vendadiretaitau.com.br Open in urlscan Pro
2606:4700:3035::681c:eb3  Malicious Activity! Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response vendadiretaitau.com.br/	2 MB 159 KB	1211ms 1132ms	Document text/html	2606:4700:3035::681c:eb3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://vendadiretaitau.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681c:eb3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 78df82566ed7247f65ee0cc5bee724cb77348f7cbbcb94d161739250a4de3535 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers :method GET :authority vendadiretaitau.com.br :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Tue, 04 Aug 2020 17:45:39 GMT content-type text/html; charset=utf-8 set-cookie __cfduid=d789bfc679e578abbafdd1b51dd8436a31596563138; expires=Thu, 03-Sep-20 17:45:38 GMT; path=/; domain=.vendadiretaitau.com.br; HttpOnly; SameSite=Lax; Secure x-powered-by Express vary Accept-Encoding strict-transport-security max-age=31536000 cf-cache-status DYNAMIC cf-request-id 045c2d3e1f0000634716bf1200000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 5bda17dcf81c6347-FRA content-encoding br
GET H2	200	RACIQuzdjtDU8.js Show response fast.conpass.io/	885 KB 233 KB	746ms 598ms	Script text/html	2606:4700:3033::681b:8fdf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fast.conpass.io/RACIQuzdjtDU8.js Requested by Host: vendadiretaitau.com.br URL: https://vendadiretaitau.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681b:8fdf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash b33dd1271c103ed0482fc7451de512c116751d8a74500bbc9f3e4c65e7a9623c Request headers Referer https://vendadiretaitau.com.br/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 04 Aug 2020 17:45:39 GMT content-encoding br cf-cache-status MISS server cloudflare x-powered-by Express expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=utf-8 status 200 cf-ray 5bda17e50a4d18e5-FRA cf-request-id 045c2d4322000018e5bb232200000001
GET H2	200	376ada7d-985a-4b66-8e61-b892265adca4-loader.js Show response d335luupugsy2.cloudfront.net/js/loader-scripts/	4 KB 2 KB	1057ms 920ms	Script application/javascript	143.204.208.7 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d335luupugsy2.cloudfront.net/js/loader-scripts/376ada7d-985a-4b66-8e61-b892265adca4-loader.js Requested by Host: vendadiretaitau.com.br URL: https://vendadiretaitau.com.br/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.208.7 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-208-7.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash e7d415bb43f853f93c08f19883a1b8c7a30dae93bd84540ad3cb6cd22cb49b46 Request headers Referer https://vendadiretaitau.com.br/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 04 Aug 2020 17:45:41 GMT content-encoding gzip last-modified Thu, 30 Jul 2020 14:21:37 GMT server AmazonS3 x-amz-cf-pop FRA53-C1 vary Accept-Encoding x-cache Miss from cloudfront x-amz-version-id iJmVZgxsoep.nB1hgbOunZA5OfNBEADr status 200 cache-control no-cache content-type application/javascript x-amz-cf-id zvR6UYVyXzSSLWISS21CDnoDyz7necHlvvN5mmOway3nXgNmGrWr6w== via 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
GET H2	200	js Show response www.googletagmanager.com/gtag/	84 KB 34 KB	27ms 15ms	Script application/javascript	2a00:1450:4001:806::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js Requested by Host: vendadiretaitau.com.br URL: https://vendadiretaitau.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e3053cbfd101dd1089c396909979071a7d7f3092c97895941856628d35fd24c8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://vendadiretaitau.com.br/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 04 Aug 2020 17:45:40 GMT content-encoding br vary Accept-Encoding status 200 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 33871 x-xss-protection 0 last-modified Tue, 04 Aug 2020 16:16:14 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 04 Aug 2020 17:45:40 GMT
GET H/1.1	200 OK	appleid.auth.js Show response appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/	42 KB 17 KB	257ms 62ms	Script application/javascript	104.121.161.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js Requested by Host: vendadiretaitau.com.br URL: https://vendadiretaitau.com.br/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.121.161.21 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-121-161-21.deploy.static.akamaitechnologies.com Software Apple / Resource Hash dc63b766a90c33d4c847743e12e55f2050403bfa26151e261104186aa5a035f7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://vendadiretaitau.com.br/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000; includeSubDomains; preload Content-Encoding gzip Last-Modified Mon, 27 Jul 2020 21:24:19 GMT Server Apple ETag W/"42671-1595885059761" Vary accept-encoding X-Cache TCP_MEM_HIT from a23-214-197-28.deploy.akamaitechnologies.com (AkamaiGHost/10.1.0.1-30367680) (-) Content-Type application/javascript;charset=UTF-8 Access-Control-Allow-Origin https://idmsa.apple.com Cache-Control public, max-age=86400,stale-while-revalidate=86400 Date Tue, 04 Aug 2020 17:45:39 GMT Connection keep-alive Accept-Ranges bytes Content-Length 17246
GET H/1.1	200 OK	9hkITZmCkhfnSSFn-1590593811_original.png condition.nyc3.cdn.digitaloceanspaces.com/auto-2-you-app/	108 KB 109 KB	995ms 657ms	Image image/png	205.185.216.10 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://condition.nyc3.cdn.digitaloceanspaces.com/auto-2-you-app/9hkITZmCkhfnSSFn-1590593811_original.png Requested by Host: vendadiretaitau.com.br URL: https://vendadiretaitau.com.br/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS map2.hwcdn.net Software / Resource Hash 5f402b7cf7f59fbcb3212ebb25ee3549d0dbaacdca1044d5bdd710f57c2e1f07 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers Referer https://vendadiretaitau.com.br/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 04 Aug 2020 17:45:41 GMT Last-Modified Wed, 27 May 2020 15:36:51 GMT x-amz-request-id tx0000000000000290a8a19-005f299ec5-38bfd94-nyc3a ETag "deefe5079665ba5cb688ae32008d1d20" Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-HW 1596563140.dop028.lo4.t,1596563140.cds081.lo4.shn,1596563140.dop028.lo4.t,1596563141.cds030.lo4.p Content-Type image/png Cache-Control max-age=3600 Connection Keep-Alive Accept-Ranges bytes Content-Length 111000
GET H/1.1	200 OK	dURWPMpnOHnofFlc-1588256218_original.png condition.nyc3.cdn.digitaloceanspaces.com/auto-2-you-app/	19 KB 20 KB	1035ms 730ms	Image image/png	205.185.216.10 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://condition.nyc3.cdn.digitaloceanspaces.com/auto-2-you-app/dURWPMpnOHnofFlc-1588256218_original.png Requested by Host: vendadiretaitau.com.br URL: https://vendadiretaitau.com.br/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS map2.hwcdn.net Software / Resource Hash ad7b078244cd4945a04743538bd890d8c5b01192f7648e1bf6481f9d959de9c2 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers Referer https://vendadiretaitau.com.br/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 04 Aug 2020 17:45:41 GMT Connection Keep-Alive Last-Modified Thu, 30 Apr 2020 14:16:58 GMT x-amz-request-id tx00000000000004721eb78-005f299ec5-35d9d00-nyc3a ETag "64390c644db6cd2c2dbf7d78dc57fe8f" Vary Access-Control-Request-Headers,Access-Control-Request-Method,Origin X-HW 1596563140.dop005.lo4.t,1596563140.cds095.lo4.shn,1596563140.dop005.lo4.t,1596563141.cds091.lo4.c Content-Type image/png Cache-Control max-age=3600 Strict-Transport-Security max-age=15552000; includeSubDomains; preload Accept-Ranges bytes Content-Length 19486
GET H/1.1	200 OK	PwrwWAQfnjdUBlsu-1590503286_original.png condition.nyc3.cdn.digitaloceanspaces.com/auto-2-you-app/	353 KB 353 KB	827ms 607ms	Image image/png	205.185.216.10 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://condition.nyc3.cdn.digitaloceanspaces.com/auto-2-you-app/PwrwWAQfnjdUBlsu-1590503286_original.png Requested by Host: vendadiretaitau.com.br URL: https://vendadiretaitau.com.br/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS map2.hwcdn.net Software / Resource Hash 5a300a6592e091ce6608825b9b189b4c198bd84cb785dfe28e55a80691f3c7fd Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers Referer https://vendadiretaitau.com.br/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 04 Aug 2020 17:45:41 GMT Last-Modified Tue, 26 May 2020 14:28:06 GMT x-amz-request-id tx0000000000000474cc540-005f299ec5-35e3884-nyc3a ETag "571f9fe31417d835c22f77da98c7d7ae" Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-HW 1596563140.dop203.lo4.t,1596563140.cds070.lo4.shn,1596563140.dop203.lo4.t,1596563141.cds064.lo4.p Content-Type image/png Cache-Control max-age=3600 Connection Keep-Alive Accept-Ranges bytes Content-Length 361021
GET H/1.1	200 OK	YRYPuV4UCDEfHzIz-1594814424_original.png condition.nyc3.cdn.digitaloceanspaces.com/auto-2-you-app/	9 KB 9 KB	900ms 562ms	Image image/png	205.185.216.10 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://condition.nyc3.cdn.digitaloceanspaces.com/auto-2-you-app/YRYPuV4UCDEfHzIz-1594814424_original.png Requested by Host: vendadiretaitau.com.br URL: https://vendadiretaitau.com.br/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS map2.hwcdn.net Software / Resource Hash 3a098b2ebcc0dd40d72141528119c98c1972d32147828f4dbeb578973bc52240 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers Referer https://vendadiretaitau.com.br/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 04 Aug 2020 17:45:41 GMT Last-Modified Wed, 15 Jul 2020 12:00:24 GMT x-amz-request-id tx0000000000000474cc551-005f299ec5-35e3884-nyc3a ETag "c5d5e7fa229637fd6210abe3d77c2a67" Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-HW 1596563140.dop005.lo4.t,1596563140.cds008.lo4.shn,1596563140.dop005.lo4.t,1596563141.cds079.lo4.p Content-Type image/png Cache-Control max-age=3600 Connection Keep-Alive Accept-Ranges bytes Content-Length 8881
GET H/1.1	200 OK	hb9RTRLL3a9YpJrW-1590511097_original.png condition.nyc3.cdn.digitaloceanspaces.com/auto-2-you-app/	7 KB 8 KB	912ms 562ms	Image image/png	205.185.216.10 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://condition.nyc3.cdn.digitaloceanspaces.com/auto-2-you-app/hb9RTRLL3a9YpJrW-1590511097_original.png Requested by Host: vendadiretaitau.com.br URL: https://vendadiretaitau.com.br/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS map2.hwcdn.net Software / Resource Hash 5ae7d198d1a2b00b5cf3565f2204fad7b70806a75d439a442971f6f537004980 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers Referer https://vendadiretaitau.com.br/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 04 Aug 2020 17:45:41 GMT Last-Modified Tue, 26 May 2020 16:38:17 GMT x-amz-request-id tx0000000000000473cefc8-005f299ec5-35d9c92-nyc3a ETag "7ac6933f0a300ca7956bd6fdc0358d9d" Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-HW 1596563140.dop203.lo4.t,1596563140.cds233.lo4.shn,1596563140.dop203.lo4.t,1596563141.cds248.lo4.p Content-Type image/png Cache-Control max-age=3600 Connection Keep-Alive Accept-Ranges bytes Content-Length 7320
GET H/1.1	200 OK	cFraPaM3IE0xdoOn-1594817335_original.png condition.nyc3.cdn.digitaloceanspaces.com/auto-2-you-app/	8 KB 8 KB	983ms 614ms	Image image/png	205.185.216.10 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://condition.nyc3.cdn.digitaloceanspaces.com/auto-2-you-app/cFraPaM3IE0xdoOn-1594817335_original.png Requested by Host: vendadiretaitau.com.br URL: https://vendadiretaitau.com.br/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS map2.hwcdn.net Software / Resource Hash a28beed6d13d508d45674564b896ec13c3a0c0b5d43018152e6e42adf9dca924 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers Referer https://vendadiretaitau.com.br/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 04 Aug 2020 17:45:41 GMT Last-Modified Wed, 15 Jul 2020 12:48:56 GMT x-amz-request-id tx0000000000000473cefd4-005f299ec5-35d9c92-nyc3a ETag "31feb213e06e03de47fc8b2694e6e0df" Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-HW 1596563140.dop028.lo4.t,1596563140.cds081.lo4.shn,1596563140.dop028.lo4.t,1596563141.cds043.lo4.p Content-Type image/png Cache-Control max-age=3600 Connection Keep-Alive Accept-Ranges bytes Content-Length 7823
GET H/1.1	200 OK	Eu25kVvGOq4zIYFH-1594815188_original.png condition.nyc3.cdn.digitaloceanspaces.com/auto-2-you-app/	8 KB 8 KB	658ms 658ms	Image image/png	205.185.216.10 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://condition.nyc3.cdn.digitaloceanspaces.com/auto-2-you-app/Eu25kVvGOq4zIYFH-1594815188_original.png Requested by Host: vendadiretaitau.com.br URL: https://vendadiretaitau.com.br/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS map2.hwcdn.net Software / Resource Hash abdc786c61116e3c53ba0218e81285106e1edde397922152f27c542e3113db4d Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers Referer https://vendadiretaitau.com.br/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 04 Aug 2020 17:45:42 GMT Connection Keep-Alive Last-Modified Wed, 15 Jul 2020 12:13:08 GMT x-amz-request-id tx0000000000000474cc5d2-005f299ec5-35e3884-nyc3a ETag "317730ceeb8aefda768edfb22ce4810f" Vary Access-Control-Request-Headers,Access-Control-Request-Method,Origin X-HW 1596563140.dop005.lo4.t,1596563140.cds008.lo4.shn,1596563141.dop005.lo4.t,1596563142.cds107.lo4.c Content-Type image/png Cache-Control max-age=3600 Strict-Transport-Security max-age=15552000; includeSubDomains; preload Accept-Ranges bytes Content-Length 7698
GET H/1.1	200 OK	7SohyFS7MsHygqA6-1588258980_original.png condition.nyc3.cdn.digitaloceanspaces.com/auto-2-you-app/	3 KB 3 KB	559ms 558ms	Image image/png	205.185.216.10 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://condition.nyc3.cdn.digitaloceanspaces.com/auto-2-you-app/7SohyFS7MsHygqA6-1588258980_original.png Requested by Host: vendadiretaitau.com.br URL: https://vendadiretaitau.com.br/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS map2.hwcdn.net Software / Resource Hash cfad9caa28d4f46d8c1d138e4767fbbb37fba8b864f4f8f679f9f6fd56dabbc1 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers Referer https://vendadiretaitau.com.br/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 04 Aug 2020 17:45:41 GMT Last-Modified Thu, 30 Apr 2020 15:03:00 GMT x-amz-request-id tx0000000000000290a8aa0-005f299ec5-38bfd94-nyc3a ETag "2732a0a7669835b46071b39916f4b405" Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-HW 1596563140.dop203.lo4.t,1596563140.cds233.lo4.shn,1596563141.dop203.lo4.t,1596563141.cds068.lo4.p Content-Type image/png Cache-Control max-age=3600 Connection Keep-Alive Accept-Ranges bytes Content-Length 2581
GET H/1.1	200 OK	gAaOq4QPR5jw8W2W-1588259237_original.png condition.nyc3.cdn.digitaloceanspaces.com/auto-2-you-app/	317 KB 317 KB	658ms 658ms	Image image/png	205.185.216.10 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://condition.nyc3.cdn.digitaloceanspaces.com/auto-2-you-app/gAaOq4QPR5jw8W2W-1588259237_original.png Requested by Host: vendadiretaitau.com.br URL: https://vendadiretaitau.com.br/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS map2.hwcdn.net Software / Resource Hash 9e18450b4bf1afc3ca8ac396e763f976a8bd2de074f501a786b5c26fe94ae5da Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers Referer https://vendadiretaitau.com.br/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 04 Aug 2020 17:45:42 GMT Last-Modified Thu, 30 Apr 2020 15:07:17 GMT x-amz-request-id tx0000000000000473cf056-005f299ec6-35d9c92-nyc3a ETag "621b455279605ca0fbe9fc1064531a14" Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-HW 1596563140.dop005.lo4.t,1596563140.cds095.lo4.shn,1596563141.dop005.lo4.t,1596563142.cds042.lo4.p Content-Type image/png Cache-Control max-age=3600 Connection Keep-Alive Accept-Ranges bytes Content-Length 324098
GET H/1.1	200 OK	DT5K0kHL9Bg4nCAX-1596554320_original.png condition.nyc3.cdn.digitaloceanspaces.com/auto-2-you-app/	8 KB 9 KB	518ms 517ms	Image image/png	205.185.216.10 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://condition.nyc3.cdn.digitaloceanspaces.com/auto-2-you-app/DT5K0kHL9Bg4nCAX-1596554320_original.png Requested by Host: vendadiretaitau.com.br URL: https://vendadiretaitau.com.br/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS map2.hwcdn.net Software / Resource Hash ec449b90a12df224ff679dcc26fe6a075b8bee6575b7891ea55b96c5869d828c Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers Referer https://vendadiretaitau.com.br/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 04 Aug 2020 17:45:41 GMT Last-Modified Tue, 04 Aug 2020 15:18:41 GMT x-amz-request-id tx0000000000000474cc5c9-005f299ec5-35e3884-nyc3a ETag "2f834b0fa6d4558b3196e049ab009b4d" Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-HW 1596563140.dop028.lo4.t,1596563140.cds081.lo4.shn,1596563141.dop028.lo4.t,1596563141.cds221.lo4.p Content-Type image/png Cache-Control max-age=3600 Connection Keep-Alive Accept-Ranges bytes Content-Length 8432
GET H2	200	runtime.cd8e7b08.js Show response vendadiretaitau.com.br/js/	5 KB 3 KB	654ms 652ms	Script application/javascript	2606:4700:3035::681c:eb3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://vendadiretaitau.com.br/js/runtime.cd8e7b08.js Requested by Host: vendadiretaitau.com.br URL: https://vendadiretaitau.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681c:eb3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 0350a9ec4def1753b38d988e020eab36fbc99ee95310b0a7fb0a20314188b66d Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://vendadiretaitau.com.br/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 04 Aug 2020 17:45:41 GMT content-encoding br etag W/"125c-173a61d8c5b" cf-cache-status MISS last-modified Fri, 31 Jul 2020 18:23:41 GMT server cloudflare x-powered-by Express expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 status 200 cache-control public, max-age=2592000 strict-transport-security max-age=31536000 cf-ray 5bda17ec493b6347-FRA cf-request-id 045c2d47af000063471686d200000001
GET H2	200	vendor.1383b88e.js Show response vendadiretaitau.com.br/js/	2 MB 518 KB	1305ms 1304ms	Script application/javascript	2606:4700:3035::681c:eb3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://vendadiretaitau.com.br/js/vendor.1383b88e.js Requested by Host: vendadiretaitau.com.br URL: https://vendadiretaitau.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681c:eb3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 48d21a0f92d47ca1a572c3c6e8477fecab411c520d5835019e231ab4e5c82d64 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://vendadiretaitau.com.br/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 04 Aug 2020 17:45:41 GMT content-encoding br etag W/"216a64-173a61d8c57" cf-cache-status MISS last-modified Fri, 31 Jul 2020 18:23:41 GMT server cloudflare x-powered-by Express expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 status 200 cache-control public, max-age=2592000 strict-transport-security max-age=31536000 cf-ray 5bda17ec493d6347-FRA cf-request-id 045c2d47af000063471686e200000001
GET H2	200	app.b3e189d5.js Show response vendadiretaitau.com.br/js/	204 KB 34 KB	827ms 826ms	Script application/javascript	2606:4700:3035::681c:eb3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://vendadiretaitau.com.br/js/app.b3e189d5.js Requested by Host: vendadiretaitau.com.br URL: https://vendadiretaitau.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681c:eb3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash c66d1d36a3903473c7b80dfc5114879515ede3247c9a88127244746d30aabafa Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://vendadiretaitau.com.br/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 04 Aug 2020 17:45:41 GMT content-encoding br etag W/"330d8-173a61d8c5b" cf-cache-status MISS last-modified Fri, 31 Jul 2020 18:23:41 GMT server cloudflare x-powered-by Express expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 status 200 cache-control public, max-age=2592000 strict-transport-security max-age=31536000 cf-ray 5bda17ec493e6347-FRA cf-request-id 045c2d47af000063471686f200000001
GET H2	200	OpenSans-Regular.1a2ff0af.woff vendadiretaitau.com.br/fonts/	58 KB 59 KB	943ms 943ms	Font font/woff	2606:4700:3035::681c:eb3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://vendadiretaitau.com.br/fonts/OpenSans-Regular.1a2ff0af.woff Requested by Host: vendadiretaitau.com.br URL: https://vendadiretaitau.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681c:eb3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 4f5c5dfcbbb7f9a09d7e27232c922994a6a82227e11e4299e922e4c6d9f2119c Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://vendadiretaitau.com.br/ Origin https://vendadiretaitau.com.br Response headers date Tue, 04 Aug 2020 17:45:41 GMT vary Accept-Encoding cf-cache-status MISS x-powered-by Express status 200 content-length 59816 cf-request-id 045c2d47bf0000634716871200000001 last-modified Fri, 31 Jul 2020 18:23:41 GMT server cloudflare etag W/"e9a8-173a61d8c4f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000 content-type font/woff cache-control public, max-age=2592000 accept-ranges bytes cf-ray 5bda17ec69546347-FRA
GET H2	200	lead-tracking.min.js Show response d335luupugsy2.cloudfront.net/js/lead-tracking/stable/	2 KB 1 KB	52ms 52ms	Script application/javascript	143.204.208.7 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d335luupugsy2.cloudfront.net/js/lead-tracking/stable/lead-tracking.min.js Requested by Host: d335luupugsy2.cloudfront.net URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/376ada7d-985a-4b66-8e61-b892265adca4-loader.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.208.7 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-208-7.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash ab32ba94c926ae655916654ff75d0924a17d94d09237af70c527e559dc5b1d18 Request headers Referer https://vendadiretaitau.com.br/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-amz-version-id keYAGQS69RQix3_mrYLovO4YHQ2_8htX content-encoding gzip last-modified Mon, 20 Jul 2020 19:55:09 GMT server AmazonS3 age 58659 date Tue, 04 Aug 2020 01:28:02 GMT vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript status 200 x-amz-cf-pop FRA53-C1 x-amz-cf-id QZfPpQ854fTATWz06_kREpj78_VBiHOhWtU6QdJ72_YCQRVeaRe1bg== via 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
GET H2	200	traffic-source-cookie.min.js Show response d335luupugsy2.cloudfront.net/js/traffic-source-cookie/stable/	2 KB 1 KB	103ms 102ms	Script application/javascript	143.204.208.7 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d335luupugsy2.cloudfront.net/js/traffic-source-cookie/stable/traffic-source-cookie.min.js Requested by Host: d335luupugsy2.cloudfront.net URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/376ada7d-985a-4b66-8e61-b892265adca4-loader.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.208.7 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-208-7.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash 236dff4a4166b49573efa5f643c5948e9295d24ae3cee930f993f36351a2efdd Request headers Referer https://vendadiretaitau.com.br/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-amz-version-id _JVjaD42aN7JyHkk9YUH3W7iuc97lJvx content-encoding gzip last-modified Mon, 20 Jul 2020 20:34:19 GMT server AmazonS3 age 59265 date Tue, 04 Aug 2020 01:17:56 GMT vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript status 200 x-amz-cf-pop FRA53-C1 x-amz-cf-id YJXG0jPm7ge9Z3DD97IvdPhV9JfwSCDJNBfaKDKMRS7uUBk0NivuCg== via 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
GET H2	200	sdk.js Show response connect.facebook.net/en_US/	3 KB 2 KB	19ms 6ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js Requested by Host: vendadiretaitau.com.br URL: https://vendadiretaitau.com.br/js/app.b3e189d5.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 430816b907657fc6643c96933d5b897000f3095ad3770e00b53851d42e6c633e Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://vendadiretaitau.com.br/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 cahlVZXND6RYOXrt5MTjPw== status 200 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 1779 etag "27f8488e1f5c4e37cc346b24e8b73d17" x-fb-debug 7QS1WXbOIGIfqXpzF2ZBYuuHEfJ/oNF4OqKXqlcoSVt0XlvOl2sEtJn14ow6WhQAHRJHG0p8ql5PYP8ql+4ePg== x-fb-trip-id 2097730283 x-fb-content-md5 f9a49024a1c91f5c7fc35c0c32c30ee1 x-frame-options DENY date Tue, 04 Aug 2020 17:45:42 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=1200,stale-while-revalidate=3600 timing-allow-origin * expires Tue, 04 Aug 2020 18:01:04 GMT
GET		chunk-common.8d0ae897.js vendadiretaitau.com.br/js/	0 0
GET		14.9b3c670e.js vendadiretaitau.com.br/js/	0 0
GET		15.72c74116.js vendadiretaitau.com.br/js/	0 0
GET H2	200	sdk.js Show response connect.facebook.net/en_US/	199 KB 61 KB	16ms 6ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js?hash=4f150bc28e50c3950dcabc1e92632259&ua=modern_es6 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/sdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash fee3032713586329f51f5b2fe301dc563ab7f4f40d8f5144c91d34a3a7ed58f3 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://vendadiretaitau.com.br/ Origin https://vendadiretaitau.com.br Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 sEoFh0jKO25CscWsFPUg3g== status 200 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 61446 etag "55fb537744571e935a8446b07ad86ec1" x-fb-debug g57I8cZrLZLhxHmE2J+QRnUOWhTHNwxrmr/6OHsB7nR1JB4IC80vD0r7Jsk+zen84dmMhmLv/Ibv2mSMQsFjdw== x-fb-trip-id 664085054 x-fb-content-md5 ddc167e8ec314d60d3f5c535b1bbf8b1 x-frame-options DENY date Tue, 04 Aug 2020 17:45:42 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=31536000,stale-while-revalidate=3600,immutable timing-allow-origin * expires Wed, 04 Aug 2021 14:25:08 GMT
POST H2	200	send Show response pageview-notify.rdstation.com.br/	36 B 608 B	555ms 168ms	XHR text/html	104.198.189.172 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pageview-notify.rdstation.com.br/send Requested by Host: d335luupugsy2.cloudfront.net URL: https://d335luupugsy2.cloudfront.net/js/lead-tracking/stable/lead-tracking.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.198.189.172 , United States, ASN15169 (GOOGLE, US), Reverse DNS 172.189.198.104.bc.googleusercontent.com Software nginx/1.15.8 / Resource Hash f7941f9fc373ce499a29961e72f43265a4654bc0f2ef46f1c8570f6c04216fc6 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://vendadiretaitau.com.br/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Tue, 04 Aug 2020 17:45:43 GMT x-content-type-options nosniff server nginx/1.15.8 status 200 x-frame-options SAMEORIGIN access-control-allow-methods POST, GET, OPTIONS content-type text/html;charset=utf-8 access-control-allow-origin https://vendadiretaitau.com.br access-control-max-age 1728000 access-control-allow-credentials true strict-transport-security max-age=15724800; includeSubDomains access-control-allow-headers *, Content-Type, Accept, AUTHORIZATION, Cache-Control content-length 36 x-xss-protection 1; mode=block access-control-expose-headers Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma
GET H2	200	rdstation-popup.min.js Show response d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/	194 KB 54 KB	190ms 81ms	Script application/javascript	143.204.208.90 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/rdstation-popup.min.js?v=1 Requested by Host: d335luupugsy2.cloudfront.net URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/376ada7d-985a-4b66-8e61-b892265adca4-loader.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.208.90 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-208-90.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash 9609d3076c0112e40a1653035a5b441fe4422bc785ec171b7628c0276516da72 Request headers Referer https://vendadiretaitau.com.br/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 04 Aug 2020 14:59:04 GMT content-encoding gzip last-modified Tue, 04 Aug 2020 14:58:55 GMT server AmazonS3 age 10000 etag "f71c8cb36513dc74062bbdad51da4ebc" x-cache Hit from cloudfront x-amz-version-id yBU4JF6Mi59mMCrVfb5GNSa4a6nLKKXd status 200 x-amz-cf-pop FRA53-C1 accept-ranges bytes content-type application/javascript; charset=utf-8 content-length 54882 via 1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront) x-amz-cf-id KgvzfLMcGnBpGlw9NU1SK9T-ysgkmz85jEORM9NcupoYLZ4KRCvWHA==
GET H2	200	rd-js-integration.min.js Show response d335luupugsy2.cloudfront.net/js/integration/stable/	9 KB 4 KB	190ms 81ms	Script application/javascript	143.204.208.90 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d335luupugsy2.cloudfront.net/js/integration/stable/rd-js-integration.min.js?v=1 Requested by Host: d335luupugsy2.cloudfront.net URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/376ada7d-985a-4b66-8e61-b892265adca4-loader.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.208.90 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-208-90.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash bca215feed7c7ff7df5ef1275236bbf150a0664c89221b3579157c044edee1f5 Request headers Referer https://vendadiretaitau.com.br/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-amz-version-id pGgp_EiLlfWvd8gefYq_dYNrPwSm7tOp content-encoding gzip etag "28db68787e89c6dca24ac5f046ee74f5" age 28555 x-cache Hit from cloudfront status 200 content-length 3595 last-modified Fri, 10 Jul 2020 17:55:45 GMT server AmazonS3 date Tue, 04 Aug 2020 09:49:49 GMT content-type application/javascript; charset=utf-8 via 1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront) cache-control max-age=86400, must-revalidate x-amz-cf-pop FRA53-C1 accept-ranges bytes x-amz-cf-id OVNCqqYlPzfon4MDTV_NV0MAAN_Hjg5Ht8a5m89wBXOxLlVQbdv_HA==
GET H2	200	show.json Show response pages.rdstation.com.br/popup/	13 B 79 B	617ms 297ms	XHR application/json	34.68.90.188 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pages.rdstation.com.br/popup/show.json?account_id=139123&uniq=_zydegl3zx&ref=aHR0cHM6Ly92ZW5kYWRpcmV0YWl0YXUuY29tLmJyLw== Requested by Host: d335luupugsy2.cloudfront.net URL: https://d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/rdstation-popup.min.js?v=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.68.90.188 , United States, ASN15169 (GOOGLE, US), Reverse DNS 188.90.68.34.bc.googleusercontent.com Software / Resource Hash 96ddd38efe76ec82a9f2b4ecb8c151aa7b202d792823131a8936fc9bd616b22a Request headers Referer https://vendadiretaitau.com.br/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Tue, 04 Aug 2020 17:45:43 GMT access-control-allow-origin * content-length 13 content-type application/json
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/2.1.1/	82 KB 29 KB	18ms 7ms	Script text/javascript	2a00:1450:4001:821::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js Requested by Host: d335luupugsy2.cloudfront.net URL: https://d335luupugsy2.cloudfront.net/js/integration/stable/rd-js-integration.min.js?v=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://vendadiretaitau.com.br/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 08 Jul 2020 20:57:31 GMT content-encoding gzip x-content-type-options nosniff age 2321292 status 200 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 29671 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Thu, 08 Jul 2021 20:57:31 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

vendadiretaitau.com.br

URL

https://vendadiretaitau.com.br/js/chunk-common.8d0ae897.js

Domain

vendadiretaitau.com.br

URL

https://vendadiretaitau.com.br/js/14.9b3c670e.js

Domain

vendadiretaitau.com.br

URL

https://vendadiretaitau.com.br/js/15.72c74116.js

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banco Itau (Banking)

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| cpt string| cppt object| cpdata object| IntlPolyfill object| device object| scCGSHMRCache object| Conpass function| parcelRequire function| gtag object| dataLayer object| AppleID object| __Q_META__ function| dispatchEvents function| fireEvents object| RDStation object| RDCookieControl boolean| RDStationTrackingCodeChecker object| google_tag_manager object| __INITIAL_STATE__ object| LeadTracking object| TrafficSourceCookie object| webpackJsonp object| regeneratorRuntime object| __core-js_shared__ object| core function| fbAsyncInit object| FB object| RdstationPopup function| _classCallCheck function| _defineProperties function| _createClass function| _typeof function| RDStationFormIntegration object| FormFields function| RDErrorNotifier object| RDIntegrationCookieConsent object| RDIntegrationCreditCard object| RDIntegrationDataPrivacy object| FieldMapping object| RdIntegrationIdentifier object| RdIntegration function| $ function| jQuery

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/376ada7d-985a-4b66-8e61-b892265adca4-loader.js(Line 1) Message: LeadTracking initialized
console-api	log	URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/376ada7d-985a-4b66-8e61-b892265adca4-loader.js(Line 1) Message: TrafficSourceCookie initialized
console-api	error	URL: https://vendadiretaitau.com.br/js/vendor.1383b88e.js(Line 1615) Message: ChunkLoadError: Loading chunk 0 failed. (error: https://vendadiretaitau.com.br/js/chunk-common.8d0ae897.js)
console-api	log	URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/376ada7d-985a-4b66-8e61-b892265adca4-loader.js(Line 1) Message: FormIntegration; ver.1.3.3 initialized

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
appleid.cdn-apple.com
condition.nyc3.cdn.digitaloceanspaces.com
connect.facebook.net
d335luupugsy2.cloudfront.net
fast.conpass.io
pages.rdstation.com.br
pageview-notify.rdstation.com.br
vendadiretaitau.com.br
www.googletagmanager.com
vendadiretaitau.com.br
104.121.161.21
104.198.189.172
143.204.208.7
143.204.208.90
205.185.216.10
2606:4700:3033::681b:8fdf
2606:4700:3035::681c:eb3
2a00:1450:4001:806::2008
2a00:1450:4001:821::200a
2a03:2880:f01c:8012:face:b00c:0:3
34.68.90.188
0350a9ec4def1753b38d988e020eab36fbc99ee95310b0a7fb0a20314188b66d
236dff4a4166b49573efa5f643c5948e9295d24ae3cee930f993f36351a2efdd
3a098b2ebcc0dd40d72141528119c98c1972d32147828f4dbeb578973bc52240
430816b907657fc6643c96933d5b897000f3095ad3770e00b53851d42e6c633e
48d21a0f92d47ca1a572c3c6e8477fecab411c520d5835019e231ab4e5c82d64
4f5c5dfcbbb7f9a09d7e27232c922994a6a82227e11e4299e922e4c6d9f2119c
5a300a6592e091ce6608825b9b189b4c198bd84cb785dfe28e55a80691f3c7fd
5ae7d198d1a2b00b5cf3565f2204fad7b70806a75d439a442971f6f537004980
5f402b7cf7f59fbcb3212ebb25ee3549d0dbaacdca1044d5bdd710f57c2e1f07
78df82566ed7247f65ee0cc5bee724cb77348f7cbbcb94d161739250a4de3535
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
9609d3076c0112e40a1653035a5b441fe4422bc785ec171b7628c0276516da72
96ddd38efe76ec82a9f2b4ecb8c151aa7b202d792823131a8936fc9bd616b22a
9e18450b4bf1afc3ca8ac396e763f976a8bd2de074f501a786b5c26fe94ae5da
a28beed6d13d508d45674564b896ec13c3a0c0b5d43018152e6e42adf9dca924
ab32ba94c926ae655916654ff75d0924a17d94d09237af70c527e559dc5b1d18
abdc786c61116e3c53ba0218e81285106e1edde397922152f27c542e3113db4d
ad7b078244cd4945a04743538bd890d8c5b01192f7648e1bf6481f9d959de9c2
b33dd1271c103ed0482fc7451de512c116751d8a74500bbc9f3e4c65e7a9623c
bca215feed7c7ff7df5ef1275236bbf150a0664c89221b3579157c044edee1f5
c66d1d36a3903473c7b80dfc5114879515ede3247c9a88127244746d30aabafa
cfad9caa28d4f46d8c1d138e4767fbbb37fba8b864f4f8f679f9f6fd56dabbc1
dc63b766a90c33d4c847743e12e55f2050403bfa26151e261104186aa5a035f7
e3053cbfd101dd1089c396909979071a7d7f3092c97895941856628d35fd24c8
e7d415bb43f853f93c08f19883a1b8c7a30dae93bd84540ad3cb6cd22cb49b46
ec449b90a12df224ff679dcc26fe6a075b8bee6575b7891ea55b96c5869d828c
f7941f9fc373ce499a29961e72f43265a4654bc0f2ef46f1c8570f6c04216fc6
fee3032713586329f51f5b2fe301dc563ab7f4f40d8f5144c91d34a3a7ed58f3