecbd608.svg

Requested by

Host: petroleum.h1.guarany.net
URL: https://petroleum.h1.guarany.net/login?back_to=%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

89.116.191.247 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

srv576993.hstgr.cloud

Software

nginx /

Resource Hash

27a5f9867e0f2bcce1ba26fb32fe7aed7985b84c4c21a1f1a6fcb5eb2229986f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubdomains

Request headers

Referer: https://petroleum.h1.guarany.net/login?back_to=%2F
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 13:20:31 GMT
strict-transport-security: max-age=15724800; includeSubdomains
content-encoding: gzip
last-modified: Fri, 09 Aug 2024 13:16:35 GMT
server: nginx
vary: Accept-Encoding
content-type: image/svg+xml

GET
H2 200 api.js Show response
www.recaptcha.net/recaptcha/ 2 KB
1 KB 80ms
29ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api.js?render=6LfN7l8lAAAAADGMtawn3_3iH543E81IVuyMdOgK

Requested by

Host: petroleum.h1.guarany.net
URL: https://petroleum.h1.guarany.net/login?back_to=%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

226b59235b35663409b6683fff98d1bba5f65ed34d15a0b7fe8b5b724c58b36d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://petroleum.h1.guarany.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 13:20:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 14 Aug 2024 13:20:31 GMT

GET
H2 200 sirca-login-image-3ae60ecd3a7e82ad3079fb3cc0fae9833fa86958c41470acc18c64f48b7f45d0.svg
petroleum.h1.guarany.net/assets/login/ 398 KB
97 KB 334ms
330ms Image
image/svg+xml 89.116.191.247
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://petroleum.h1.guarany.net/assets/login/sirca-login-image-3ae60ecd3a7e82ad3079fb3cc0fae9833fa86958c41470acc18c64f48b7f45d0.svg

Requested by

Host: petroleum.h1.guarany.net
URL: https://petroleum.h1.guarany.net/login?back_to=%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

89.116.191.247 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

srv576993.hstgr.cloud

Software

nginx /

Resource Hash

a8834a5a2604266e90baf2e517b806c084a8f74e621062f68ec68b1d77510f6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubdomains

Request headers

Referer: https://petroleum.h1.guarany.net/login?back_to=%2F
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 13:20:31 GMT
strict-transport-security: max-age=15724800; includeSubdomains
content-encoding: gzip
last-modified: Fri, 09 Aug 2024 13:16:35 GMT
server: nginx
vary: Accept-Encoding
content-type: image/svg+xml

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/ 533 KB
212 KB 38ms
8ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/recaptcha__de.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?render=6LfN7l8lAAAAADGMtawn3_3iH543E81IVuyMdOgK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab42d7c37f7928197cf2fb60407d97ebf6b8316f5bd3007d33b49d4ca0559e03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://petroleum.h1.guarany.net/
Origin: https://petroleum.h1.guarany.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 21:42:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56312
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 216180
x-xss-protection: 0
last-modified: Mon, 29 Jul 2024 04:00:39 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Aug 2025 21:42:00 GMT

GET
H2 200 fa-solid-900-1264bbfd0a242cea274e9658ef866514f8014f85fbb0a69e747d04a0f61e25d2.woff2
petroleum.h1.guarany.net/assets/font-awesome/ 153 KB
153 KB 153ms
153ms Font
application/font-woff2 89.116.191.247
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://petroleum.h1.guarany.net/assets/font-awesome/fa-solid-900-1264bbfd0a242cea274e9658ef866514f8014f85fbb0a69e747d04a0f61e25d2.woff2

Requested by

Host: petroleum.h1.guarany.net
URL: https://petroleum.h1.guarany.net/assets/application-0cb090ae9318bcfc2f8d43b9db63c381a6fc89d09dfac906574f1eb5526edfd2.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

89.116.191.247 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

srv576993.hstgr.cloud

Software

nginx /

Resource Hash

9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubdomains

Request headers

Referer: https://petroleum.h1.guarany.net/assets/application-0cb090ae9318bcfc2f8d43b9db63c381a6fc89d09dfac906574f1eb5526edfd2.css
Origin: https://petroleum.h1.guarany.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 13:20:32 GMT
strict-transport-security: max-age=15724800; includeSubdomains
last-modified: Fri, 09 Aug 2024 13:16:35 GMT
server: nginx
content-length: 156496
content-type: application/font-woff2

GET
H2 200 anchor
www.recaptcha.net/recaptcha/api2/ Frame 637F 0
0 93ms
24ms Document
text/html 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LfN7l8lAAAAADGMtawn3_3iH543E81IVuyMdOgK&co=aHR0cHM6Ly9wZXRyb2xldW0uaDEuZ3VhcmFueS5uZXQ6NDQz&hl=de&v=hfUfsXWZFeg83qqxrK27GB8P&size=invisible&cb=l1md37n8ccoc

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-BjjYtsiUcWvZm9Zq1Mq_lQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://petroleum.h1.guarany.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-BjjYtsiUcWvZm9Zq1Mq_lQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 14 Aug 2024 13:20:32 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 anchor
www.recaptcha.net/recaptcha/api2/ Frame 62E0 0
0 101ms
32ms Document
text/html 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KCz2xkLH9Y51lFZ1ILvWKg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://petroleum.h1.guarany.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-KCz2xkLH9Y51lFZ1ILvWKg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 14 Aug 2024 13:20:32 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 favicon.ico
petroleum.h1.guarany.net/ 25 KB
25 KB 154ms
153ms Other
image/vnd.microsoft.icon 89.116.191.247
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://petroleum.h1.guarany.net/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

89.116.191.247 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

srv576993.hstgr.cloud

Software

nginx /

Resource Hash

74ff4e8ad4cf5743eb6efc99fd30f885a6d2c56512b3a511e50df13f8a918970

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubdomains

Request headers

Referer: https://petroleum.h1.guarany.net/login?back_to=%2F
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 13:20:33 GMT
strict-transport-security: max-age=15724800; includeSubdomains
last-modified: Wed, 14 Aug 2024 00:26:59 GMT
server: nginx
content-length: 25759
content-type: image/vnd.microsoft.icon

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			petroleum.h1.guarany.net/	1969-12-31 23:59:59	Name: _emissor_session Value: kmrNozNmtHGwbyhNPJBLHuW7qR2x1mIrJPoh%2FU2QVqk6UPFrtPfrZ1L6QnDpRth21z5euluW00miG9v9dyf%2BhkMYxfV2qL%2FMbd9YPz4Ay%2BTwpuLSHPYOioc%2Bijs8t9bMzdgPBDRRxyuySp9WWT0vTXgKBBNlUc03DROpfEZ0pc%2B5fjKgAbWQcGcQpuB%2FqAuPwEP8Je44Cm8YKmS%2F84F77%2BQOk4TMqvB1RHYLS9bgX4WtrTNP%2FMqjlg8I1XFQJrxC8ilAdQE6JCrZzzxgxj0GufIwr%2FtYprdQ--t94I6VMn6kfiJQrV--%2B3l5pDAYg6THkFyQKEGDWA%3D%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

petroleum.h1.guarany.net
www.gstatic.com
www.recaptcha.net
2a00:1450:4001:813::2003
2a00:1450:4001:82b::2003
89.116.191.247
226b59235b35663409b6683fff98d1bba5f65ed34d15a0b7fe8b5b724c58b36d
27a5f9867e0f2bcce1ba26fb32fe7aed7985b84c4c21a1f1a6fcb5eb2229986f
74ff4e8ad4cf5743eb6efc99fd30f885a6d2c56512b3a511e50df13f8a918970
99386512aa77c8b5747733cfb3832deef1a3c3bae09d30bba75d6590f0520b21
9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2
a016ffffb7b4a2cd7a6ba7d1b8817f8a09a03635cebd9a06b835aba370c12140
a7a9668b3f5dd8ce0ab2fe1780239c22f9edbd9d4e422a1bb4f62ed4dae3a253
a8834a5a2604266e90baf2e517b806c084a8f74e621062f68ec68b1d77510f6b
ab42d7c37f7928197cf2fb60407d97ebf6b8316f5bd3007d33b49d4ca0559e03
cbb3daf3d02530a509c0502aad1a74d6b5253b205b8b7d25d2c2eae35d41ed84

petroleum.h1.guarany.net Open in urlscan Pro 89.116.191.247 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

12 Requests

33 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

817 kBTransfer

2773 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

petroleum.h1.guarany.net Open in urlscan Pro
89.116.191.247 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

33 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

817 kB
Transfer

2773 kB
Size

1
Cookies

12 HTTP transactions
0 data transactions