correctorstopi.xyz Open in urlscan Pro
192.187.104.194 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.ekotypipave.xpg.com.br/
Effective URL:
http://correctorstopi.xyz/binary/index.php
Submission: On September 20 via manual (September 20th 2018, 6:33:07 pm UTC) from US

Summary HTTP 23 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 8 domains to perform 23 HTTP transactions. The main IP is 192.187.104.194, located in Kansas City, United States and belongs to NOCIX - DataShack, LC, US. The main domain is correctorstopi.xyz.

This is the only time correctorstopi.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	187.17.123.240 187.17.123.240	7162 (Universo ...) (Universo Online S.A.)
1	187.17.123.245 187.17.123.245	7162 (Universo ...) (Universo Online S.A.)
1	2400:cb00:204... 2400:cb00:2048:1::681f:44cb	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 2	2a00:1450:400... 2a00:1450:4001:816::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2600:9000:200... 2600:9000:200c:fa00:6:9eb2:5cc0:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	192.187.104.194 192.187.104.194	33387 (NOCIX) (NOCIX - DataShack)
1	2a00:1450:400... 2a00:1450:400c:c0b::9d	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2400:cb00:204... 2400:cb00:2048:1::681f:45cb	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2400:cb00:204... 2400:cb00:2048:1::681b:b127	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
23	10

2 187.17.123.240 (Brazil)

ASN7162 (Universo Online S.A., BR)
PTR: 187-17-123-240.static.xpg.net.br

www.ekotypipave.xpg.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 187.17.123.245 (Brazil)

ASN7162 (Universo Online S.A., BR)
PTR: 187-17-123-245.static.xpg.net.br

js.xpg.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:cb00:2048:1::681f:44cb (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

static.fulfilling.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:816::200e (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:200c:fa00:6:9eb2:5cc0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

tm.jsuol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.187.104.194 (Kansas City, United States)

ASN33387 (NOCIX - DataShack, LC, US)
PTR: coreluarded.com

correctorstopi.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9d (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2400:cb00:2048:1::681f:45cb (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

api.fulfilling.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.fulfilling.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:cb00:2048:1::681b:b127 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

ga.ffid.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	correctorstopi.xyz correctorstopi.xyz	87 KB
3	fulfilling.io static.fulfilling.io api.fulfilling.io	3 KB
3	xpg.com.br www.ekotypipave.xpg.com.br js.xpg.com.br categoria.jovem.js.xpg.com.br Failed	59 KB
2	jsuol.com.br tm.jsuol.com.br me.jsuol.com.br Failed	23 KB
2	google-analytics.com 1 redirects www.google-analytics.com	16 KB
1	ffid.io ga.ffid.io
1	doubleclick.net stats.g.doubleclick.net	102 B
0	uol.com.br Failed tm.uol.com.br Failed tracker.bt.uol.com.br Failed
23	8

	Domain	Requested by
3	correctorstopi.xyz	www.ekotypipave.xpg.com.br correctorstopi.xyz
2	tm.jsuol.com.br	js.xpg.com.br tm.jsuol.com.br
2	www.google-analytics.com	1 redirects www.ekotypipave.xpg.com.br
2	static.fulfilling.io	js.xpg.com.br api.fulfilling.io
2	www.ekotypipave.xpg.com.br	www.ekotypipave.xpg.com.br
1	ga.ffid.io	static.fulfilling.io
1	api.fulfilling.io	static.fulfilling.io
1	stats.g.doubleclick.net
1	js.xpg.com.br	www.ekotypipave.xpg.com.br
0	tracker.bt.uol.com.br Failed	www.ekotypipave.xpg.com.br
0	tm.uol.com.br Failed	tm.jsuol.com.br www.ekotypipave.xpg.com.br
0	categoria.jovem.js.xpg.com.br Failed	www.ekotypipave.xpg.com.br
0	me.jsuol.com.br Failed	js.xpg.com.br tm.jsuol.com.br
23	13

This site contains links to these domains. Also see Links.

Domain
affiliate.iqoption.com

Subject Issuer	Validity	Valid
*.google-analytics.com Google Internet Authority G3	`2018-08-28` - `2018-11-20`	3 months	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2018-09-04` - `2018-11-27`	3 months	crt.sh
sni147692.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-09-14` - `2019-03-23`	6 months	crt.sh

This page contains 6 frames:

Primary Page: http://correctorstopi.xyz/binary/index.php
Frame ID: 98F7E4F0628FBEA226630EBC727A25F5
Requests: 18 HTTP requests in this frame

Frame: https://ga.ffid.io/index.html
Frame ID: 004FDE7EEBE2558F9218B23BDCFCA642
Requests: 1 HTTP requests in this frame

Frame: https://static.fulfilling.io/stickybar.html
Frame ID: 9602ACB8F44446CD43FFC13571064BC9
Requests: 1 HTTP requests in this frame

Frame: https://tm.uol.com.br/mercurio.html
Frame ID: 2D3FBFA71FE9B8AEB9C2A0B58834C550
Requests: 1 HTTP requests in this frame

Frame: https://tm.uol.com.br/purge-clients.html?name=DEretargeting&expname=DEretargetingExp&expdomain=1
Frame ID: B047B72940936DB75327B7F6E25C2A30
Requests: 1 HTTP requests in this frame

Frame: https://tm.uol.com.br/purge-clients.html?name=dynad_rt&expname=dynad_rt_exp&expdomain=1
Frame ID: B68776F5945D5F334AC59231A4D72873
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.ekotypipave.xpg.com.br/ Page URL
http://correctorstopi.xyz/binary/index.php Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

23
Requests

22 %
HTTPS

67 %
IPv6

8
Domains

13
Subdomains

10
IPs

3
Countries

188 kB
Transfer

280 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://affiliate.iqoption.com/redir/?aff=37608

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.ekotypipave.xpg.com.br/ Page URL
http://correctorstopi.xyz/binary/index.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 8

http://www.google-analytics.com/r/collect?v=1&_v=j69&a=1847656075&t=pageview&_s=1&dl=http%3A%2F%2Fwww.ekotypipave.xpg.com.br%2F&ul=en-us&de=UTF-8&dt=itau%20mobile%20broker%20android%20forums&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=331566196&gjid=495127221&cid=1488166083.1537468377&tid=UA-69710503-1&_gid=143927296.1537468377&_r=1&cd1=ekotypipave&cd2=Html&cd3=Jovem&z=1453745400 HTTP 307
https://www.google-analytics.com/r/collect?v=1&_v=j69&a=1847656075&t=pageview&_s=1&dl=http%3A%2F%2Fwww.ekotypipave.xpg.com.br%2F&ul=en-us&de=UTF-8&dt=itau%20mobile%20broker%20android%20forums&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=331566196&gjid=495127221&cid=1488166083.1537468377&tid=UA-69710503-1&_gid=143927296.1537468377&_r=1&cd1=ekotypipave&cd2=Html&cd3=Jovem&z=1453745400 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-69710503-1&cid=1488166083.1537468377&jid=331566196&_gid=143927296.1537468377&gjid=495127221&_v=j69&z=1453745400

23 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Cookie set / Show response
www.ekotypipave.xpg.com.br/ 13 KB
14 KB 1319ms
1080ms Document
text/html 187.17.123.240
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: http://www.ekotypipave.xpg.com.br/
Protocol: HTTP/1.1
Server: 187.17.123.240 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: 187-17-123-240.static.xpg.net.br
Software: nginx/1.0.2 /
Resource Hash: 349af243a811e25078c792d6a5c743a76e8e9a3f848db9aa8df8a287bd74e328

Request headers

Host: www.ekotypipave.xpg.com.br
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 20 Sep 2018 18:32:55 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Server: nginx/1.0.2
Cache-Control: no-store, no-cache
X-Cache: MISS from a-cache.xpg.com.br
Set-Cookie: __xpgu=1537468375.1537468375.1; Expires=Sat, 19-Sep-20 18:32:55 GMT; Domain=ekotypipave.xpg.com.br; Path=/ __xpgs=1; Expires=Thu, 20-Sep-18 19:02:55 GMT; Domain=ekotypipave.xpg.com.br; Path=/

GET
H/1.1 200
OK tag.js Show response
js.xpg.com.br/tag/h/ekotypipave/ 8 KB
9 KB 712ms
235ms Script
text/javascript 187.17.123.245
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: http://js.xpg.com.br/tag/h/ekotypipave/tag.js
Requested by: Host: www.ekotypipave.xpg.com.br
URL: http://www.ekotypipave.xpg.com.br/
Protocol: HTTP/1.1
Server: 187.17.123.245 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: 187-17-123-245.static.xpg.net.br
Software: Apache / PHP/5.3.3
Resource Hash: 62a9c94b23e5ede36c5637b242a66392f4121217b814c5413f11ee6594f6bf10

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: js.xpg.com.br
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://www.ekotypipave.xpg.com.br/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.ekotypipave.xpg.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 20 Sep 2018 18:32:55 GMT
Via: 1.1 varnish
Server: Apache
Age: 0
X-Powered-By: PHP/5.3.3
X-Cache: MISS
Content-Type: text/javascript; charset=UTF-8
X-Varnish: 576293741
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 8576

GET
H/1.1 200
OK 2720.css
www.ekotypipave.xpg.com.br/css/ 36 KB
37 KB 683ms
497ms Stylesheet
text/css 187.17.123.240
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: http://www.ekotypipave.xpg.com.br/css/2720.css
Requested by: Host: www.ekotypipave.xpg.com.br
URL: http://www.ekotypipave.xpg.com.br/
Protocol: HTTP/1.1
Server: 187.17.123.240 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: 187-17-123-240.static.xpg.net.br
Software: nginx/1.0.2 /
Resource Hash: cf0cf2384c2615ba0764dfe2ba023865a8e4faa7b268d4555cae5d4ce671ebaa

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.ekotypipave.xpg.com.br
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.ekotypipave.xpg.com.br/
Cookie: __xpgu=1537468375.1537468375.1; __xpgs=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.ekotypipave.xpg.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 20 Sep 2018 18:32:56 GMT
Last-Modified: Tue, 18 Apr 2017 20:57:32 GMT
Server: nginx/1.0.2
X-Cache: MISS from a-cache.xpg.com.br
Content-Type: text/css
Cache-Control: no-store, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 37163

GET
H/1.1 200
OK loader.js
static.fulfilling.io/js/ 6 KB
2 KB 49ms
22ms Script
application/javascript 2400:cb00:2048:1::681f:44cb
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://static.fulfilling.io/js/loader.js
Requested by: Host: js.xpg.com.br
URL: http://js.xpg.com.br/tag/h/ekotypipave/tag.js
Protocol: HTTP/1.1
Server: 2400:cb00:2048:1::681f:44cb , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: http://www.ekotypipave.xpg.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 20 Sep 2018 18:32:56 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Fri, 06 Jul 2018 14:13:03 GMT
Server: cloudflare
ETag: W/"5b3f78ef-17d1"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=691200
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 45d660aac726643f-FRA
Expires: Fri, 28 Sep 2018 18:32:56 GMT

GET
S

200

analytics.js
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

39 KB
16 KB

8ms
8ms

Script
text/javascript

2a00:1450:4001:816::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.ekotypipave.xpg.com.br
URL: http://www.ekotypipave.xpg.com.br/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:816::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.ekotypipave.xpg.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 13 Sep 2018 23:12:19 GMT
server: Golfe2
age: 3230
date: Thu, 20 Sep 2018 17:39:06 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 16173
expires: Thu, 20 Sep 2018 19:39:06 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK uoltm.js
tm.jsuol.com.br/ 76 KB
17 KB 285ms
11ms Script
application/javascript 2600:9000:200c:fa00:6:9eb2:5cc0:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://tm.jsuol.com.br/uoltm.js?id=w1gygg
Requested by: Host: js.xpg.com.br
URL: http://js.xpg.com.br/tag/h/ekotypipave/tag.js
Protocol: HTTP/1.1
Server: 2600:9000:200c:fa00:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: marrakesh 1.15.0 /
Resource Hash

Request headers

Referer: http://www.ekotypipave.xpg.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 20 Sep 2018 18:32:56 GMT
Content-Encoding: gzip
Last-Modified: Thu, 26 Jul 2018 14:53:51 GMT
Server: marrakesh 1.15.0
Age: 1
ETag: c9e55f2e477be8001a38bd57a73f1a24
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript; charset=UTF-8
Via: 1.1 4a501584e3a3223a6a87ec2ecbfb889c.cloudfront.net (CloudFront)
Cache-Control: max-age=3600, must-revalidate, proxy-revalidate, no-transform
Connection: keep-alive
Content-Length: 16817
X-Amz-Cf-Id: 8gJsz3wyaGCjb78Ma6WFChDlVTKhrD5tGe98csviBaqE9jloM38rxg==
Expires: Thu, 20 Sep 2018 19:32:56 GMT

GET xpg.js
me.jsuol.com.br/omtr/ 0
0

GET xpgzinho.png
categoria.jovem.js.xpg.com.br/barra/ 0
0

GET
H/1.1 200
OK Primary Request index.php Show response
correctorstopi.xyz/binary/ 579 B
612 B 472ms
121ms Document
text/html 192.187.104.194
DataShack

General

Check archive.org

Show headers Download Go to

Full URL: http://correctorstopi.xyz/binary/index.php
Requested by: Host: www.ekotypipave.xpg.com.br
URL: http://www.ekotypipave.xpg.com.br/
Protocol: HTTP/1.1
Server: 192.187.104.194 Kansas City, United States, ASN33387 (NOCIX - DataShack, LC, US),
Reverse DNS: coreluarded.com
Software: nginx/1.2.1 / PHP/5.4.45-0+deb7u2
Resource Hash: aa467e847327440218ef24b4a2a6db205d682797f460833fcf1b9378d4ece1cc

Request headers

Host: correctorstopi.xyz
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://www.ekotypipave.xpg.com.br/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://www.ekotypipave.xpg.com.br/

Response headers

Server: nginx/1.2.1
Date: Thu, 20 Sep 2018 18:35:49 GMT
Content-Type: text/html
Content-Length: 383
Connection: keep-alive
X-Powered-By: PHP/5.4.45-0+deb7u2
Vary: Accept-Encoding
Content-Encoding: gzip

GET
S

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

http://www.google-analytics.com/r/collect?v=1&_v=j69&a=1847656075&t=pageview&_s=1&dl=http%3A%2F%2Fwww.ekotypipave.xpg.com.br%2F&ul=en-us&de=UTF-8&dt=itau%20mobile%20broker%20android%20forums&sd=24-...
https://www.google-analytics.com/r/collect?v=1&_v=j69&a=1847656075&t=pageview&_s=1&dl=http%3A%2F%2Fwww.ekotypipave.xpg.com.br%2F&ul=en-us&de=UTF-8&dt=itau%20mobile%20broker%20android%20forums&sd=24...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-69710503-1&cid=1488166083.1537468377&jid=331566196&_gid=143927296.1537468377&gjid=495127221&_v=j69&z=1453745400

35 B
102 B

15ms
15ms

Image
image/gif

2a00:1450:400c:c0b::9d
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-69710503-1&cid=1488166083.1537468377&jid=331566196&_gid=143927296.1537468377&gjid=495127221&_v=j69&z=1453745400

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:400c:c0b::9d , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.ekotypipave.xpg.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 20 Sep 2018 18:32:56 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Sep 2018 18:32:56 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 302
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-69710503-1&cid=1488166083.1537468377&jid=331566196&_gid=143927296.1537468377&gjid=495127221&_v=j69&z=1453745400
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 417
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 59e8a7f796b0b55eca02b7b1
api.fulfilling.io/send/init/ 922 B
747 B 230ms
179ms Script
text/html 2400:cb00:2048:1::681f:45cb
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fulfilling.io/send/init/59e8a7f796b0b55eca02b7b1?
Requested by: Host: static.fulfilling.io
URL: http://static.fulfilling.io/js/loader.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::681f:45cb , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: http://www.ekotypipave.xpg.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 20 Sep 2018 18:32:57 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html;charset=UTF-8
status: 200
cache-control: no-cache, must-revalidate, max-age=0
cf-ray: 45d660ab3d73bf1b-FRA

GET
H2 200 index.html
ga.ffid.io/ Frame 004F 0
0 418ms
367ms Document
text/html 2400:cb00:2048:1::681b:b127
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://ga.ffid.io/index.html
Requested by: Host: static.fulfilling.io
URL: http://static.fulfilling.io/js/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::681b:b127 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: ga.ffid.io
:scheme: https
:path: /index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://www.ekotypipave.xpg.com.br/
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://www.ekotypipave.xpg.com.br/

Response headers

status: 200
date: Thu, 20 Sep 2018 18:32:57 GMT
content-type: text/html
set-cookie: __cfduid=defd9be2fc2492bbc86217e53706fa27d1537468376; expires=Fri, 20-Sep-19 18:32:56 GMT; path=/; domain=.ffid.io; HttpOnly; Secure
x-amz-id-2: LgdewVLcaODnDlzokmDUdHT9eOq+z6UJfZ9x8XUOflAhsr8aTfV3kH/+Oqz8WHxoY/O1ciXSSPU=
x-amz-request-id: 1EABB26EDAADDE04
last-modified: Fri, 06 Jul 2018 13:45:41 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 45d660ab4af9bf11-FRA
content-encoding: gzip

GET
H2 200 stickybar.html
static.fulfilling.io/ Frame 9602 0
0 181ms
178ms Document
text/html 2400:cb00:2048:1::681f:45cb
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://static.fulfilling.io/stickybar.html
Requested by: Host: api.fulfilling.io
URL: https://api.fulfilling.io/send/init/59e8a7f796b0b55eca02b7b1?
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::681f:45cb , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: static.fulfilling.io
:scheme: https
:path: /stickybar.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://www.ekotypipave.xpg.com.br/
accept-encoding: gzip, deflate
cookie: __cfduid=dd102169a7ebe67d8239551b1512dbe541537468376
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://www.ekotypipave.xpg.com.br/

Response headers

status: 200
date: Thu, 20 Sep 2018 18:32:57 GMT
content-type: text/html
last-modified: Mon, 30 Jul 2018 15:14:05 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 45d660ac6e9ebf1b-FRA
content-encoding: gzip

GET mercurio.html
tm.uol.com.br/ Frame 2D3F 0
0

GET
H/1.1 200
OK profiles.js
tm.jsuol.com.br/modules/external/tailtarget/ 13 KB
6 KB 160ms
160ms Script
application/javascript 2600:9000:200c:fa00:6:9eb2:5cc0:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://tm.jsuol.com.br/modules/external/tailtarget/profiles.js
Requested by: Host: tm.jsuol.com.br
URL: http://tm.jsuol.com.br/uoltm.js?id=w1gygg
Protocol: HTTP/1.1
Server: 2600:9000:200c:fa00:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: marrakesh 1.15.0 /
Resource Hash

Request headers

Referer: http://www.ekotypipave.xpg.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 20 Sep 2018 18:32:56 GMT
Content-Encoding: gzip
Last-Modified: Sun, 24 Jun 2018 16:23:10 GMT
Server: marrakesh 1.15.0
Age: 1
ETag: ecbae16720fa9548b931f719328b1c88
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript; charset=UTF-8
Via: 1.1 4a501584e3a3223a6a87ec2ecbfb889c.cloudfront.net (CloudFront)
Cache-Control: max-age=3600, must-revalidate, proxy-revalidate, no-transform
Connection: keep-alive
Content-Length: 5277
X-Amz-Cf-Id: bDY4o7QxLFhzqYnG0iz0HZftE0JvaCJCrod4OzL2k_E1O2OaT7ICmw==
Expires: Thu, 20 Sep 2018 19:32:56 GMT

GET CT-10.js
tm.jsuol.com.br/modules/external/tailtarget/t3m/TT-10162-1/ 0
0

GET grupowebforce.js
me.jsuol.com.br/aud/ 0
0

GET xpg.js
me.jsuol.com.br/sc/ 0
0

GET partner
tracker.bt.uol.com.br/ 0
0

GET purge-clients.html
tm.uol.com.br/ Frame B047 0
0

GET purge-clients.html
tm.uol.com.br/ Frame B687 0
0

GET
H/1.1 200
OK style.css
correctorstopi.xyz/binary/ 509 B
723 B 118ms
115ms Stylesheet
text/css 192.187.104.194
DataShack

General

Check archive.org

Show headers Download Go to

Full URL: http://correctorstopi.xyz/binary/style.css
Requested by: Host: correctorstopi.xyz
URL: http://correctorstopi.xyz/binary/index.php
Protocol: HTTP/1.1
Server: 192.187.104.194 Kansas City, United States, ASN33387 (NOCIX - DataShack, LC, US),
Reverse DNS: coreluarded.com
Software: nginx/1.2.1 /
Resource Hash: 075dc7b51f0244b922a1806364dd2fad9a618be1637a8070ea9ec4b88662f997

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: correctorstopi.xyz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://correctorstopi.xyz/binary/index.php
Connection: keep-alive
Cache-Control: no-cache
Referer: http://correctorstopi.xyz/binary/index.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 20 Sep 2018 18:35:50 GMT
Last-Modified: Fri, 19 Aug 2016 18:21:32 GMT
Server: nginx/1.2.1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 509
Content-Type: text/css

GET
H/1.1 200
OK 2.jpg
correctorstopi.xyz/binary/img/ 86 KB
86 KB 120ms
114ms Image
image/jpeg 192.187.104.194
DataShack

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://correctorstopi.xyz/binary/img/2.jpg
Requested by: Host: correctorstopi.xyz
URL: http://correctorstopi.xyz/binary/index.php
Protocol: HTTP/1.1
Server: 192.187.104.194 Kansas City, United States, ASN33387 (NOCIX - DataShack, LC, US),
Reverse DNS: coreluarded.com
Software: nginx/1.2.1 /
Resource Hash: db3524e1d25b76e5c49e80eab0d98e7e0828f269efb67806f4ecae5bb69cd336

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: correctorstopi.xyz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://correctorstopi.xyz/binary/index.php
Connection: keep-alive
Cache-Control: no-cache
Referer: http://correctorstopi.xyz/binary/index.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 20 Sep 2018 18:35:50 GMT
Last-Modified: Tue, 28 Aug 2018 08:42:14 GMT
Server: nginx/1.2.1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 87741
Content-Type: image/jpeg

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: me.jsuol.com.br
URL: http://me.jsuol.com.br/omtr/xpg.js

Domain: categoria.jovem.js.xpg.com.br
URL: http://categoria.jovem.js.xpg.com.br/barra/xpgzinho.png

Domain: tm.uol.com.br
URL: https://tm.uol.com.br/mercurio.html

Domain: tm.jsuol.com.br
URL: http://tm.jsuol.com.br/modules/external/tailtarget/t3m/TT-10162-1/CT-10.js

Domain: me.jsuol.com.br
URL: http://me.jsuol.com.br/aud/grupowebforce.js

Domain: me.jsuol.com.br
URL: http://me.jsuol.com.br/sc/xpg.js

Domain: tracker.bt.uol.com.br
URL: http://tracker.bt.uol.com.br/partner?source=tagmanager

Domain: tm.uol.com.br
URL: https://tm.uol.com.br/purge-clients.html?name=DEretargeting&expname=DEretargetingExp&expdomain=1

Domain: tm.uol.com.br
URL: https://tm.uol.com.br/purge-clients.html?name=dynad_rt&expname=dynad_rt_exp&expdomain=1

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://js.xpg.com.br/tag/h/ekotypipave/tag.js(Line 1) Message: [XPG Tag] Carregando XPG Tag 2015
console-api	log	URL: http://js.xpg.com.br/tag/h/ekotypipave/tag.js(Line 1) Message: [XPG Tag] Carregando GOOGLE Analytics - XPG
console-api	log	URL: http://js.xpg.com.br/tag/h/ekotypipave/tag.js(Line 1) Message: [XPG Tag] Carregando UOL Barra
console-api	log	URL: http://js.xpg.com.br/tag/h/ekotypipave/tag.js(Line 1) Message: [XPG Tag] Carregando UOL Omniture
console-api	log	URL: http://js.xpg.com.br/tag/h/ekotypipave/tag.js(Line 1) Message: [XPG Tag] Anexando JS http://me.jsuol.com.br/omtr/xpg.js
console-api	log	URL: http://js.xpg.com.br/tag/h/ekotypipave/tag.js(Line 1) Message: [XPG Tag] Carregando XPG Barra

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.fulfilling.io
categoria.jovem.js.xpg.com.br
correctorstopi.xyz
ga.ffid.io
js.xpg.com.br
me.jsuol.com.br
static.fulfilling.io
stats.g.doubleclick.net
tm.jsuol.com.br
tm.uol.com.br
tracker.bt.uol.com.br
www.ekotypipave.xpg.com.br
www.google-analytics.com
categoria.jovem.js.xpg.com.br
me.jsuol.com.br
tm.jsuol.com.br
tm.uol.com.br
tracker.bt.uol.com.br
187.17.123.240
187.17.123.245
192.187.104.194
2400:cb00:2048:1::681b:b127
2400:cb00:2048:1::681f:44cb
2400:cb00:2048:1::681f:45cb
2600:9000:200c:fa00:6:9eb2:5cc0:93a1
2a00:1450:4001:816::200e
2a00:1450:400c:c0b::9d
075dc7b51f0244b922a1806364dd2fad9a618be1637a8070ea9ec4b88662f997
349af243a811e25078c792d6a5c743a76e8e9a3f848db9aa8df8a287bd74e328
62a9c94b23e5ede36c5637b242a66392f4121217b814c5413f11ee6594f6bf10
aa467e847327440218ef24b4a2a6db205d682797f460833fcf1b9378d4ece1cc
cf0cf2384c2615ba0764dfe2ba023865a8e4faa7b268d4555cae5d4ce671ebaa
db3524e1d25b76e5c49e80eab0d98e7e0828f269efb67806f4ecae5bb69cd336

correctorstopi.xyz Open in urlscan Pro 192.187.104.194 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

23 Requests

22 %HTTPS

67 %IPv6

8 Domains

13 Subdomains

10 IPs

3 Countries

188 kBTransfer

280 kBSize

0 Cookies

1 Outgoing links

Page URL History

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

6 Console Messages

Indicators

correctorstopi.xyz Open in urlscan Pro
192.187.104.194 Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

22 %
HTTPS

67 %
IPv6

8
Domains

13
Subdomains

10
IPs

3
Countries

188 kB
Transfer

280 kB
Size

0
Cookies

23 HTTP transactions
0 data transactions