oauth.liberumratings.com.br Open in urlscan Pro
2600:9000:275b:de00:13:a7ea:680:93a1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://oauth.liberumratings.com.br/signup?redirect_url=https%3A%2F%2Fscience.liberumratings.com.br%2Fadmin%3Futm_source%3Dapollo&ut...
Submission Tags: falconsandbox
Submission: On August 07 via api (August 7th 2024, 7:24:53 pm UTC) from US — Scanned from DE

Summary HTTP 26 Redirects Behaviour Indicators

Summary

This website contacted 15 IPs in 2 countries across 14 domains to perform 26 HTTP transactions. The main IP is 2600:9000:275b:de00:13:a7ea:680:93a1, located in United States and belongs to AMAZON-02, US. The main domain is oauth.liberumratings.com.br.
TLS certificate: Issued by Amazon RSA 2048 M02 on September 14th 2023. Valid for: a year.

This is the only time oauth.liberumratings.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	2600:9000:275... 2600:9000:275b:de00:13:a7ea:680:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:8ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:4e8e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:a0a8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700::68... 2606:4700::6810:7674	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:80ac	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:16b7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:f46c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:50cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:10::210:a9a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2620:1ec:50::12 2620:1ec:50::12	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
26	15

6 2600:9000:275b:de00:13:a7ea:680:93a1 (United States)

ASN16509 (AMAZON-02, US)

oauth.liberumratings.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:8ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4e8e (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a0a8 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:7674 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cta-service-cms2.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:80ac (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:16b7 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:f46c (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:50cc (United States)

ASN13335 (CLOUDFLARENET, US)

perf-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:10::210:a9a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:50::12 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	liberumratings.com.br oauth.liberumratings.com.br	322 KB
5	hubspot.com js.hubspot.com — Cisco Umbrella Rank: 8139 api.hubspot.com — Cisco Umbrella Rank: 9983 cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 8074 track.hubspot.com — Cisco Umbrella Rank: 5359	28 KB
4	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 669 px4.ads.linkedin.com — Cisco Umbrella Rank: 7330	2 KB
2	gstatic.com fonts.gstatic.com	24 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1884	14 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	84 KB
1	hsforms.com perf-na1.hsforms.com — Cisco Umbrella Rank: 8524	930 B
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 7580	1 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	872 B
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 5067	26 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 7189	4 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 5135	25 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 10675	24 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 5414	1 KB
26	14

	Domain	Requested by
6	oauth.liberumratings.com.br	oauth.liberumratings.com.br
3	px.ads.linkedin.com	1 redirects snap.licdn.com
2	fonts.gstatic.com	fonts.googleapis.com
2	api.hubspot.com	js.usemessages.com
1	track.hubspot.com
1	px4.ads.linkedin.com	oauth.liberumratings.com.br
1	snap.licdn.com	js.hsadspixel.net
1	www.googletagmanager.com	js.hsadspixel.net
1	perf-na1.hsforms.com	oauth.liberumratings.com.br
1	api.hubapi.com	js.hsadspixel.net
1	cta-service-cms2.hubspot.com	js.hubspot.com
1	fonts.googleapis.com	oauth.liberumratings.com.br
1	js.hs-banner.com	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	js.hubspot.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	js.hs-scripts.com	oauth.liberumratings.com.br
26	18

This site contains no links.

Subject Issuer	Validity	Valid
*.liberumratings.com.br Amazon RSA 2048 M02	`2023-09-14` - `2024-10-12`	a year	crt.sh
hs-scripts.com WE1	`2024-07-29` - `2024-10-27`	3 months	crt.sh
usemessages.com E5	`2024-06-10` - `2024-09-08`	3 months	crt.sh
hs-analytics.net WE1	`2024-06-11` - `2024-09-09`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2024-01-06` - `2024-12-31`	a year	crt.sh
hsadspixel.net E6	`2024-06-14` - `2024-09-12`	3 months	crt.sh
hs-banner.com WE1	`2024-07-27` - `2024-10-25`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
hubapi.com E6	`2024-07-02` - `2024-09-30`	3 months	crt.sh
hsforms.com WE1	`2024-06-14` - `2024-09-12`	3 months	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-07-01` - `2025-01-01`	6 months	crt.sh

This page contains 1 frames:

Primary Page: https://oauth.liberumratings.com.br/signup?redirect_url=https%3A%2F%2Fscience.liberumratings.com.br%2Fadmin%3Futm_source%3Dapollo&utm_medium=email&utm_campaign&utm_term=disparo-23-07&utm_content
Frame ID: A983F61ACFD399B079624C671ED69AC5
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Liberum Ratings

Detected technologies

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

26
Requests

96 %
HTTPS

100 %
IPv6

14
Domains

18
Subdomains

15
IPs

2
Countries

556 kB
Transfer

2127 kB
Size

12
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=6284273&time=1723058687857&url=https%3A%2F%2Foauth.liberumratings.com.br%2Fsignup%3Fredirect_url%3Dhttps%253A%252F%252Fscience.liberumratings.com.br%252Fadmin%253Futm_source%253Dapollo%26utm_medium%3Demail%26utm_campaign%26utm_term%3Ddisparo-23-07%26utm_content HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6284273&time=1723058687857&url=https%3A%2F%2Foauth.liberumratings.com.br%2Fsignup%3Fredirect_url%3Dhttps%253A%252F%252Fscience.liberumratings.com.br%252Fadmin%253Futm_source%253Dapollo%26utm_medium%3Demail%26utm_campaign%26utm_term%3Ddisparo-23-07%26utm_content&e_ipv6=AQK3EOm6-k9hEQAAAZEuTRAQXgXO7Fq3RyGpSJMITjvEgt8bK4ieTGAcIJC3kAE08lhJp74zbg7sJkRekoA4hZAys83Y2g

26 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request signup Show response
oauth.liberumratings.com.br/ 703 B
1 KB 577ms
419ms Document
text/html 2600:9000:275b:de00:13:a7ea:680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://oauth.liberumratings.com.br/signup?redirect_url=https%3A%2F%2Fscience.liberumratings.com.br%2Fadmin%3Futm_source%3Dapollo&utm_medium=email&utm_campaign&utm_term=disparo-23-07&utm_content
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:de00:13:a7ea:680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1e341d5fd9d7654e33920ba1b388b257a878a16a3f0f12279f15f7b72529eb2f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 12261
alt-svc: h3=":443"; ma=86400
cache-control: max-age=86400
content-length: 703
content-type: text/html
date: Wed, 07 Aug 2024 16:00:25 GMT
etag: "3e25cea6d817d03c21afd9a2c8a5949a"
last-modified: Wed, 29 May 2024 13:35:18 GMT
server: AmazonS3
via: 1.1 b77e6c4c926acdb5c1a30b7465e6750e.cloudfront.net (CloudFront)
x-amz-cf-id: comwS1QkMtijwa6wkNKLLTR5mI_E6hez0g8LmTs33F1gBuHRQ8mltA==
x-amz-cf-pop: FRA60-P7
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront

GET
H2 200 24442932.js Show response
js.hs-scripts.com/ 2 KB
1 KB 268ms
186ms Script
application/javascript 2606:4700::6810:8ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/24442932.js

Requested by

Host: oauth.liberumratings.com.br
URL: https://oauth.liberumratings.com.br/signup?redirect_url=https%3A%2F%2Fscience.liberumratings.com.br%2Fadmin%3Futm_source%3Dapollo&utm_medium=email&utm_campaign&utm_term=disparo-23-07&utm_content

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:8ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3301ead22adbeadf12b2c13142ef5495ad6b0ffb7f642e0165a97ac3df065d4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://oauth.liberumratings.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 19:24:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: cc1f76f8-a0e1-4688-a22b-41ac8457a296
x-envoy-upstream-service-time: 21
content-length: 677
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: cc1f76f8-a0e1-4688-a22b-41ac8457a296
last-modified: Wed, 07 Aug 2024 19:24:47 GMT
server: cloudflare
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://oauth.liberumratings.com.br
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-85b74c4c74-67stj
access-control-allow-credentials: true
cache-control: public, max-age=90
accept-ranges: bytes
cf-ray: 8af9a618dd2b9188-FRA
expires: Wed, 07 Aug 2024 19:26:17 GMT

GET
H2 200 index-e59c4885.js Show response
oauth.liberumratings.com.br/assets/ 1006 KB
234 KB 29ms
28ms Script
application/javascript 2600:9000:275b:de00:13:a7ea:680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://oauth.liberumratings.com.br/assets/index-e59c4885.js
Requested by: Host: oauth.liberumratings.com.br
URL: https://oauth.liberumratings.com.br/signup?redirect_url=https%3A%2F%2Fscience.liberumratings.com.br%2Fadmin%3Futm_source%3Dapollo&utm_medium=email&utm_campaign&utm_term=disparo-23-07&utm_content
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:de00:13:a7ea:680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 682c6521b316ce3c91c482f89ad408fd6d7b626f6a2611072ac17ab08d8560fd

Request headers

Referer: https://oauth.liberumratings.com.br/signup?redirect_url=https%3A%2F%2Fscience.liberumratings.com.br%2Fadmin%3Futm_source%3Dapollo&utm_medium=email&utm_campaign&utm_term=disparo-23-07&utm_content
Origin: https://oauth.liberumratings.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 19:24:47 GMT
content-encoding: br
via: 1.1 b77e6c4c926acdb5c1a30b7465e6750e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 29 May 2024 13:35:18 GMT
server: AmazonS3
etag: W/"7030b2dc429c79280a52cbc514afe110"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-id: hooYSSQTJjvSmtNt-JRGQS00s9Ksywy9u5aj7UVO2rm1fZPwFtQFag==

GET
H2 200 index-62b1185e.css
oauth.liberumratings.com.br/assets/ 442 KB
62 KB 37ms
37ms Stylesheet
text/css 2600:9000:275b:de00:13:a7ea:680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://oauth.liberumratings.com.br/assets/index-62b1185e.css
Requested by: Host: oauth.liberumratings.com.br
URL: https://oauth.liberumratings.com.br/signup?redirect_url=https%3A%2F%2Fscience.liberumratings.com.br%2Fadmin%3Futm_source%3Dapollo&utm_medium=email&utm_campaign&utm_term=disparo-23-07&utm_content
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:de00:13:a7ea:680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 62b1185e2d81a92fb0e3b17917131c689d9a02ee5817890318abda9dd0175590

Request headers

Referer: https://oauth.liberumratings.com.br/signup?redirect_url=https%3A%2F%2Fscience.liberumratings.com.br%2Fadmin%3Futm_source%3Dapollo&utm_medium=email&utm_campaign&utm_term=disparo-23-07&utm_content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 19:24:47 GMT
content-encoding: br
via: 1.1 b77e6c4c926acdb5c1a30b7465e6750e.cloudfront.net (CloudFront)
last-modified: Wed, 29 May 2024 13:35:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
etag: W/"ca88f3539c1b3bf4dd82a019a2d767a0"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=86400
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: kgF_QvInPwDAdb3NWtMGTyZU3wNjEbwXz2PTISZ8jzj6g-ns6hYndA==

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 85 KB
24 KB 118ms
42ms Script
application/javascript 2606:4700::6810:4e8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.usemessages.com/conversations-embed.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/24442932.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:4e8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d7ed318241870f903fff41d6a794e810f50196b374ff4274fc36b2b33bfb6af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://oauth.liberumratings.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 19:24:47 GMT
content-encoding: gzip
via: 1.1 3042bd56e0ca0a7910df89f6b5e95e9e.cloudfront.net (CloudFront)
x-amz-version-id: IOZvZyCQvESzzIXDpDb8C47v20ojhaU7
cf-cache-status: HIT
x-content-type-options: nosniff
x-amz-cf-pop: IAD12-P3
age: 366
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.17367/bundles/project.js&cfRay=8af99d2abd0565d7-FRA
x-cache: Hit from cloudfront
x-hubspot-correlation-id: 98a3df3a-f766-4bdf-ad2e-bf67faf2678a
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 0
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 98a3df3a-f766-4bdf-ad2e-bf67faf2678a
last-modified: Thu, 01 Aug 2024 19:44:14 UTC
server: cloudflare
etag: W/"b57858533bdc895fc298584a34a08c3a"
vary: accept-encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-5f4dcb8bc8-sffzl
cf-ray: 8af9a61a78c48ed3-FRA
x-amz-cf-id: ACArLjFtf9tFby7vsNye49AILY01cqYI8Dt1ZbjE2NTIbSLAsJ3gqw==
x-hs-target-asset: conversations-embed/static-1.17367/bundles/project.js

GET
H2 200 24442932.js Show response
js.hs-analytics.net/analytics/1723058400000/ 68 KB
25 KB 326ms
264ms Script
text/javascript 2606:4700::6810:a0a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1723058400000/24442932.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/24442932.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:a0a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 402288cd454c5ea699694a2fcfe994459fb206db27924b627488e06af5bf17b2

Request headers

Referer: https://oauth.liberumratings.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 19:24:47 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: MISS
x-amz-request-id: YJZDFFX7M2K3S0H0
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: d5723ee3-09f3-4d80-845b-a0ff46ffc02b
x-envoy-upstream-service-time: 34
x-amz-id-2: BWDU/qH/I6IxcKNREqvUvE/ddfgxgHHEdk526xWkLTE4wLTyBqHxmUR07CkaLJM/32ujKnFKwyU=
x-evy-trace-listener: listener_https
x-request-id: d5723ee3-09f3-4d80-845b-a0ff46ffc02b
x-evy-trace-route-configuration: listener_https/all
last-modified: Sat, 03 Aug 2024 00:57:30 GMT
server: cloudflare
etag: W/"baccff013bafa053c0a6085170f8c349"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-6895b58fd6-g9d49
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 8af9a61a6ca435ea-FRA
expires: Wed, 07 Aug 2024 19:29:47 GMT

GET
H2 200 web-interactives-embed.js Show response
js.hubspot.com/ 82 KB
24 KB 229ms
164ms Script
application/javascript 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hubspot.com/web-interactives-embed.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/24442932.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

720b43e5950b3ef9c934b9253a76353a916cc4399cc2d17bdc5a508ce2569d74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://oauth.liberumratings.com.br/
Origin: https://oauth.liberumratings.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.1294/bundles/project.js&cfRay=8af9a61a69e6377c-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"ca106ef78092107b8d4a40131d641c01"
vary: accept-encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-hs-target-asset: web-interactives-embed/static-2.1294/bundles/project.js
date: Wed, 07 Aug 2024 19:24:47 GMT
x-amz-version-id: GMZ9HyPHjtzB9hq9Kp4nuMbTlOz7NvmB
x-content-type-options: nosniff
cf-cache-status: MISS
via: 1.1 f57a09c5455a80253c61001d750462e6.cloudfront.net (CloudFront)
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 743524e5-cf1f-4f06-bf2d-05be9328f22a
x-cache: Hit from cloudfront
cache-tag: staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 3
x-evy-trace-route-configuration: listener_https/all
x-request-id: 743524e5-cf1f-4f06-bf2d-05be9328f22a
last-modified: Mon, 29 Jul 2024 11:16:10 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9zVB5MmAUWFh0%2FgnRMMntXBMp%2BXdG7amSde8Txx5ocaQhizuSy%2B3RH%2FiG8LNA3D%2FA30Ex3fyZtrpfBV4YkRBkHvxXfaE2B34eLLJx5niGdyHJ0jveXgAP8f9O3iQBxQiXowBzlQv2BoxpgV3"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-5f4dcb8bc8-sw27x
cf-ray: 8af9a61a69e6377c-FRA
x-amz-cf-id: 2axCc-kVVz_hzi4JBxmUGdenFjpjTqUAFuTZ6LMNOCQttiAAdHF5tw==

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
4 KB 111ms
50ms Script
application/javascript 2606:4700::6811:80ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsadspixel.net/fb.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/24442932.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:80ac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e1b1a37caa8b7627123aeb0e23ad3a2ac14d4ad48be7aabb2ca7ca9da218ef5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://oauth.liberumratings.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 19:24:47 GMT
content-encoding: gzip
via: 1.1 3042bd56e0ca0a7910df89f6b5e95e9e.cloudfront.net (CloudFront)
x-amz-version-id: UIOsIr3qFS9r3wFn4ECf3yNr1.R8N2aA
cf-cache-status: HIT
x-content-type-options: nosniff
x-amz-cf-pop: IAD12-P3
age: 69
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.572/bundles/pixels-release.js&cfRay=8af9a46b6a1f8fe8-FRA
x-cache: Hit from cloudfront
x-hubspot-correlation-id: 7608c6e5-55b8-4a08-bbb1-f1985eb7e63e
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 0
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 7608c6e5-55b8-4a08-bbb1-f1985eb7e63e
last-modified: Tue, 06 Aug 2024 19:11:03 UTC
server: cloudflare
etag: W/"45a803cc17701ff8c7710294960c14c7"
vary: accept-encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-5f4dcb8bc8-sffzl
cf-ray: 8af9a61a6bcf917d-FRA
x-amz-cf-id: YVXT1YIq749QZUlHcUGz4781-Jdof2inxR1Z5sgqwfQvRmu1zqZESw==
x-hs-target-asset: adsscriptloaderstatic/static-1.572/bundles/pixels-release.js

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/24442932/ 71 KB
26 KB 385ms
321ms Script
text/javascript 2606:4700::6812:16b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/24442932/banner.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/24442932.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:16b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cff03237549cb27a0186388a1efba3ae8247cc3548d67775c22b46ea54d841eb

Request headers

Referer: https://oauth.liberumratings.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 19:24:47 GMT
x-amz-version-id: FvOftpKJ5rLtBT9ViHyq9T1upLEAPwxt
content-encoding: gzip
cf-cache-status: MISS
x-amz-request-id: YJZ17Y6ZH7EE955Z
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: fe2f5a7b-9630-4ff5-99d0-cf23f546c6ec
x-envoy-upstream-service-time: 77
x-amz-id-2: UxzWKVUyjYf/iy6Q93GORrFWjY5LVKKU38mlz7epQcBiZFkhJWwKecvOSURNW4llDh35p5hI/cg=
x-evy-trace-listener: listener_https
x-request-id: fe2f5a7b-9630-4ff5-99d0-cf23f546c6ec
x-evy-trace-route-configuration: listener_https/all
last-modified: Fri, 24 May 2024 23:19:41 GMT
server: cloudflare
etag: W/"8a3d6759b715b0315dfba6c5fb757251"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://oauth.liberumratings.com.br
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-6895b58fd6-g9d49
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 8af9a61a69ad8f32-FRA
expires: Wed, 07 Aug 2024 19:29:47 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
872 B 273ms
209ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Titillium+Web:wght@400;600;700&display=swap

Requested by

Host: oauth.liberumratings.com.br
URL: https://oauth.liberumratings.com.br/assets/index-62b1185e.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6884674b81f68b9f37fc3c18cfaf83441f7f12b7789ee690b8762ba23689dea6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://oauth.liberumratings.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 07 Aug 2024 19:24:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 07 Aug 2024 18:09:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Aug 2024 19:24:47 GMT

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ 0
0 202ms
193ms Preflight
text/plain 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=24442932&conversations-embed=static-1.17367&mobile=false&messagesUtk=5f5329505e344bc3ae52820dbd0f9116&traceId=5f5329505e344bc3ae52820dbd0f9116

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: https://oauth.liberumratings.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://oauth.liberumratings.com.br
allow: HEAD,GET,OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 8af9a61aeaf0377c-FRA
content-length: 18
content-type: text/plain; charset=utf-8
date: Wed, 07 Aug 2024 19:24:47 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lhra1S5dBg14losdiKY8BnS5sDQJ5ckEdv27kNC8d5pxucV7YQ0wRQr1jYb%2Fa3QJ3PjLxnVT2za1BUGW%2BceX6xxAqHjh791PtiLurHGsSEsuE%2FP1hDO8sKUvlbfQg4PXi9RNfmIJX75cQlUK5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 20
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-85b74c4c74-2ftm6
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: b90f7dca-1479-400a-8897-94cc12caf9cf
x-request-id: b90f7dca-1479-400a-8897-94cc12caf9cf

GET
H2 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 429 B
1 KB 175ms
174ms XHR
application/json 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d69e0c64f6f3ad4cfad3eef8641ed7bd69c3630f610c1605706258801eab2d31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://oauth.liberumratings.com.br/
X-HubSpot-Messages-Uri: https://oauth.liberumratings.com.br/signup?redirect_url=https%3A%2F%2Fscience.liberumratings.com.br%2Fadmin%3Futm_source%3Dapollo&utm_medium=email&utm_campaign&utm_term=disparo-23-07&utm_content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 19:24:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: cf967869-92e7-4d8b-b355-756dc8b35320
x-envoy-upstream-service-time: 10
content-length: 305
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: cf967869-92e7-4d8b-b355-756dc8b35320
server: cloudflare
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://oauth.liberumratings.com.br
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-85b74c4c74-4bsrn
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZjRN2P%2F030aA6EN2kQMj3UubY4vCTypSXvmtnxPM1dI1r3ODHlW3pYMSUZHcO3BpzgoWIbqQnmwAi64nvw5n%2BG2t%2F15b3IqPbHH%2FmUj%2B%2BiuhEXaLgh8rXdEnZUlDQOrKQ6C%2BkYiTF4guEA5qUw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8af9a61c2cfc377c-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H2 200 combinedConfigs Show response
cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/ 95 B
1 KB 164ms
154ms Fetch
application/json 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=24442932&currentUrl=https%3A%2F%2Foauth.liberumratings.com.br%2Fsignup%3Fredirect_url%3Dhttps%253A%252F%252Fscience.liberumratings.com.br%252Fadmin%253Futm_source%253Dapollo%26utm_medium%3Demail%26utm_campaign%26utm_term%3Ddisparo-23-07%26utm_content

Requested by

Host: js.hubspot.com
URL: https://js.hubspot.com/web-interactives-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f212e942ac33fd93669f03a55e2c0192224cdb6870b376fac8d3c5255cd01225

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://oauth.liberumratings.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 19:24:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 826892e2-623a-4d4e-ab94-4597530f047a
content-encoding: br
x-envoy-upstream-service-time: 11
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 826892e2-623a-4d4e-ab94-4597530f047a
server: cloudflare
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://oauth.liberumratings.com.br
x-evy-trace-virtual-host: all
access-control-max-age: 180
access-control-allow-credentials: true
cache-control: max-age=0, no-cache, no-store
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lha1TnLA9Eh1AOUZaCNNNDg3%2BRDYrXcqLoL9K5atwzfoDQ3%2FhgP87zGpKWdVExY%2BFPkoN3XXEMQcd6tsozbjff7tUEax8Cq74%2F5iMVzbVFTy%2BiDvFUgPRNf2IdEA7dmSeURGXxrOE8BD2DtCZh8vAToofPQQ93f5bVg%3D"}],"group":"cf-nel","max_age":604800}
x-robots-tag: noindex, follow
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 8af9a61bbc48377c-FRA
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-ffbf7bf5c-48pl2

GET
H3 200 logo-9c7c96de.svg
oauth.liberumratings.com.br/assets/ 12 KB
6 KB 439ms
439ms Image
image/svg+xml 2600:9000:275b:de00:13:a7ea:680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oauth.liberumratings.com.br/assets/logo-9c7c96de.svg
Requested by: Host: oauth.liberumratings.com.br
URL: https://oauth.liberumratings.com.br/signup?redirect_url=https%3A%2F%2Fscience.liberumratings.com.br%2Fadmin%3Futm_source%3Dapollo&utm_medium=email&utm_campaign&utm_term=disparo-23-07&utm_content
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:275b:de00:13:a7ea:680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9c7c96de87176bc4686f7125b622e681836e8ca57ad84a5ebe4b95cfaab4f992

Request headers

Referer: https://oauth.liberumratings.com.br/signup?redirect_url=https%3A%2F%2Fscience.liberumratings.com.br%2Fadmin%3Futm_source%3Dapollo&utm_medium=email&utm_campaign&utm_term=disparo-23-07&utm_content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 19:24:48 GMT
content-encoding: br
via: 1.1 dc468f8259c800daf36aec7b41b2dac8.cloudfront.net (CloudFront)
last-modified: Wed, 29 May 2024 13:35:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
etag: W/"fec589edc65411bb32771f4dbbf7b575"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/svg+xml
cache-control: max-age=86400
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: pstStWcwr-xqk_is4yefDQA425yoDiYj-sYwcDE441-0j56IOLUq2Q==

GET
H3 200 sign-up-first-fee82e45.svg
oauth.liberumratings.com.br/assets/ 49 KB
18 KB 425ms
424ms Image
image/svg+xml 2600:9000:275b:de00:13:a7ea:680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oauth.liberumratings.com.br/assets/sign-up-first-fee82e45.svg
Requested by: Host: oauth.liberumratings.com.br
URL: https://oauth.liberumratings.com.br/signup?redirect_url=https%3A%2F%2Fscience.liberumratings.com.br%2Fadmin%3Futm_source%3Dapollo&utm_medium=email&utm_campaign&utm_term=disparo-23-07&utm_content
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:275b:de00:13:a7ea:680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fee82e45823926b96a30786f391c7ac8f0599eb902665e82f18907f0567739b5

Request headers

Referer: https://oauth.liberumratings.com.br/signup?redirect_url=https%3A%2F%2Fscience.liberumratings.com.br%2Fadmin%3Futm_source%3Dapollo&utm_medium=email&utm_campaign&utm_term=disparo-23-07&utm_content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 19:24:48 GMT
content-encoding: br
via: 1.1 dc468f8259c800daf36aec7b41b2dac8.cloudfront.net (CloudFront)
last-modified: Wed, 29 May 2024 13:35:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
etag: W/"287b526183cd72a9c3b60dbd628a7c62"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/svg+xml
cache-control: max-age=86400
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: vmcJTbAkZ-wDMSi9WPGhiv1exFGNdY8lHA6ZRqoQSCrSi4o2tgXkuQ==

GET
H2 200 NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2
fonts.gstatic.com/s/titilliumweb/v17/ 12 KB
12 KB 88ms
29ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v17/NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Titillium+Web:wght@400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5c1172f24f4f49f780c65cf5be897527fd08f3662a2ba8db0cfe0057d92e367

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://oauth.liberumratings.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:30:22 GMT
x-content-type-options: nosniff
age: 100465
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11796
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:48:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Aug 2025 15:30:22 GMT

GET
H2 200 NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2
fonts.gstatic.com/s/titilliumweb/v17/ 12 KB
13 KB 83ms
23ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v17/NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Titillium+Web:wght@400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

557f6d0883db85be712c3a77baa38875ddf99ecbdfd6fec98e5c0b1f7a0e1532

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://oauth.liberumratings.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 14:40:28 GMT
x-content-type-options: nosniff
age: 17059
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12372
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:30:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Aug 2025 14:40:28 GMT

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 180 B
1 KB 223ms
167ms XHR
application/json 2606:4700::6812:f46c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=24442932

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f46c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10fbb104eef87f106425521ac6d335b1ecedbf37283d9ac638bbfa43704ba532

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://oauth.liberumratings.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 19:24:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: edc59fd2-bb20-45af-8716-416e721dbb75
content-encoding: br
x-envoy-upstream-service-time: 3
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: edc59fd2-bb20-45af-8716-416e721dbb75
server: cloudflare
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://oauth.liberumratings.com.br
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-85b74c4c74-67stj
access-control-max-age: 180
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kbEdEpZUrcFKjFyMxAQbaCyCEVu30CS3kxh2kOFk%2B5Sx4ZkG7VOfyjSYqNS5hqJR6dXjb2FWNH%2FgAwHpes77fZJ9OGUVjit1QfnNRgzPqkxnraXRD%2Blm70YXEiyOisW4Ap%2BQuT6OHS5tuvtk"}],"group":"cf-nel","max_age":604800}
cf-ray: 8af9a61cf8342bf3-FRA
access-control-allow-headers: *

GET
H3 200 counters.gif
perf-na1.hsforms.com/embed/v3/ 35 B
930 B 185ms
145ms Image
image/gif 2606:4700::6812:50cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:50cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://oauth.liberumratings.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 19:24:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 187e260f-1836-4d8c-b419-868dec4726af
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 187e260f-1836-4d8c-b419-868dec4726af
last-modified: Wed, 07 Aug 2024 19:24:47 GMT
server: cloudflare
vary: origin, Accept-Encoding
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-ffbf7bf5c-hm2w5
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: none
cf-ray: 8af9a61ceff96964-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 235 KB
84 KB 95ms
39ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-388638300

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fe970075e9caa7a4178786d1fbc751cba5d542662da0457c19ba58b463c32ee5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://oauth.liberumratings.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 19:24:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85841
x-xss-protection: 0
last-modified: Wed, 07 Aug 2024 18:49:22 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 07 Aug 2024 19:24:47 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 40 KB
14 KB 157ms
38ms Script
application/javascript 2a02:26f0:3500:10::210:a9a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:10::210:a9a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

edd5487f216469726314ae2b829b221d70e2a02674477e3c8f69a0d5f0b1ea49

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://oauth.liberumratings.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 19:24:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2024 05:33:09 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=9379
accept-ranges: bytes
content-length: 14597

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
817 B 244ms
177ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=6284273&time=1723058687857&url=https%3A%2F%2Foauth.liberumratings.com.br%2Fsignup%3Fredirect_url%3Dhttps%253A%252F%252Fscience.liberumratings.com.br%252Fadmin%253Futm_source%253Dapollo%26utm_medium%3Demail%26utm_campaign%26utm_term%3Ddisparo-23-07%26utm_content
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept: *
Referer: https://oauth.liberumratings.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 19:24:47 GMT
content-encoding: gzip
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: D8DD053750304D4C96B3A07949D0B108 Ref B: FRAEDGE1317 Ref C: 2024-08-07T19:24:47Z
access-control-allow-methods: GET, OPTIONS
x-li-fabric: prod-ltx1
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
content-type: application/json
x-li-proto: http/2
x-restli-protocol-version: 1.0.0
access-control-allow-headers: *
x-li-uuid: AAYfHN0GjrzQTqzK9NZ2jA==
x-fs-uuid: 00061f1cdd068ebcd04eaccaf4d6768c

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=6284273&time=1723058687857&url=https%3A%2F%2Foauth.liberumratings.com.br%2Fsignup%3Fredirect_url%3Dhttps%253A%252F%252Fscience.liberumratings.com....
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6284273&time=1723058687857&url=https%3A%2F%2Foauth.liberumratings.com.br%2Fsignup%3Fredirect_url%3Dhttps%253A%252F%252Fscience.liberumratings.com...

0
268 B

254ms
172ms

Image
application/javascript

2620:1ec:50::12
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6284273&time=1723058687857&url=https%3A%2F%2Foauth.liberumratings.com.br%2Fsignup%3Fredirect_url%3Dhttps%253A%252F%252Fscience.liberumratings.com.br%252Fadmin%253Futm_source%253Dapollo%26utm_medium%3Demail%26utm_campaign%26utm_term%3Ddisparo-23-07%26utm_content&e_ipv6=AQK3EOm6-k9hEQAAAZEuTRAQXgXO7Fq3RyGpSJMITjvEgt8bK4ieTGAcIJC3kAE08lhJp74zbg7sJkRekoA4hZAys83Y2g
Requested by: Host: oauth.liberumratings.com.br
URL: https://oauth.liberumratings.com.br/signup?redirect_url=https%3A%2F%2Fscience.liberumratings.com.br%2Fadmin%3Futm_source%3Dapollo&utm_medium=email&utm_campaign&utm_term=disparo-23-07&utm_content
Protocol: H2
Server: 2620:1ec:50::12 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://oauth.liberumratings.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 19:24:47 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: A8AF8DF81BB64A64ACCCD833E37267A0 Ref B: FRA231050413049 Ref C: 2024-08-07T19:24:48Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYfHN0KeZO7EYrZUkJurA==

Redirect headers

date: Wed, 07 Aug 2024 19:24:47 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 01468F0AF7A14F55A94A47F5A647AF92 Ref B: FRAEDGE1714 Ref C: 2024-08-07T19:24:47Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6284273&time=1723058687857&url=https%3A%2F%2Foauth.liberumratings.com.br%2Fsignup%3Fredirect_url%3Dhttps%253A%252F%252Fscience.liberumratings.com.br%252Fadmin%253Futm_source%253Dapollo%26utm_medium%3Demail%26utm_campaign%26utm_term%3Ddisparo-23-07%26utm_content&e_ipv6=AQK3EOm6-k9hEQAAAZEuTRAQXgXO7Fq3RyGpSJMITjvEgt8bK4ieTGAcIJC3kAE08lhJp74zbg7sJkRekoA4hZAys83Y2g
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYfHN0Go/U0nMm4dVUwnw==

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
204 B 176ms
174ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://oauth.liberumratings.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 07 Aug 2024 19:24:48 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: D8DEDBC5BB9740D39F2701E7276782DC Ref B: FRAEDGE1714 Ref C: 2024-08-07T19:24:48Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
access-control-allow-origin: https://oauth.liberumratings.com.br
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYfHN0NS5CoKX8Bi0ZvlA==

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 222ms
152ms Image
image/gif 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=1240600147&v=1.1&a=24442932&pu=https%3A%2F%2Foauth.liberumratings.com.br%2Fsignup%3Fredirect_url%3Dhttps%253A%252F%252Fscience.liberumratings.com.br%252Fadmin%253Futm_source%253Dapollo%26utm_medium%3Demail%26utm_campaign%26utm_term%3Ddisparo-23-07%26utm_content&t=Liberum+Ratings&cts=1723058688365&vi=8eb96d86dcd00cdb082dfe267b87c5cc&nc=true&u=228731011.8eb96d86dcd00cdb082dfe267b87c5cc.1723058688362.1723058688362.1723058688362.1&b=228731011.1.1723058688362&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://oauth.liberumratings.com.br/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 19:24:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 6eea4629-fe43-4bf5-bc12-19d6f9b8c3e5
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 6
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 6eea4629-fe43-4bf5-bc12-19d6f9b8c3e5
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WOiBJmxVqdmJaiZeeIli2%2BMpXKvsjN4zRezw2OqNyUoJGbaSePieOtnXDQXwVJjBXvzRwaaEG2f2A0I94gYbfwL7HvfMeIMH7vEBqIA58e2%2FMmZfuKbthGymJLnsl3DY2O1bhHhnn9XBCd3vE5hF"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-7bf556f6f-6zbgq
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 8af9a622c85e6acc-FRA
x-robots-tag: none

GET
H3 200 favicon-50689d9b.svg
oauth.liberumratings.com.br/assets/ 1 KB
956 B 39ms
39ms Other
image/svg+xml 2600:9000:275b:de00:13:a7ea:680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://oauth.liberumratings.com.br/assets/favicon-50689d9b.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:275b:de00:13:a7ea:680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 50689d9bd02d109f4f363c07524398228b4187f84840aed68a7776b27c2de2b0

Request headers

Referer: https://oauth.liberumratings.com.br/signup?redirect_url=https%3A%2F%2Fscience.liberumratings.com.br%2Fadmin%3Futm_source%3Dapollo&utm_medium=email&utm_campaign&utm_term=disparo-23-07&utm_content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 19:24:48 GMT
content-encoding: br
via: 1.1 dc468f8259c800daf36aec7b41b2dac8.cloudfront.net (CloudFront)
last-modified: Wed, 29 May 2024 13:35:18 GMT
server: AmazonS3
age: 1
x-amz-cf-pop: FRA60-P7
etag: W/"dfc5388af1985c91a317e4a085efdbd1"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=86400
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: qe6E2M-CCmQW5pNDAVHo9jlUHMRSkgDojYr97UihznEpjAoq2vQYSw==

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hsforms.com/	1970-01-20 22:37:40	Name: __cf_bm Value: YNZATi0K0yALueRnYYyTGcPu1Rvh2bz5uQkwBEDXHDA-1723058687-1.0.1.1-YS_hm_9YkgXcZv1oJJqv_f8XKe04vZ9lZLx_Pg0o8L.jGEQBtQvEzSntQZuQ0dRMp0rnWdXDK81UEP2kxPoGcw
.hsforms.com/	1969-12-31 23:59:59	Name: _cfuvid Value: YfmXfOT5gL7TkQ2jlK9vH1yJgSfPCF0XYcsUJ4KhLHM-1723058687631-0.0.1.1-604800000
.liberumratings.com.br/	1970-01-21 00:47:14	Name: _gcl_au Value: 1.1.266257210.1723058688
.linkedin.com/	1970-01-21 07:23:14	Name: bcookie Value: "v=2&b834a449-af4f-4a0b-83eb-a16533026581"
.linkedin.com/	1970-01-21 02:56:50	Name: li_gc Value: MTswOzE3MjMwNTg2ODg7MjswMjEua8h51LdqJnAeAvW/WJafjwuB+x03ivcOjvu9jwQX9g==
.linkedin.com/	1970-01-20 22:39:05	Name: lidc Value: "b=TGST01:s=T:r=T:a=T:p=T:g=3396:u=1:x=1:i=1723058688:t=1723145088:v=2:sig=AQHNZRwRZBXZYF2CY9DHdkWI9xzv6wD0"
.liberumratings.com.br/	1970-01-21 02:56:50	Name: __hstc Value: 228731011.8eb96d86dcd00cdb082dfe267b87c5cc.1723058688362.1723058688362.1723058688362.1
.liberumratings.com.br/	1970-01-21 02:56:50	Name: hubspotutk Value: 8eb96d86dcd00cdb082dfe267b87c5cc
.liberumratings.com.br/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.liberumratings.com.br/	1970-01-20 22:37:40	Name: __hssc Value: 228731011.1.1723058688362
.hubspot.com/	1970-01-20 22:37:40	Name: __cf_bm Value: fEtTIE6mtcW9PjBya07R0uADfhT2tShOTfDkGEq5Cew-1723058688-1.0.1.1-yOqebAltC4fAR0CK3FK4TQnBWKGjU8ELDyR84xeya1WfI5rH8eg.uzJ0oUVJv.fWBDJDQCaKjkRZwNiH6FmqmA
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: H03.6Zq9xDkS3ocn4l1kDh0ybOJ_jdrTxRF5YnQFMb4-1723058688578-0.0.1.1-604800000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubapi.com
api.hubspot.com
cta-service-cms2.hubspot.com
fonts.googleapis.com
fonts.gstatic.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hubspot.com
js.usemessages.com
oauth.liberumratings.com.br
perf-na1.hsforms.com
px.ads.linkedin.com
px4.ads.linkedin.com
snap.licdn.com
track.hubspot.com
www.googletagmanager.com
2600:9000:275b:de00:13:a7ea:680:93a1
2606:4700::6810:4e8e
2606:4700::6810:7674
2606:4700::6810:8ad1
2606:4700::6810:a0a8
2606:4700::6811:80ac
2606:4700::6812:16b7
2606:4700::6812:50cc
2606:4700::6812:f46c
2620:1ec:21::14
2620:1ec:50::12
2a00:1450:4001:827::2003
2a00:1450:4001:829::200a
2a00:1450:4001:82f::2008
2a02:26f0:3500:10::210:a9a
10fbb104eef87f106425521ac6d335b1ecedbf37283d9ac638bbfa43704ba532
1e341d5fd9d7654e33920ba1b388b257a878a16a3f0f12279f15f7b72529eb2f
3301ead22adbeadf12b2c13142ef5495ad6b0ffb7f642e0165a97ac3df065d4f
402288cd454c5ea699694a2fcfe994459fb206db27924b627488e06af5bf17b2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
50689d9bd02d109f4f363c07524398228b4187f84840aed68a7776b27c2de2b0
557f6d0883db85be712c3a77baa38875ddf99ecbdfd6fec98e5c0b1f7a0e1532
62b1185e2d81a92fb0e3b17917131c689d9a02ee5817890318abda9dd0175590
682c6521b316ce3c91c482f89ad408fd6d7b626f6a2611072ac17ab08d8560fd
6884674b81f68b9f37fc3c18cfaf83441f7f12b7789ee690b8762ba23689dea6
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d7ed318241870f903fff41d6a794e810f50196b374ff4274fc36b2b33bfb6af
720b43e5950b3ef9c934b9253a76353a916cc4399cc2d17bdc5a508ce2569d74
8e1b1a37caa8b7627123aeb0e23ad3a2ac14d4ad48be7aabb2ca7ca9da218ef5
9c7c96de87176bc4686f7125b622e681836e8ca57ad84a5ebe4b95cfaab4f992
cff03237549cb27a0186388a1efba3ae8247cc3548d67775c22b46ea54d841eb
d5c1172f24f4f49f780c65cf5be897527fd08f3662a2ba8db0cfe0057d92e367
d69e0c64f6f3ad4cfad3eef8641ed7bd69c3630f610c1605706258801eab2d31
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
edd5487f216469726314ae2b829b221d70e2a02674477e3c8f69a0d5f0b1ea49
f212e942ac33fd93669f03a55e2c0192224cdb6870b376fac8d3c5255cd01225
fe970075e9caa7a4178786d1fbc751cba5d542662da0457c19ba58b463c32ee5
fee82e45823926b96a30786f391c7ac8f0599eb902665e82f18907f0567739b5

oauth.liberumratings.com.br Open in urlscan Pro 2600:9000:275b:de00:13:a7ea:680:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

26 Requests

96 %HTTPS

100 %IPv6

14 Domains

18 Subdomains

15 IPs

2 Countries

556 kBTransfer

2127 kBSize

12 Cookies

0 Outgoing links

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

12 Cookies

Indicators

oauth.liberumratings.com.br Open in urlscan Pro
2600:9000:275b:de00:13:a7ea:680:93a1 Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

96 %
HTTPS

100 %
IPv6

14
Domains

18
Subdomains

15
IPs

2
Countries

556 kB
Transfer

2127 kB
Size

12
Cookies

26 HTTP transactions
0 data transactions