checkout-h.safe2pay.com.br
Open in
urlscan Pro
20.49.104.48
Public Scan
Submitted URL: https://checkout-h.safe2pay.com.br/
Effective URL: https://checkout-h.safe2pay.com.br/venda
Submission: On April 17 via automatic, source certstream-suspicious — Scanned from DE
Effective URL: https://checkout-h.safe2pay.com.br/venda
Submission: On April 17 via automatic, source certstream-suspicious — Scanned from DE
Summary
This website contacted 6 IPs
in 3 countries
across 4 domains to perform 25 HTTP transactions.
The main IP is 20.49.104.48, located in
Tappahannock, United States and
belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US.
The main domain is checkout-h.safe2pay.com.br.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on August 3rd 2021. Valid for: a year.
This is the only time checkout-h.safe2pay.com.br was scanned on urlscan.io!
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on August 3rd 2021. Valid for: a year.
This is the only time checkout-h.safe2pay.com.br was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 15 | 20.49.104.48 20.49.104.48 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 4 | 204.79.197.234 204.79.197.234 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 1 | 2606:4700::68... 2606:4700::6810:5514 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 2 | 2a01:111:f100... 2a01:111:f100:9001::1761:9746 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 2 | 2603:1030:501... 2603:1030:501:2::54 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 2 | 2603:1000:100... 2603:1000:100:5::3e | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 25 | 6 |
15
20.49.104.48
(Tappahannock, United States)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| checkout-h.safe2pay.com.br |
2
2a01:111:f100:9001::1761:9746
(Amsterdam, Netherlands)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| 8efbdfa97303c5d078029512692bc653.azr.footprintdns.com |
2
2603:1030:501:2::54
(Phoenix, United States)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| 34ab16c23701c90182328c1951db5df1.azr.footprintdns.com |
2
2603:1000:100:5::3e
(Johannesburg, South Africa)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| 3c3c48b49e024a53a6d7f3fd687f5efe.azr.footprintdns.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 15 |
safe2pay.com.br
1 redirects
checkout-h.safe2pay.com.br |
185 KB |
| 6 |
footprintdns.com
8efbdfa97303c5d078029512692bc653.azr.footprintdns.com 34ab16c23701c90182328c1951db5df1.azr.footprintdns.com 3c3c48b49e024a53a6d7f3fd687f5efe.azr.footprintdns.com |
969 B |
| 4 |
atmrum.net
www.atmrum.net — Cisco Umbrella Rank: 49076 |
4 KB |
| 1 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 436 |
18 KB |
| 25 | 4 |
| Domain | Requested by | |
|---|---|---|
| 15 | checkout-h.safe2pay.com.br |
1 redirects
checkout-h.safe2pay.com.br
|
| 4 | www.atmrum.net |
checkout-h.safe2pay.com.br
www.atmrum.net |
| 2 | 3c3c48b49e024a53a6d7f3fd687f5efe.azr.footprintdns.com |
checkout-h.safe2pay.com.br
|
| 2 | 34ab16c23701c90182328c1951db5df1.azr.footprintdns.com |
checkout-h.safe2pay.com.br
|
| 2 | 8efbdfa97303c5d078029512692bc653.azr.footprintdns.com |
checkout-h.safe2pay.com.br
|
| 1 | cdn.jsdelivr.net |
checkout-h.safe2pay.com.br
|
| 25 | 6 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.safe2pay.com.br Go Daddy Secure Certificate Authority - G2 |
2021-08-03 - 2022-09-04 |
a year | crt.sh |
| atmrum.net Microsoft Azure TLS Issuing CA 01 |
2022-02-21 - 2023-02-16 |
a year | crt.sh |
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-07-03 - 2022-07-02 |
a year | crt.sh |
| *.footprintdns.com Microsoft Azure TLS Issuing CA 05 |
2022-03-09 - 2023-03-04 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://checkout-h.safe2pay.com.br/venda
Frame ID: 84DAF43EAC7558EA13FA411D8C87828B
Requests: 25 HTTP requests in this frame
Screenshot
Page Title
Safe2Pay - VocĂȘ recebeu uma nova cobrança.Page URL History Show full URLs
-
https://checkout-h.safe2pay.com.br/
HTTP 302
https://checkout-h.safe2pay.com.br/venda Page URL
Detected technologies
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
SweetAlert2
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /npm/sweetalert2@([\d.]+)
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr
(CDN)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://checkout-h.safe2pay.com.br/
HTTP 302
https://checkout-h.safe2pay.com.br/venda Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
25 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
venda
checkout-h.safe2pay.com.br/ Redirect Chain
|
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bootstrap.min.css
checkout-h.safe2pay.com.br/css/ |
109 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
site.min.css
checkout-h.safe2pay.com.br/assets/css/ |
253 KB 47 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
loader.css
checkout-h.safe2pay.com.br/css/ |
758 B 866 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
helpers.css
checkout-h.safe2pay.com.br/css/ |
479 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
overrides.css
checkout-h.safe2pay.com.br/css/ |
1019 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
material-design.min.css
checkout-h.safe2pay.com.br/fonts/material-design/ |
84 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
font-awesome.min.css
checkout-h.safe2pay.com.br/fonts/font-awesome/ |
26 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
accordion.css
checkout-h.safe2pay.com.br/css/ |
544 B 806 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
singlesale.css
checkout-h.safe2pay.com.br/css/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
12016.png
checkout-h.safe2pay.com.br/assets/images/ |
13 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rum.js
www.atmrum.net/ |
301 B 609 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
s2p.ifg.js
checkout-h.safe2pay.com.br/js/bpmi/ |
12 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.min.js
checkout-h.safe2pay.com.br/vendor/jquery/ |
95 KB 43 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sweetalert2@9
cdn.jsdelivr.net/npm/ |
65 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
client.min.js
checkout-h.safe2pay.com.br/js/ |
54 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fpv2.min.js
www.atmrum.net/client/v1/atm/ |
3 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fpconfig.min.json
www.atmrum.net/conf/v1/atm/ |
191 B 494 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
trans.gif
8efbdfa97303c5d078029512692bc653.azr.footprintdns.com/apc/ |
43 B 242 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
trans.gif
8efbdfa97303c5d078029512692bc653.azr.footprintdns.com/apc/ |
43 B 81 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
trans.gif
34ab16c23701c90182328c1951db5df1.azr.footprintdns.com/apc/ |
43 B 242 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
trans.gif
34ab16c23701c90182328c1951db5df1.azr.footprintdns.com/apc/ |
43 B 81 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
trans.gif
3c3c48b49e024a53a6d7f3fd687f5efe.azr.footprintdns.com/apc/ |
43 B 242 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
trans.gif
3c3c48b49e024a53a6d7f3fd687f5efe.azr.footprintdns.com/apc/ |
43 B 81 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
r.gif
www.atmrum.net/report/v1/atm/ |
7 B 165 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
39 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| rum object| acc function| GotoPayments function| copyToClipboard object| modal object| img object| modalImg object| captionText function| tokenize function| valid_card function| setInputFilter function| validate_debit function| validate_credit function| BPMI_onReady function| BPMI_onSuccess function| BPMI_onFailure function| BPMI_onUnenrolled function| BPMI_onDisabled function| BPMI_onError function| BPMI_onUnsupportedBrand object| Footprint object| fpconfig function| $ function| jQuery function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal object| deployJava function| Detector function| murmurhash3_32_gc object| swfobject function| ClientJS function| UAParser2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .checkout-h.safe2pay.com.br/ | Name: ARRAffinity Value: 2799dab49bb52c48cc7004943cd87f1c1d596319cb12e77afeb46fa3b53aa3f9 |
|
| .checkout-h.safe2pay.com.br/ | Name: ARRAffinitySameSite Value: 2799dab49bb52c48cc7004943cd87f1c1d596319cb12e77afeb46fa3b53aa3f9 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Strict-Transport-Security | max-age=2592000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
34ab16c23701c90182328c1951db5df1.azr.footprintdns.com
3c3c48b49e024a53a6d7f3fd687f5efe.azr.footprintdns.com
8efbdfa97303c5d078029512692bc653.azr.footprintdns.com
cdn.jsdelivr.net
checkout-h.safe2pay.com.br
www.atmrum.net
20.49.104.48
204.79.197.234
2603:1000:100:5::3e
2603:1030:501:2::54
2606:4700::6810:5514
2a01:111:f100:9001::1761:9746
02c6414f1a59e9bab17e754a9cdc9780cf4c2534efa748d3c98c53ae9e5deeb7
2950bc3fd628cb8a8c6b1367f664e31353a6ff9edd99c3f2831ce548610a05b0
2a04cbb10f5e169d94821392739476b135af08651ac1cb08fd08988460baaf37
32ea28e4cc9fb2662d406bc5e859f774b58f927861c31864c33cb81aa8263aac
36544f210ff5edd44576bc2c36d22d9b98cd431748f88368ea8564726a85728d
4946fcf019e50cf850a0344e45b3a8f93d5ead5e1dade33695025ef732913af1
6ba4ea519d51dd5c981a5804b94f86ad32299a53773d919143ce8a06f17e6c98
72766f736186eb5c7c6d08502f3bf28da0092e8ea85cf3b5413c9daf8dc2d94a
76a813c2f85de9db87a78a484a724058a24ec9144e9fb2e45969445feffd4a6d
7a583a08aad077687af74f3c28d648b25453685d154d5fe29107f5e6ad64d97d
80afdcdab5af95e11f8edac404947668a91582b9799723a8d5272483a010f23d
8d35be466e15bdb06c2da2d222c52d0b17d87fdfc165f70b02fd975d6749a273
98c41785fe568b80e3b486d40414d51a6239cab73620bcc9f8ffbd02ff67019f
af95dfa62696816f0b7c3f62c7d97b6a08c3d3b488dd9a2052e265ce8512913b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c028012fa78201ad430d44be9bafd9a5d5a18f7a1c128a679b99d10cb1ac96e2
ed1b05274311028611c267e1bc18839dddfecd7a7055a212aeab5601739574ba
f3739e9ebe98017755dff36b058143e3345b9c51aa17f9c5f51d86d1f84d623e
f6818037b3ad5a73406058e61e361a17eb34c9806901e6eb4e8f542a31223689
f82624464e9e95dfae29e0e54c360aff84dda3c419fc8c3bd10ef668bbe7df9e