urlscan.io logo urlscan.io
SecurityTrails logo

oauth-hmg.liberumratings.com.br Open in urlscan Pro
2600:9000:2359:b400:17:b83:b980:93a1  Public Scan

Go To Rescan Add Verdict Report
URL: https://oauth-hmg.liberumratings.com.br/
Submission: On August 13 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 3 countries across 13 domains to perform 22 HTTP transactions. The main IP is 2600:9000:2359:b400:17:b83:b980:93a1, located in United States and belongs to AMAZON-02, US. The main domain is oauth-hmg.liberumratings.com.br.
TLS certificate: Issued by Amazon RSA 2048 M03 on August 13th 2024. Valid for: a year.
This is the only time oauth-hmg.liberumratings.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 2600:9000:235... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 104.18.80.204 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 18.238.243.33 16509 (AMAZON-02)
22 16
3    2600:9000:2359:b400:17:b83:b980:93a1 (United States)

ASN16509 (AMAZON-02, US)
oauth-hmg.liberumratings.com.br
1    2606:4700::6810:8ad1 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
4    2606:4700::6810:7574 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hubspot.com
api.hubspot.com
cta-service-cms2.hubspot.com
1    2606:4700::6812:16b7 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
1    2606:4700::6810:4c8e (United States)

ASN13335 (CLOUDFLARENET, US)
js.usemessages.com
1    2606:4700::6811:80ac (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsadspixel.net
1    2606:4700::6810:a0a8 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
1    2606:4700::6812:f16c (United States)

ASN13335 (CLOUDFLARENET, US)
api.hubapi.com
1    104.18.80.204 (None, )

ASN13335 (CLOUDFLARENET, US)
perf-na1.hsforms.com
1    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a02:26f0:480:15::213:7e63 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
1    2606:4700::6810:7674 (United States)

ASN13335 (CLOUDFLARENET, US)
track.hubspot.com
1    18.238.243.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-243-33.ams58.r.cloudfront.net
oauth-hmg.liberumratings.com.br
Apex Domain
Subdomains		 Transfer
5 hubspot.com
js.hubspot.com — Cisco Umbrella Rank: 8139
api.hubspot.com — Cisco Umbrella Rank: 9983
cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 8074
track.hubspot.com — Cisco Umbrella Rank: 5359
28 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 669
px4.ads.linkedin.com — Cisco Umbrella Rank: 7330
2 KB
4 liberumratings.com.br
oauth-hmg.liberumratings.com.br
298 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 1884
14 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
85 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
872 B
1 hsforms.com
perf-na1.hsforms.com — Cisco Umbrella Rank: 8524
928 B
1 hubapi.com
api.hubapi.com — Cisco Umbrella Rank: 7580
1 KB
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 5135
25 KB
1 hsadspixel.net
js.hsadspixel.net — Cisco Umbrella Rank: 7189
4 KB
1 usemessages.com
js.usemessages.com — Cisco Umbrella Rank: 10675
24 KB
1 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 5067
26 KB
1 hs-scripts.com
js.hs-scripts.com — Cisco Umbrella Rank: 5414
1 KB
22 13
Domain Requested by
4 oauth-hmg.liberumratings.com.br oauth-hmg.liberumratings.com.br
3 px.ads.linkedin.com 1 redirects snap.licdn.com
2 api.hubspot.com js.usemessages.com
1 track.hubspot.com
1 px4.ads.linkedin.com oauth-hmg.liberumratings.com.br
1 snap.licdn.com js.hsadspixel.net
1 www.googletagmanager.com js.hsadspixel.net
1 fonts.googleapis.com oauth-hmg.liberumratings.com.br
1 perf-na1.hsforms.com oauth-hmg.liberumratings.com.br
1 api.hubapi.com js.hsadspixel.net
1 cta-service-cms2.hubspot.com js.hubspot.com
1 js.hs-analytics.net js.hs-scripts.com
1 js.hsadspixel.net js.hs-scripts.com
1 js.usemessages.com js.hs-scripts.com
1 js.hs-banner.com js.hs-scripts.com
1 js.hubspot.com js.hs-scripts.com
1 js.hs-scripts.com oauth-hmg.liberumratings.com.br
22 17

This site contains no links.

Subject Issuer Validity Valid
oauth-hmg.liberumratings.com.br
Amazon RSA 2048 M03		 2024-08-13 -
2025-09-11		 a year crt.sh
hs-scripts.com
WE1		 2024-07-29 -
2024-10-27		 3 months crt.sh
hubspot.com
Cloudflare Inc ECC CA-3		 2024-01-06 -
2024-12-31		 a year crt.sh
hs-banner.com
WE1		 2024-07-27 -
2024-10-25		 3 months crt.sh
usemessages.com
WE1		 2024-08-08 -
2024-11-06		 3 months crt.sh
hsadspixel.net
WE1		 2024-08-12 -
2024-11-10		 3 months crt.sh
hs-analytics.net
WE1		 2024-08-09 -
2024-11-07		 3 months crt.sh
hubapi.com
E6		 2024-07-02 -
2024-09-30		 3 months crt.sh
hsforms.com
WE1		 2024-08-12 -
2024-11-10		 3 months crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-12-13 -
2024-12-12		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2024-07-01 -
2025-01-01		 6 months crt.sh

This page contains 1 frames:

Primary Page: https://oauth-hmg.liberumratings.com.br/
Frame ID: 150E925EEAD1D4517BFD6E6C27C98604
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Liberum Ratings

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

22
Requests

95 %
HTTPS

81 %
IPv6

13
Domains

17
Subdomains

16
IPs

3
Countries

509 kB
Transfer

2044 kB
Size

12
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=6284273&time=1723588307613&url=https%3A%2F%2Foauth-hmg.liberumratings.com.br%2F HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6284273&time=1723588307613&url=https%3A%2F%2Foauth-hmg.liberumratings.com.br%2F&e_ipv6=AQKO6Yx-4bWF6wAAAZFN3msC0rlpMfO8_S1BwiPwuSK_UfcjnI_6qasIKBEeS45ktg

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
oauth-hmg.liberumratings.com.br/ 		703 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://oauth-hmg.liberumratings.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2359:b400:17:b83:b980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b18bdfb6d115c12c90927f7a6ba32997639e321aeea668227f61f1d8d23ff241

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
45969
alt-svc
h3=":443"; ma=86400
cache-control
max-age=86400
content-length
703
content-type
text/html
date
Tue, 13 Aug 2024 09:45:37 GMT
etag
"f94ef98f68dac4f0178a8299e4c65abc"
last-modified
Wed, 29 May 2024 13:33:45 GMT
server
AmazonS3
via
1.1 192147d605f496db0417cf30a0012092.cloudfront.net (CloudFront)
x-amz-cf-id
5BrgseL0uSRykW6iFa1BVtbYZSuGW4ZT14kZ6KEyASUcdF3CVIsxRw==
x-amz-cf-pop
FRA60-P10
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
24442932.js
js.hs-scripts.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/24442932.js
Requested by
Host: oauth-hmg.liberumratings.com.br
URL: https://oauth-hmg.liberumratings.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
667fadb699684e5c8c8179ec9772aa94f68f3e6a315e768a27e437a6cd33e956
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://oauth-hmg.liberumratings.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 22:31:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
fb487d18-8e6c-42c0-9b31-783b1a052a11
x-envoy-upstream-service-time
28
content-length
669
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
fb487d18-8e6c-42c0-9b31-783b1a052a11
last-modified
Tue, 13 Aug 2024 22:31:46 GMT
server
cloudflare
vary
origin, Accept-Encoding
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://oauth-hmg.liberumratings.com.br
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-78c8468c8b-lsv26
access-control-allow-credentials
true
cache-control
public, max-age=90
accept-ranges
bytes
cf-ray
8b2c28444b436921-FRA
expires
Tue, 13 Aug 2024 22:33:16 GMT
index-fed08a0d.js
oauth-hmg.liberumratings.com.br/assets/ 		1006 KB
234 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oauth-hmg.liberumratings.com.br/assets/index-fed08a0d.js
Requested by
Host: oauth-hmg.liberumratings.com.br
URL: https://oauth-hmg.liberumratings.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2359:b400:17:b83:b980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5ba1ece295fec29546c59fb336083bef24b658cfac7a23f195f668cec0abc89d

Request headers

Referer
https://oauth-hmg.liberumratings.com.br/
Origin
https://oauth-hmg.liberumratings.com.br
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 22:31:47 GMT
content-encoding
br
via
1.1 192147d605f496db0417cf30a0012092.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P10
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 29 May 2024 13:33:45 GMT
server
AmazonS3
etag
W/"85fdd31f1ea7c127184492f4a553241c"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-id
K4FCumKGNQnz5GpUCb7fZGGj5EgbL8euKxGLsclmdVuFynB7boVeiQ==
index-62b1185e.css
oauth-hmg.liberumratings.com.br/assets/ 		442 KB
62 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://oauth-hmg.liberumratings.com.br/assets/index-62b1185e.css
Requested by
Host: oauth-hmg.liberumratings.com.br
URL: https://oauth-hmg.liberumratings.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2359:b400:17:b83:b980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
62b1185e2d81a92fb0e3b17917131c689d9a02ee5817890318abda9dd0175590

Request headers

Referer
https://oauth-hmg.liberumratings.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 22:31:47 GMT
content-encoding
br
via
1.1 192147d605f496db0417cf30a0012092.cloudfront.net (CloudFront)
last-modified
Wed, 29 May 2024 13:33:45 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P10
etag
W/"ca88f3539c1b3bf4dd82a019a2d767a0"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
cache-control
max-age=86400
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
SkfbOrowqXMc6ForvP7dwPU1IgLgpnMBh_0TbtacKuBLb5AKNAc1uA==
web-interactives-embed.js
js.hubspot.com/ 		83 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hubspot.com/web-interactives-embed.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/24442932.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a58fb4ba57e791839c580c3ab186ee45d39e5558c62fa910a531e2225be9331
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://oauth-hmg.liberumratings.com.br/
Origin
https://oauth-hmg.liberumratings.com.br
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.1347/bundles/project.js&cfRay=8b2c28458a81973b-OTP
x-amz-replication-status
COMPLETED
x-evy-trace-listener
listener_https
etag
W/"d5eb842cb627d3498b8eea8cb51bd4ba"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
cache-control
max-age=600
x-hs-target-asset
web-interactives-embed/static-2.1347/bundles/project.js
date
Tue, 13 Aug 2024 22:31:47 GMT
x-amz-version-id
qlSsOogDzDfjHYWqoRnPM3MeITU5eHaq
x-content-type-options
nosniff
cf-cache-status
MISS
via
1.1 36b04143ac1626bb30bb225fb2cccb1e.cloudfront.net (CloudFront)
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
IAD12-P3
x-hubspot-correlation-id
ccb0269d-a162-4c85-aa49-286aee158a7e
x-cache
Miss from cloudfront
cache-tag
staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
43
x-evy-trace-route-configuration
listener_https/all
x-request-id
ccb0269d-a162-4c85-aa49-286aee158a7e
last-modified
Tue, 13 Aug 2024 14:43:57 UTC
server
cloudflare
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K%2FUxvabNuVzC0Nm3drMbH0f8KhJfjsl6rmKhnpcut8khpMsjz6BtUWDCCROOtvp9mHuu7RgChwyNyvc4wlquw%2FRjT3tYLAurW3I76uD7Ccoi4NDooBHNSVG2IEyc1XC78ma1Ys93bWEVUsFi"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status
MISS
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-5f4dcb8bc8-rx7hx
cf-ray
8b2c28458a81973b-FRA
x-amz-cf-id
ph6l6wILS6P8D_gvvcYY-3qe8jubqYm70zl4Pl2AJAdQdCgmrh7yVg==
banner.js
js.hs-banner.com/v2/24442932/ 		71 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/v2/24442932/banner.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/24442932.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cff03237549cb27a0186388a1efba3ae8247cc3548d67775c22b46ea54d841eb

Request headers

Referer
https://oauth-hmg.liberumratings.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 22:31:47 GMT
x-amz-version-id
FvOftpKJ5rLtBT9ViHyq9T1upLEAPwxt
content-encoding
gzip
cf-cache-status
REVALIDATED
x-amz-request-id
BKMEM405VCRNT191
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
8deeaa96-e364-4721-8c81-095ffb2985b3
x-envoy-upstream-service-time
94
x-amz-id-2
1WD1XHr2oca+kGHPevUensUISvr2rczZoJVGD4ZDkzIcpZw8zU7ETzGxB8pY3+AT3yX+Tq70nWw76GDwI4jUP+vLu/CUXNiL
x-evy-trace-listener
listener_https
x-request-id
8deeaa96-e364-4721-8c81-095ffb2985b3
x-evy-trace-route-configuration
listener_https/all
last-modified
Fri, 24 May 2024 23:19:41 GMT
server
cloudflare
etag
W/"8a3d6759b715b0315dfba6c5fb757251"
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://www.liberumratings.com.br
x-evy-trace-virtual-host
all
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300,public
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-6895b58fd6-k5ntq
vary
origin, Accept-Encoding
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
8b2c28458e0e916b-FRA
expires
Tue, 13 Aug 2024 22:36:47 GMT
conversations-embed.js
js.usemessages.com/ 		85 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.usemessages.com/conversations-embed.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/24442932.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4c8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5851f452c84c23a6d62355952f06158b17d6bb50c5602a20526e8e09b942ebae
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://oauth-hmg.liberumratings.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 22:31:46 GMT
content-encoding
gzip
via
1.1 3d4bfc42e9575ee1f9559241c9e3f464.cloudfront.net (CloudFront)
x-amz-version-id
xW7W6ewDxJ68oDQ9raUMHv5aWqmxQ.It
cf-cache-status
HIT
x-content-type-options
nosniff
x-amz-cf-pop
IAD12-P3
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
74976613-834b-4d3c-81c4-3673542f6a34
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.17476/bundles/project.js&cfRay=8b2c202c4fcf5bf1-FRA
x-cache
Hit from cloudfront
cache-tag
staticjsapp-conversations-embed-web-prod,staticjsapp-prod
age
331
x-envoy-upstream-service-time
0
x-amz-replication-status
COMPLETED
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
74976613-834b-4d3c-81c4-3673542f6a34
last-modified
Mon, 12 Aug 2024 14:52:57 UTC
server
cloudflare
etag
W/"b8ba1a3f2ee06e25a24f84e8b88da9b1"
vary
accept-encoding
content-type
application/javascript; charset=utf-8
x-hs-cache-status
HIT
x-evy-trace-virtual-host
all
cache-control
max-age=600
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-5f4dcb8bc8-td246
cf-ray
8b2c2845992f3686-FRA
x-amz-cf-id
HZuaTvESVjxD8qlKUMu-k2eVhL0rOlK0tBbnpyOpA1mVUAYpFoQNKQ==
x-hs-target-asset
conversations-embed/static-1.17476/bundles/project.js
fb.js
js.hsadspixel.net/ 		6 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsadspixel.net/fb.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/24442932.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:80ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e1b1a37caa8b7627123aeb0e23ad3a2ac14d4ad48be7aabb2ca7ca9da218ef5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://oauth-hmg.liberumratings.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 22:31:46 GMT
content-encoding
gzip
via
1.1 05133180bbd1649d4b8f97441bf305e8.cloudfront.net (CloudFront)
x-amz-version-id
UIOsIr3qFS9r3wFn4ECf3yNr1.R8N2aA
cf-cache-status
HIT
x-content-type-options
nosniff
x-amz-cf-pop
IAD12-P3
age
48
x-amz-server-side-encryption
AES256
x-evy-trace-route-service-name
envoyset-translator
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.572/bundles/pixels-release.js&cfRay=8b2c27157bcb1e30-FRA
x-cache
Hit from cloudfront
x-hubspot-correlation-id
8303fdf2-8c9d-42e5-905c-9de9bd0d5000
cache-tag
staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
0
x-amz-replication-status
COMPLETED
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
8303fdf2-8c9d-42e5-905c-9de9bd0d5000
last-modified
Tue, 06 Aug 2024 19:11:03 UTC
server
cloudflare
etag
W/"45a803cc17701ff8c7710294960c14c7"
vary
accept-encoding
content-type
application/javascript; charset=utf-8
x-hs-cache-status
HIT
x-evy-trace-virtual-host
all
cache-control
max-age=600
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-5f4dcb8bc8-sw27x
cf-ray
8b2c28458dfb4d9d-FRA
x-amz-cf-id
f-yqHba3nVHVJyTN4j3V5a_fokxSpi6uZMui-MqzqcvZPh1ZIR1sEg==
x-hs-target-asset
adsscriptloaderstatic/static-1.572/bundles/pixels-release.js
24442932.js
js.hs-analytics.net/analytics/1723588200000/ 		68 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1723588200000/24442932.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/24442932.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a0a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
402288cd454c5ea699694a2fcfe994459fb206db27924b627488e06af5bf17b2

Request headers

Referer
https://oauth-hmg.liberumratings.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 22:31:47 GMT
x-amz-version-id
null
content-encoding
gzip
cf-cache-status
MISS
x-amz-request-id
6D5XMMXWTWH5PSTT
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
dec504d6-370d-4461-919f-94b22cb255b3
x-envoy-upstream-service-time
63
x-amz-id-2
zWOndIM2e6IX3cU1DPOHn8KOyi7qAC1Fe/ZpDJt0tG9j4hfFQdVgiRcLWuawmk/f+SepL3f/sWc+o0UOf9x9X4nUgcH1z9v+
x-evy-trace-listener
listener_https
x-request-id
dec504d6-370d-4461-919f-94b22cb255b3
x-evy-trace-route-configuration
listener_https/all
last-modified
Sat, 03 Aug 2024 00:57:30 GMT
server
cloudflare
etag
W/"baccff013bafa053c0a6085170f8c349"
vary
origin, Accept-Encoding
content-type
text/javascript
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-6895b58fd6-wgwsj
cache-control
max-age=300,public
access-control-allow-credentials
false
cf-ray
8b2c28458ab035f0-FRA
expires
Tue, 13 Aug 2024 22:36:46 GMT
public
api.hubspot.com/livechat-public/v1/message/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=24442932&conversations-embed=static-1.17476&mobile=false&messagesUtk=cb31f79366384c74842e3bc302f1ea14&traceId=cb31f79366384c74842e3bc302f1ea14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
x-hubspot-messages-uri
Access-Control-Request-Method
GET
Origin
https://oauth-hmg.liberumratings.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
false
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin
https://oauth-hmg.liberumratings.com.br
allow
HEAD,GET,OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8b2c2845dab8973b-FRA
content-length
18
content-type
text/plain; charset=utf-8
date
Tue, 13 Aug 2024 22:31:46 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TTgWoGXDbUTqNhySPKTgFOyEmsr4kdZFHL%2B4w0xik7y1n6MaetRvJCzZLf25FAPRTxJzQ74Lpzy1%2FDEtPVSPR%2B9gxtBaKxhD1AmYF%2FxBZV1P41K%2B86DpA1agu9FQoRKSCOvY76AaX9EBCLyjlg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
origin, Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
6
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-78c8468c8b-shcfl
x-evy-trace-virtual-host
all
x-hubspot-correlation-id
5066616e-c57f-4ea6-9a3e-0b1053cbd351
x-request-id
5066616e-c57f-4ea6-9a3e-0b1053cbd351
public
api.hubspot.com/livechat-public/v1/message/ 		275 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=24442932&conversations-embed=static-1.17476&mobile=false&messagesUtk=cb31f79366384c74842e3bc302f1ea14&traceId=cb31f79366384c74842e3bc302f1ea14
Requested by
Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cc4e24c84deac82e3fc2da7d7a0efa25150b0d2c1e62314ec770a6633a1fbee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://oauth-hmg.liberumratings.com.br/
X-HubSpot-Messages-Uri
https://oauth-hmg.liberumratings.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 22:31:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
4f39cdba-17cb-47d2-8780-1fae2c8fdede
x-envoy-upstream-service-time
11
content-length
218
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
4f39cdba-17cb-47d2-8780-1fae2c8fdede
server
cloudflare
vary
origin, Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://oauth-hmg.liberumratings.com.br
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-78c8468c8b-9d6fc
cache-control
no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials
false
x-evy-trace-virtual-host
all
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lZSEQq6odOpqKKTRph%2BaNwX%2BDQjfUoPhqQHSP9P2efF1%2Bqa5cCGGVRUzwYwD6bQrLr1Lg4ZOiANmMRYWkzyjNud44WU2CkxxckncC6omKMk4h7wZDIE7gmFYTgbQxMeioesI%2BQZg7GF3sRLE7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8b2c2846abe1973b-FRA
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
combinedConfigs
cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/ 		95 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=24442932&currentUrl=https%3A%2F%2Foauth-hmg.liberumratings.com.br%2F
Requested by
Host: js.hubspot.com
URL: https://js.hubspot.com/web-interactives-embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f212e942ac33fd93669f03a55e2c0192224cdb6870b376fac8d3c5255cd01225
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://oauth-hmg.liberumratings.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 22:31:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
d887b7f8-9e13-4ac6-a73f-5fc0dc64b6aa
content-encoding
br
x-envoy-upstream-service-time
7
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
d887b7f8-9e13-4ac6-a73f-5fc0dc64b6aa
server
cloudflare
vary
origin
access-control-allow-methods
OPTIONS, GET
content-type
application/json;charset=utf-8
access-control-allow-origin
https://oauth-hmg.liberumratings.com.br
x-evy-trace-virtual-host
all
access-control-max-age
180
access-control-allow-credentials
true
cache-control
max-age=0, no-cache, no-store
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FnDRVAis2O%2FfRS%2B1m7n2ZgWAcJHXMt9A%2Fc0uKRAtHbp27T%2BGfGRjL0FuDBtDmbWKnoQ3vynUuqdFem7T9BwpQLdW5Qhv%2Bgl4bcbNe79WRA%2BXDZSt7TFnAf4UFg48a7j3LMHP5LJNzwD2bXAFwYDs03qoNSIYJTzbLis%3D"}],"group":"cf-nel","max_age":604800}
x-robots-tag
noindex, follow
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray
8b2c28471c63973b-FRA
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-ffbf7bf5c-sr68g
json
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 		180 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=24442932
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f16c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10fbb104eef87f106425521ac6d335b1ecedbf37283d9ac638bbfa43704ba532
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://oauth-hmg.liberumratings.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 22:31:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
711a86cb-3d74-48c6-98ad-ee65d0903c7c
content-encoding
br
x-envoy-upstream-service-time
11
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
711a86cb-3d74-48c6-98ad-ee65d0903c7c
server
cloudflare
vary
origin, Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://oauth-hmg.liberumratings.com.br
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-78c8468c8b-n4nkw
access-control-max-age
180
access-control-allow-credentials
false
x-evy-trace-virtual-host
all
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IIwsFq302IyaEhwYNejU184t6W1AAzpqbb%2FgOkNtXAiPlryEVPcm4VoIuDYCoT%2FDnU2pWzmX3RPpqUKEEtohmnfiYTtB6nBCoDPA8J6Uqyw%2F9IR3Gipc%2BgI9EeLjwdczeziee6S17qF0a6zr"}],"group":"cf-nel","max_age":604800}
cf-ray
8b2c28481ff44d7c-FRA
access-control-allow-headers
*
counters.gif
perf-na1.hsforms.com/embed/v3/ 		35 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1
Requested by
Host: oauth-hmg.liberumratings.com.br
URL: https://oauth-hmg.liberumratings.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://oauth-hmg.liberumratings.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 22:31:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
bf795776-490e-4026-aaad-752dd5e349ac
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=86400
content-length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
bf795776-490e-4026-aaad-752dd5e349ac
last-modified
Tue, 13 Aug 2024 22:31:47 GMT
server
cloudflare
vary
origin, Accept-Encoding
content-type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-ffbf7bf5c-txpvk
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
accept-ranges
bytes
x-robots-tag
none
cf-ray
8b2c28481b4239c7-FRA
css2
fonts.googleapis.com/ 		2 KB
872 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Titillium+Web:wght@400;600;700&display=swap
Requested by
Host: oauth-hmg.liberumratings.com.br
URL: https://oauth-hmg.liberumratings.com.br/assets/index-62b1185e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6884674b81f68b9f37fc3c18cfaf83441f7f12b7789ee690b8762ba23689dea6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://oauth-hmg.liberumratings.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 13 Aug 2024 22:31:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 13 Aug 2024 22:31:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 13 Aug 2024 22:31:47 GMT
js
www.googletagmanager.com/gtag/ 		236 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-388638300
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
221c30895b821f26e35843ece60f6d3ac7c60e7df1cda4a9aa0bb39908ac69a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://oauth-hmg.liberumratings.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 22:31:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
86174
x-xss-protection
0
last-modified
Tue, 13 Aug 2024 21:59:01 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 13 Aug 2024 22:31:47 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:15::213:7e63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
edd5487f216469726314ae2b829b221d70e2a02674477e3c8f69a0d5f0b1ea49
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://oauth-hmg.liberumratings.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 22:31:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2024 05:33:09 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=24252
accept-ranges
bytes
content-length
14597
attribution_trigger
px.ads.linkedin.com/ 		2 B
814 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/attribution_trigger?pid=6284273&time=1723588307613&url=https%3A%2F%2Foauth-hmg.liberumratings.com.br%2F
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept
*
Referer
https://oauth-hmg.liberumratings.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 22:31:47 GMT
content-encoding
gzip
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 0D8575C91FAB4319AE0709C546AC3CD1 Ref B: DUS30EDGE0409 Ref C: 2024-08-13T22:31:47Z
access-control-allow-methods
GET, OPTIONS
x-li-fabric
prod-lva1
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
content-type
application/json
x-li-proto
http/2
x-restli-protocol-version
1.0.0
access-control-allow-headers
*
x-li-uuid
AAYfmCzRxUIo28W8JlAqnQ==
x-fs-uuid
00061f982cd1c54228dbc5bc26502a9d
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=6284273&time=1723588307613&url=https%3A%2F%2Foauth-hmg.liberumratings.com.br%2F
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6284273&time=1723588307613&url=https%3A%2F%2Foauth-hmg.liberumratings.com.br%2F&e_ipv6=AQKO6Yx-4bWF6wAAAZFN3msC0rlpMfO8_S1BwiPwuSK_UfcjnI_6qasIKB...
0
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6284273&time=1723588307613&url=https%3A%2F%2Foauth-hmg.liberumratings.com.br%2F&e_ipv6=AQKO6Yx-4bWF6wAAAZFN3msC0rlpMfO8_S1BwiPwuSK_UfcjnI_6qasIKBEeS45ktg
Requested by
Host: oauth-hmg.liberumratings.com.br
URL: https://oauth-hmg.liberumratings.com.br/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://oauth-hmg.liberumratings.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 22:31:47 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: EBE4869323534DBF82C5DE7776E96413 Ref B: DUS30EDGE0813 Ref C: 2024-08-13T22:31:47Z
linkedin-action
1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
content-type
application/javascript
x-li-fabric
prod-ltx1
x-cache
CONFIG_NOCACHE
x-li-proto
http/2
content-length
0
x-li-uuid
AAYfmCzUnTacktYpV3D/1w==

Redirect headers

date
Tue, 13 Aug 2024 22:31:47 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: CED042DBCE7747C2A7B8AD9FB8A1DC79 Ref B: FRAEDGE1420 Ref C: 2024-08-13T22:31:47Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6284273&time=1723588307613&url=https%3A%2F%2Foauth-hmg.liberumratings.com.br%2F&e_ipv6=AQKO6Yx-4bWF6wAAAZFN3msC0rlpMfO8_S1BwiPwuSK_UfcjnI_6qasIKBEeS45ktg
x-li-proto
http/2
content-length
0
x-li-uuid
AAYfmCzR5l8R0/HlJUjDpQ==
/
px.ads.linkedin.com/wa/ 		0
422 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*
Referer
https://oauth-hmg.liberumratings.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 13 Aug 2024 22:31:47 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 40B80C9D9F7844B3968DDE27F5BC1FAF Ref B: FRAEDGE1420 Ref C: 2024-08-13T22:31:47Z
linkedin-action
1
vary
Origin
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-ltx1
access-control-allow-origin
https://oauth-hmg.liberumratings.com.br
x-cache
CONFIG_NOCACHE
x-li-proto
http/2
access-control-allow-credentials
true
x-li-uuid
AAYfmCzW/ZrbknwqsdsJig==
__ptq.gif
track.hubspot.com/ 		45 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=1240600147&v=1.1&a=24442932&pu=https%3A%2F%2Foauth-hmg.liberumratings.com.br%2F&t=Liberum+Ratings&cts=1723588307973&vi=dec2cce6d643c5b22852199f66cc4e51&nc=true&u=228731011.dec2cce6d643c5b22852199f66cc4e51.1723588307971.1723588307971.1723588307971.1&b=228731011.1.1723588307971&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://oauth-hmg.liberumratings.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 22:31:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
60a34fba-2c8f-4ab3-9b74-1818c7a3a159
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
5
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
60a34fba-2c8f-4ab3-9b74-1818c7a3a159
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9KMU8OoYD5jzDyuInZHYqAaKZqAQ6gCJz82tejLllrf4I%2FSECUK6Ejg1KhCq22t7lvkcy6FBNHZn85B9f5QZT8GxZg8oYsT91JdPI6J1R9Vu5q6eHb6zEHi0QNwE%2FjPT3DjE8SMMTnSqa9wsW%2Bn%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-7bf556f6f-df5pc
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
8b2c284cf9fd9f1f-FRA
x-robots-tag
none
favicon-50689d9b.svg
oauth-hmg.liberumratings.com.br/assets/ 		1 KB
956 B 		Other
General
Check archive.org
Download Go to
Full URL
https://oauth-hmg.liberumratings.com.br/assets/favicon-50689d9b.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.238.243.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-243-33.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
50689d9bd02d109f4f363c07524398228b4187f84840aed68a7776b27c2de2b0

Request headers

Referer
https://oauth-hmg.liberumratings.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 22:31:49 GMT
content-encoding
br
via
1.1 645f72cdd7b73d139609aec0ade6f5f8.cloudfront.net (CloudFront)
last-modified
Wed, 29 May 2024 13:33:44 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P1
etag
W/"dfc5388af1985c91a317e4a085efdbd1"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
max-age=86400
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
g3WiksvRbf-efmIfFM4U2stKE-xx0QacGylg1RFmEE9lqfdzv5NvDQ==

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| global object| _hsp boolean| PIXELS_RAN object| enabledEventSettings object| _hsq boolean| hubspot_live_messages_running object| HubSpotConversations object| _paq function| sanitizeKey boolean| _hstc_loaded object| hsCtasOnReady object| __PRIVATE__HubspotCtaClient object| hsCallsToActionsReady object| __hsWebInteractiveInstance object| HubSpotCallsToActions boolean| hubspot_web_interactives_running object| hsCookieBanner boolean| _hspb_loaded boolean| _hspb_ran object| dataLayer object| _linkedin_data_partner_ids function| lintrk boolean| _already_called_lintrk object| google_tag_manager object| google_tag_data object| ORIBILI boolean| _hstc_ran string| __hsUserToken number| expireDateTime

12 Cookies

Domain/Path Name / Value
.hsforms.com/ Name: __cf_bm
Value: zmx__IucAT07wIhaSYEwuRIZ9NcLBlcWPOYu45vF7dM-1723588307-1.0.1.1-reH5GnRAAbr3n.6fT4_ih7dSsWZmT81V76PZmCqInkYD6QTdGd.RFPW6NbVP9E5rp8PPO7_aF3M5jt_TYT8zAA
.hsforms.com/ Name: _cfuvid
Value: 9xtasy7QrkaPahQ13q0Fy0lCzMcZYKRYDVrhlNPMUfk-1723588307366-0.0.1.1-604800000
.liberumratings.com.br/ Name: _gcl_au
Value: 1.1.1157604342.1723588308
.linkedin.com/ Name: bcookie
Value: "v=2&8bcfe33b-c5ae-4597-88be-c1c0ba12542f"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MjM1ODgzMDc7MjswMjFFicifLhOyuLPQiK/28psmx8fKY7R4mnMx94+xrTV1hw==
.linkedin.com/ Name: lidc
Value: "b=TGST07:s=T:r=T:a=T:p=T:g=2909:u=1:x=1:i=1723588307:t=1723674707:v=2:sig=AQH0wUkRo-60J8erjD1O-t9_NDmfyP3L"
.liberumratings.com.br/ Name: __hstc
Value: 228731011.dec2cce6d643c5b22852199f66cc4e51.1723588307971.1723588307971.1723588307971.1
.liberumratings.com.br/ Name: hubspotutk
Value: dec2cce6d643c5b22852199f66cc4e51
.liberumratings.com.br/ Name: __hssrc
Value: 1
.liberumratings.com.br/ Name: __hssc
Value: 228731011.1.1723588307971
.hubspot.com/ Name: __cf_bm
Value: gr26UAYlnyrKzhzCIuxK2GD1kSCDpz44t.KWXSdDskk-1723588308-1.0.1.1-CLlHI5HW8dCHz8mo0UvW8zPtyaRP9huidMoQoY89a0jnmFVOpx1Xta.N40ek_KZepya72X506Fl.yplDAMc9jA
.hubspot.com/ Name: _cfuvid
Value: uUbqJZmNvJohGbygiXrg7MuthHCy03rVgzjLW6JLtfs-1723588308110-0.0.1.1-604800000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubapi.com
api.hubspot.com
cta-service-cms2.hubspot.com
fonts.googleapis.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hubspot.com
js.usemessages.com
oauth-hmg.liberumratings.com.br
perf-na1.hsforms.com
px.ads.linkedin.com
px4.ads.linkedin.com
snap.licdn.com
track.hubspot.com
www.googletagmanager.com
104.18.80.204
13.107.42.14
18.238.243.33
2600:9000:2359:b400:17:b83:b980:93a1
2606:4700::6810:4c8e
2606:4700::6810:7574
2606:4700::6810:7674
2606:4700::6810:8ad1
2606:4700::6810:a0a8
2606:4700::6811:80ac
2606:4700::6812:16b7
2606:4700::6812:f16c
2620:1ec:21::14
2a00:1450:4001:80b::2008
2a00:1450:4001:810::200a
2a02:26f0:480:15::213:7e63
10fbb104eef87f106425521ac6d335b1ecedbf37283d9ac638bbfa43704ba532
221c30895b821f26e35843ece60f6d3ac7c60e7df1cda4a9aa0bb39908ac69a3
2a58fb4ba57e791839c580c3ab186ee45d39e5558c62fa910a531e2225be9331
402288cd454c5ea699694a2fcfe994459fb206db27924b627488e06af5bf17b2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
50689d9bd02d109f4f363c07524398228b4187f84840aed68a7776b27c2de2b0
5851f452c84c23a6d62355952f06158b17d6bb50c5602a20526e8e09b942ebae
5ba1ece295fec29546c59fb336083bef24b658cfac7a23f195f668cec0abc89d
62b1185e2d81a92fb0e3b17917131c689d9a02ee5817890318abda9dd0175590
667fadb699684e5c8c8179ec9772aa94f68f3e6a315e768a27e437a6cd33e956
6884674b81f68b9f37fc3c18cfaf83441f7f12b7789ee690b8762ba23689dea6
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
8e1b1a37caa8b7627123aeb0e23ad3a2ac14d4ad48be7aabb2ca7ca9da218ef5
9cc4e24c84deac82e3fc2da7d7a0efa25150b0d2c1e62314ec770a6633a1fbee
b18bdfb6d115c12c90927f7a6ba32997639e321aeea668227f61f1d8d23ff241
cff03237549cb27a0186388a1efba3ae8247cc3548d67775c22b46ea54d841eb
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
edd5487f216469726314ae2b829b221d70e2a02674477e3c8f69a0d5f0b1ea49
f212e942ac33fd93669f03a55e2c0192224cdb6870b376fac8d3c5255cd01225