urlscan.io logo urlscan.io
SecurityTrails logo

guiazul.site Open in urlscan Pro
172.67.141.17  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://guiazul.site/#ce
Effective URL: https://guiazul.site/alspwslpnmjuyt/
Submission Tags: 0xscam
Submission: On January 06 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 6 HTTP transactions. The main IP is 172.67.141.17, located in United States and belongs to CLOUDFLARENET, US. The main domain is guiazul.site.
TLS certificate: Issued by WE1 on January 6th 2025. Valid for: 3 months.
This is the only time guiazul.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 7 172.67.141.17 13335 (CLOUDFLAR...)
1 172.67.134.115 13335 (CLOUDFLAR...)
1 13.35.58.105 16509 (AMAZON-02)
6 3
Apex Domain
Subdomains		 Transfer
7 guiazul.site
guiazul.site
13 KB
1 onze.com.br
www.onze.com.br
82 KB
1 fiis.com.br
files.fiis.com.br
92 KB
6 3
Domain Requested by
7 guiazul.site 3 redirects guiazul.site
1 www.onze.com.br guiazul.site
1 files.fiis.com.br guiazul.site
6 3

This site contains no links.

Subject Issuer Validity Valid
guiazul.site
WE1		 2025-01-06 -
2025-04-06		 3 months crt.sh
fiis.com.br
WE1		 2024-12-21 -
2025-03-21		 3 months crt.sh
onze.com.br
Amazon RSA 2048 M03		 2024-06-04 -
2025-07-02		 a year crt.sh

This page contains 2 frames:

Primary Page: https://guiazul.site/alspwslpnmjuyt/
Frame ID: 3B36A877C2E30B3116362B3F575B3EE5
Requests: 4 HTTP requests in this frame

Frame: https://guiazul.site/cdn-cgi/challenge-platform/h/g/scripts/jsd/849bfe45bf45/main.js
Frame ID: CA3B6641329017A82D88930E164794A9
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Jpp Capital Recebíveis Imobiliários - Fundo de Investimento Imobiliário

Page URL History Show full URLs

  1. https://guiazul.site/ HTTP 302
    https://guiazul.site/alspwslpnmjuyt HTTP 301
    http://guiazul.site/alspwslpnmjuyt/ HTTP 307
    https://guiazul.site/alspwslpnmjuyt/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Page Statistics

6
Requests

83 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

186 kB
Transfer

192 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://guiazul.site/ HTTP 302
    https://guiazul.site/alspwslpnmjuyt HTTP 301
    http://guiazul.site/alspwslpnmjuyt/ HTTP 307
    https://guiazul.site/alspwslpnmjuyt/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://guiazul.site/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://guiazul.site/cdn-cgi/challenge-platform/h/g/scripts/jsd/849bfe45bf45/main.js

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
guiazul.site/alspwslpnmjuyt/
Redirect Chain
  • https://guiazul.site/
  • https://guiazul.site/alspwslpnmjuyt
  • http://guiazul.site/alspwslpnmjuyt/
  • https://guiazul.site/alspwslpnmjuyt/
10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://guiazul.site/alspwslpnmjuyt/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.141.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c39a20161dbeb14a66dfa4ae6b30525fa2b99e7132b338c51210d9ee3bb922db

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8fddbda729761d88-FRA
content-encoding
zstd
content-type
text/html
date
Mon, 06 Jan 2025 18:23:43 GMT
last-modified
Tue, 31 Dec 2024 20:40:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rxXAO6fOlq6EovccTW31sljEJHQNBd0NQif5P3wxYu4wljRqUZp2ESWrPeM31YG4P3OjNpxUW0laBPXtmBeAgkFKiRaKEkY4Uo8iO1zF9lQ%2BT4Yn3ji%2FA3JPO7icPOk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=83241&min_rtt=56288&rtt_var=30638&sent=18&recv=14&lost=0&retrans=0&sent_bytes=6198&recv_bytes=5375&delivery_rate=7935&cwnd=12000&unsent_bytes=0&cid=9476762a9aa843ee&ts=342&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding

Redirect headers

Location
https://guiazul.site/alspwslpnmjuyt/#ce
Non-Authoritative-Reason
HttpsUpgrades
mercado-fiis.jpg
files.fiis.com.br/uploads/ 		92 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.fiis.com.br/uploads/mercado-fiis.jpg
Requested by
Host: guiazul.site
URL: https://guiazul.site/alspwslpnmjuyt/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.134.115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee2e5a84b3ccee8b5878263299d118304456eb41f9c0e3f4b864c7d05779e64e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://guiazul.site/

Response headers

cf-cache-status
MISS
etag
"22dced4f023fba6c6b4e099c9f5db02c"
x-amz-version-id
null
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KHH0k7oOImpjyUsB6SP2ETFe9G7X7LVe4LkqhOgdSOJtKYwmr4n%2B8kKZbvNOmUoFJZiF0gyChRIEKX6MSR3RtBW%2B3dWLcBUkVRv%2BkVC%2BXw4SDF9wjeeuBAVJ8Q%2FlUThiPliZvA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=55554&min_rtt=48070&rtt_var=12779&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4156&recv_bytes=4454&delivery_rate=361&cwnd=12000&unsent_bytes=0&cid=a33c9a9e8f7faa15&ts=638&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 06 Jan 2025 18:23:44 GMT
content-type
image/jpeg
last-modified
Mon, 27 May 2024 16:14:57 GMT
vary
Accept-Encoding
priority
u=1,i
x-amz-id-2
4/cLaElWcxBR3G5k5bJp/XOU+k4uTFgvz2fq/GPADjo9xydZR3oK48wyt9oP7gQDBvHO18T/QTI=
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
6AYVMQSFE0YYPBEC
cf-ray
8fddbdab1813d23b-FRA
accept-ranges
bytes
content-length
93760
server
cloudflare
x-amz-server-side-encryption
AES256
main.js
guiazul.site/cdn-cgi/challenge-platform/h/g/scripts/jsd/849bfe45bf45/ Frame CA3B
Redirect Chain
  • https://guiazul.site/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://guiazul.site/cdn-cgi/challenge-platform/h/g/scripts/jsd/849bfe45bf45/main.js?
8 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://guiazul.site/cdn-cgi/challenge-platform/h/g/scripts/jsd/849bfe45bf45/main.js?
Requested by
Host: guiazul.site
URL: https://guiazul.site/alspwslpnmjuyt/
Protocol
H3
Server
172.67.141.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7713e71b4412d81a8d910aa9d683a90a56880bfcf5ecc2bb1a1af20a756ea306
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0tSRbPgDwKxAOedmDfp8MmRJfXWVpoG7ZJj7bgwzXzoX%2Fr%2FDAvOcwC6BZXL6g8eoATANnsM9Nx4wCK8VoV2G%2BQwcT%2F7FtF0JrfkhD5JYKt5sg%2BkVaawjZkbIk3rRYis%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8fddbda8bae71d88-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=99652&min_rtt=56288&rtt_var=29227&sent=26&recv=20&lost=0&retrans=0&sent_bytes=11509&recv_bytes=6102&delivery_rate=7073&cwnd=12000&unsent_bytes=0&cid=9476762a9aa843ee&ts=565&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 06 Jan 2025 18:23:43 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/849bfe45bf45/main.js?
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IDk%2FAIEc6N5hBa7vlsjusiWfhMDFrfe2qeh%2BvHK%2BP5rfUa%2B1%2FoBSXt8b%2F7fG94TiMaBVxWcBhE52qaIF8dthyzE38ro9qbu0JD8D6EtWLRZd4t46%2FMkNyP8JbcunxAI%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8fddbda80a431d88-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
server-timing
cfL4;desc="?proto=QUIC&rtt=99824&min_rtt=56288&rtt_var=38509&sent=24&recv=19&lost=0&retrans=0&sent_bytes=10763&recv_bytes=5816&delivery_rate=48041&cwnd=12000&unsent_bytes=0&cid=9476762a9aa843ee&ts=470&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 06 Jan 2025 18:23:43 GMT
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0
shutterstock_579620635-1-770x478.jpg
www.onze.com.br/blog/wp-content/uploads/2020/02/ 		81 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onze.com.br/blog/wp-content/uploads/2020/02/shutterstock_579620635-1-770x478.jpg
Requested by
Host: guiazul.site
URL: https://guiazul.site/alspwslpnmjuyt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-105.fra60.r.cloudfront.net
Software
Apache /
Resource Hash
5f98c242475988ce9ce664428c442552586101c88a7e9c261128650231b5ad00
Security Headers
Name Value
Content-Security-Policy frame-ancestors onze.com.br *.onze.com.br app.storyblok.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://guiazul.site/

Response headers

x-robots-tag
all
etag
"14468-5e1f9db3cd9d7"
x-content-type-options
nosniff
x-cache
Miss from cloudfront
x-amz-cf-id
G1-INEqXoHulEsMPhmL8Z3b3crpn9OReEbNaATP7vBlUep41EA7r0Q==
date
Mon, 06 Jan 2025 18:23:44 GMT
content-type
image/jpeg
feature-policy
accelerometer 'none'; ambient-light-sensor 'self'; autoplay 'none'; battery 'self'; camera 'none'; display-capture 'self'; document-domain 'none'; encrypted-media 'none'; execution-while-not-rendered 'self'; execution-while-out-of-viewport 'self'; fullscreen 'none'; geolocation 'none'; gyroscope 'none'; layout-animations 'self'; legacy-image-formats 'self'; magnetometer 'none'; microphone 'none'; midi 'none'; navigation-override 'self'; oversized-images 'self'; payment 'none'; picture-in-picture 'none'; publickey-credentials-get 'none'; sync-xhr 'none'; usb 'none'; vr 'self'; wake-lock 'self'; xr-spatial-tracking 'none'
last-modified
Tue, 21 Jun 2022 19:02:04 GMT
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
frame-ancestors onze.com.br *.onze.com.br app.storyblok.com
referrer-policy
strict-origin
via
1.1 13c8b9a0a39ad1238a922185ad5547fc.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
83048
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA60-P10
server
Apache
8fddbda729761d88
guiazul.site/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame CA3B 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://guiazul.site/cdn-cgi/challenge-platform/h/g/jsd/r/8fddbda729761d88
Requested by
Host: guiazul.site
URL: https://guiazul.site/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.141.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xvZeMZBSfH2CHicKAFMEIhRUMtg8OZTw4xaRxW7WN9wpDGWMoqGQm7nUIjTyeNMbQhSfaSCvnvPUfYj4R3BrmxkV3g4KTHFo5WkGiCzEHi%2BRTz1RzRBHHcVzZjw4xws%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8fddbda9abd71d88-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=99098&min_rtt=56288&rtt_var=13799&sent=40&recv=38&lost=0&retrans=0&sent_bytes=16697&recv_bytes=23424&delivery_rate=51705&cwnd=12000&unsent_bytes=0&cid=9476762a9aa843ee&ts=731&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
0
date
Mon, 06 Jan 2025 18:23:43 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
priority
u=1,i
favicon.ico
guiazul.site/ 		393 B
956 B 		Other
General
Check archive.org
Download Go to
Full URL
https://guiazul.site/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.141.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d6287454c2413e0b3e45360dee6bb367031095dfd6251f001f941d7ee63620d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://guiazul.site/alspwslpnmjuyt/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cy9wQ1rXzLdl33SbqvvFc%2F7AUesu85hpyZm%2B%2FEmDdohm4R7liac%2FrXxLogK3J%2BULhVZT%2Btdy4lyRZ1v8FTVlfLQbHqN1miWYP%2FuImMblZqVZUOj5Rgarek87CYuCZ%2BU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8fddbdb2dd2f1d88-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=100910&min_rtt=56288&rtt_var=13974&sent=42&recv=40&lost=0&retrans=0&sent_bytes=17898&recv_bytes=24184&delivery_rate=8492&cwnd=12000&unsent_bytes=0&cid=9476762a9aa843ee&ts=2249&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 06 Jan 2025 18:23:45 GMT
content-type
text/html; charset=iso-8859-1
vary
Accept-Encoding
server
cloudflare
priority
u=1,i

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

1 Cookies

Domain/Path Name / Value
.guiazul.site/ Name: cf_clearance
Value: il35sgmY7Lwk0RwikOSutGFTuXa8l9MqjXJ40fTUzgs-1736187823-1.2.1.1-754BbRRgbPYIZ3mxH3fhPFbrnwz2BJKjMD7YhlEcqHo_hhVuR.00Mk.jRtf3Nb1QfK_Zf_UYgkZ473JbEjpI1OrjCivxKB7H7HTToIEhJjhe.ArvJMb7nLtmfnCtwiaPyoddHfS.2mCWH.3XqINtLg2AGGfi1XpzTijKseNoJfCPswlwhEXXvBcoylPsnaVx9w85J_w6MJFItciks9NdkgO4kCunpcqjR_jA.6ix.d5itdJa1KP4vfaLhqXGveLVLRNiE_TKeMsVF2X9vS2_KtFgtC1LjblhWUZk839cofb4k15ZgeBg88eW.S.kXZwqsxf9tb33fq7DERrc.tv_Zj43Z9eBJ4UyM01_uge6EQhtcosdMoNd7Oh1wrGoBiSB

1 Console Messages

Source Level URL
Text
network error URL: https://guiazul.site/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()