secexpanda.online Open in urlscan Pro
104.21.12.70 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://secexpanda.online/
Submission: On October 26 via manual (October 26th 2024, 7:19:21 pm UTC) from BR — Scanned from BR

Summary HTTP 40 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 4 domains to perform 40 HTTP transactions. The main IP is 104.21.12.70, located in and belongs to CLOUDFLARENET, US. The main domain is secexpanda.online.
TLS certificate: Issued by WE1 on October 15th 2024. Valid for: 3 months.

This is the only time secexpanda.online was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Nubank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 23	104.21.12.70 104.21.12.70	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	172.217.29.104 172.217.29.104	15169 (GOOGLE) (GOOGLE)
7	142.250.219.14 142.250.219.14	15169 (GOOGLE) (GOOGLE)
1	23.54.21.57 23.54.21.57	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2.19.10.60 2.19.10.60	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
40	6

23 104.21.12.70 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

secexpanda.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.29.104 (United States)

ASN15169 (GOOGLE, US)
PTR: pngrua-ac-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.219.14 (United States)

ASN15169 (GOOGLE, US)
PTR: gru14s27-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.54.21.57 (São Paulo, Brazil)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-54-21-57.deploy.static.akamaitechnologies.com

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.19.10.60 (São Paulo, Brazil)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-10-60.deploy.static.akamaitechnologies.com

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	secexpanda.online 1 redirects secexpanda.online	113 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34	22 KB
5	typekit.net p.typekit.net — Cisco Umbrella Rank: 561 use.typekit.net — Cisco Umbrella Rank: 455	63 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	373 KB
40	4

	Domain	Requested by
23	secexpanda.online	1 redirects secexpanda.online
7	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	use.typekit.net	secexpanda.online
4	www.googletagmanager.com	secexpanda.online www.google-analytics.com
1	p.typekit.net	secexpanda.online
40	5

This site contains no links.

Subject Issuer	Validity	Valid
secexpanda.online WE1	`2024-10-15` - `2025-01-13`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-08-27` - `2025-09-27`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://secexpanda.online/
Frame ID: 4370530464B37DCEB523C8FB2371F74C
Requests: 38 HTTP requests in this frame

Frame: https://secexpanda.online/cdn-cgi/challenge-platform/h/b/scripts/jsd/e1a56f38220d/main.js
Frame ID: F17345A13DC886DBBD821F6B62BDF073
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Solicitação de Aumento de Limite

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

40
Requests

93 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

6
IPs

3
Countries

570 kB
Transfer

1653 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://secexpanda.online/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://secexpanda.online/cdn-cgi/challenge-platform/h/b/scripts/jsd/e1a56f38220d/main.js

40 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
secexpanda.online/ 19 KB
4 KB 3223ms
2795ms Document
text/html 104.21.12.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secexpanda.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.12.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a45954d2784005e5de4d6a80f055e94efcf0a0c03c14135a520a37b6c45a2899

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="130", "Google Chrome";v="130", "Not?A_Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Linux"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8d8ccbd9590c0f3e-EWR
content-encoding: br
content-type: text/html
date: Sat, 26 Oct 2024 19:19:11 GMT
last-modified: Sun, 11 Aug 2024 04:02:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G%2FogoJxuU3bMw5whZy9alBEK0SYMuvGfHbl7qQ4YJvZ5CxP5%2FghHRa2S%2FKlNjR1IFbZ%2BKo4a72acC9qicf7Pfqbpqve7foc1bftVxODbg93lPFA%2FGxu5gnEnLW41lRizKF9pbw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=113935&sent=9&recv=11&lost=0&retrans=0&sent_bytes=4015&recv_bytes=2393&delivery_rate=33886&cwnd=202&unsent_bytes=0&cid=aba8b74b932633de&ts=2815&x=0"

GET analytics.js.download
secexpanda.online/Entrar%20com%20login%20e%20senha%20-%20Serasa_files/ 0
0

GET gtm.js.download
secexpanda.online/Entrar%20com%20login%20e%20senha%20-%20Serasa_files/ 0
0

GET
H2 200 patternfly.min.css
secexpanda.online/Entrar%20com%20login%20e%20senha%20-%20Serasa_files/ 176 KB
31 KB 827ms
826ms Stylesheet
text/css 104.21.12.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secexpanda.online/Entrar%20com%20login%20e%20senha%20-%20Serasa_files/patternfly.min.css
Requested by: Host: secexpanda.online
URL: https://secexpanda.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.12.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e01a1506577c1027346e079f21dbc08c617a5fd9d1b00d70d353aa4278de71c8

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://secexpanda.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="130", "Google Chrome";v="130", "Not?A_Brand";v="99"
sec-ch-ua-mobile: ?0

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: REVALIDATED
etag: W/"2bf8f-60472c0299f40"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7FR4pTWDtOB1uQGl8YYaqfliw6Nv4pRZdO3Atz0r5lxHJQQQWyU%2F3oiTXt224PlGXHw5Tlqg2X91rVXc%2Fj4XuxHRYn5xCBkvnoq4WR9qiY1%2FZSWSmpywuv5WB2h5KLEJok7EZA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d8ccbeadbee0f3e-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=114596&sent=54&recv=22&lost=0&retrans=0&sent_bytes=35785&recv_bytes=3270&delivery_rate=73589&cwnd=206&unsent_bytes=0&cid=aba8b74b932633de&ts=3650&x=0"
date: Sat, 26 Oct 2024 19:19:12 GMT
content-type: text/css
last-modified: Sun, 03 Sep 2023 11:32:37 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 patternfly-additions.min.css
secexpanda.online/Entrar%20com%20login%20e%20senha%20-%20Serasa_files/ 195 KB
29 KB 4217ms
4216ms Stylesheet
text/css 104.21.12.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secexpanda.online/Entrar%20com%20login%20e%20senha%20-%20Serasa_files/patternfly-additions.min.css
Requested by: Host: secexpanda.online
URL: https://secexpanda.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.12.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ce8eb89aa6e62ae5b57235d0c62d4105fa6b25316c44092dc3e1cbebc4578fb

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://secexpanda.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="130", "Google Chrome";v="130", "Not?A_Brand";v="99"
sec-ch-ua-mobile: ?0

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: REVALIDATED
etag: W/"30b6e-60472c0299f40"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eIXpBecPp7F%2FGZhvpij1d8EwpC2Rx8YR5LTXCc0rYezs9KsQccijBltU%2B%2BcwrYfgTnEMovJDrIc9OvNvEC44ByPv3ZTEjaoCRsUhU7BckjX0RYgNZo40bcemsYkUtymteSzIjA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d8ccbeadbf10f3e-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=113749&sent=93&recv=76&lost=0&retrans=0&sent_bytes=74921&recv_bytes=3305&delivery_rate=486362&cwnd=206&unsent_bytes=0&cid=aba8b74b932633de&ts=7039&x=0"
date: Sat, 26 Oct 2024 19:19:15 GMT
content-type: text/css
last-modified: Sun, 03 Sep 2023 11:32:37 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 zocial.css
secexpanda.online/Entrar%20com%20login%20e%20senha%20-%20Serasa_files/ 43 KB
22 KB 820ms
819ms Stylesheet
text/css 104.21.12.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secexpanda.online/Entrar%20com%20login%20e%20senha%20-%20Serasa_files/zocial.css
Requested by: Host: secexpanda.online
URL: https://secexpanda.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.12.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bae41ff593e0cfd5d25ce72edf6731524c8eb91c21e4757ce725e01dafceddb5

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://secexpanda.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="130", "Google Chrome";v="130", "Not?A_Brand";v="99"
sec-ch-ua-mobile: ?0

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: REVALIDATED
etag: W/"aba9-60472c0299f40"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q7TDb9M3tdud9NYIO1oaxGS6akcfUZ%2BmGAHlGRxyho4oXEVOJ7DzFwUzhhvpWjALrRmDw6VIB%2F4i4Y7t4faypyETrCSeFoRHYs%2F7ldq%2FCU7CnX5%2FNH1g2FVAwWstdzAZdlmo7A%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d8ccbeadbf20f3e-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=114596&sent=33&recv=22&lost=0&retrans=0&sent_bytes=13029&recv_bytes=3270&delivery_rate=73589&cwnd=206&unsent_bytes=0&cid=aba8b74b932633de&ts=3643&x=0"
date: Sat, 26 Oct 2024 19:19:12 GMT
content-type: text/css
last-modified: Sun, 03 Sep 2023 11:32:37 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 login.css
secexpanda.online/Entrar%20com%20login%20e%20senha%20-%20Serasa_files/ 7 KB
2 KB 807ms
806ms Stylesheet
text/css 104.21.12.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secexpanda.online/Entrar%20com%20login%20e%20senha%20-%20Serasa_files/login.css
Requested by: Host: secexpanda.online
URL: https://secexpanda.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.12.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a849362d6cd5779e4476c72ea02c5a1e70a13878f0458566f2838877c2e44b89

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://secexpanda.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="130", "Google Chrome";v="130", "Not?A_Brand";v="99"
sec-ch-ua-mobile: ?0

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: REVALIDATED
etag: W/"1c91-60472c0299f40"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U9PMmeobMflqwidRtCnP6pfelKar6sboewaLOjXED%2Buo2%2BrVMP0ubS2iXjEB%2BSbfmPO0umo03KLWrf5xgmEdrQPrYNFfJOKlpqubnCUvGrjFILwnrSybHxKOnOgXjkY6pFrsEA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d8ccbeaebf70f3e-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=114596&sent=29&recv=22&lost=0&retrans=0&sent_bytes=10565&recv_bytes=3270&delivery_rate=73589&cwnd=206&unsent_bytes=0&cid=aba8b74b932633de&ts=3628&x=0"
date: Sat, 26 Oct 2024 19:19:12 GMT
content-type: text/css
last-modified: Sun, 03 Sep 2023 11:32:37 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 cqg6djg.css
secexpanda.online/Entrar%20com%20login%20e%20senha%20-%20Serasa_files/ 13 KB
2 KB 755ms
754ms Stylesheet
text/css 104.21.12.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secexpanda.online/Entrar%20com%20login%20e%20senha%20-%20Serasa_files/cqg6djg.css
Requested by: Host: secexpanda.online
URL: https://secexpanda.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.12.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eccb1c4e0a004f24eb947f501d1fb771104edf515f2f00a3e6b771fa9ad4f739

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://secexpanda.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="130", "Google Chrome";v="130", "Not?A_Brand";v="99"
sec-ch-ua-mobile: ?0

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: REVALIDATED
etag: W/"35a2-60472c0299f40"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s4A9SnK%2FPqsd40%2F5MetFeOu3cJhbhWARF%2B1Tda5tuft87LqjgpIn0zi2vscAixwyhP9AqLNyohLKQCNMpkzuRHRCMpJ7J6Ku6GoLuok9Blm%2Fx26FNhFzuMrJ6P2SNrm5Dg8nHw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d8ccbeaebf80f3e-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=114596&sent=25&recv=22&lost=0&retrans=0&sent_bytes=8714&recv_bytes=3270&delivery_rate=73589&cwnd=206&unsent_bytes=0&cid=aba8b74b932633de&ts=3577&x=0"
date: Sat, 26 Oct 2024 19:19:12 GMT
content-type: text/css
last-modified: Sun, 03 Sep 2023 11:32:37 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 idcarioca.css
secexpanda.online/Entrar%20com%20login%20e%20senha%20-%20Serasa_files/ 10 KB
3 KB 5869ms
5869ms Stylesheet
text/css 104.21.12.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secexpanda.online/Entrar%20com%20login%20e%20senha%20-%20Serasa_files/idcarioca.css
Requested by: Host: secexpanda.online
URL: https://secexpanda.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.12.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd5121ba34ce3e40d56417bccf4f29b1b9e135e69176d170e89db8fa382ca1e2

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://secexpanda.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="130", "Google Chrome";v="130", "Not?A_Brand";v="99"
sec-ch-ua-mobile: ?0

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: REVALIDATED
etag: W/"278b-60472c0299f40"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w%2BzoZ8VZztiJZP1aPDIlyNi03Thl2ZnsdJAf8%2Bi9b82b2o6xYbGmcyE5OzKVf%2BUviD8DyT4Qk5nuRtEzf83wV%2FSlptEtFuKDe1GwUG%2FdHiudftjEWOOHhUHEtI3ccHPGDCEB3A%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d8ccbeaebf90f3e-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=119633&sent=118&recv=89&lost=0&retrans=0&sent_bytes=104730&recv_bytes=3305&delivery_rate=486362&cwnd=206&unsent_bytes=0&cid=aba8b74b932633de&ts=8692&x=0"
date: Sat, 26 Oct 2024 19:19:17 GMT
content-type: text/css
last-modified: Sun, 03 Sep 2023 11:32:37 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 nu.png
secexpanda.online/Entrar%20com%20login%20e%20senha%20-%20Serasa_files/ 4 KB
5 KB 66ms
65ms Image
image/png 104.21.12.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secexpanda.online/Entrar%20com%20login%20e%20senha%20-%20Serasa_files/nu.png
Requested by: Host: secexpanda.online
URL: https://secexpanda.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.12.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b0838f80d5373876a86ead7e8658a2d6c8cf8ee5bab604defc220ee0363a25e

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://secexpanda.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="130", "Google Chrome";v="130", "Not?A_Brand";v="99"
sec-ch-ua-mobile: ?0

Response headers

cf-cache-status: REVALIDATED
etag: "117d-60472c0299f40"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5BLEAgCb7SxOFpszRqO6YOSZiITQlIiGHxS%2BYYINRfX3wWd%2FJQfrPxkEl17U1kDZyjhDrWK3MX2Nm6SpGNXSSIG6QRovf5rX2i911ta6G4qroOrLcbMQ79aYawRmMXPjptGdrw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2490&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4302&recv_bytes=5789&delivery_rate=5728&cwnd=12000&unsent_bytes=0&cid=fe40f565435684bb&ts=80&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 26 Oct 2024 19:19:11 GMT
content-type: image/png
last-modified: Sun, 03 Sep 2023 11:32:37 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d8ccbea9f9aae60-GRU
accept-ranges: bytes
content-length: 4477
server: cloudflare

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 229 KB
81 KB 247ms
67ms Script
application/javascript 172.217.29.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5HWQFZ3

Requested by

Host: secexpanda.online
URL: https://secexpanda.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.29.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

pngrua-ac-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

93274ea461ccab9d2649e482e6f46a7bbcf9596c5c3b0dad0df0467322ccc85e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://secexpanda.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="130", "Google Chrome";v="130", "Not?A_Brand";v="99"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Sat, 26 Oct 2024 19:19:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 19:19:11 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 26 Oct 2024 18:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 82496
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 idico.png
secexpanda.online/Entrar%20com%20login%20e%20senha%20-%20Serasa_files/ 913 B
2 KB 62ms
59ms Image
image/png 104.21.12.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secexpanda.online/Entrar%20com%20login%20e%20senha%20-%20Serasa_files/idico.png
Requested by: Host: secexpanda.online
URL: https://secexpanda.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.12.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae28bec8513af300a2964ae65984e6368f39d6627ed7b3e400329065fa048382

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://secexpanda.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="130", "Google Chrome";v="130", "Not?A_Brand";v="99"
sec-ch-ua-mobile: ?0

Response headers

cf-cache-status: REVALIDATED
etag: "391-60472c0299f40"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UDu81Ae64h0CWEl1rRkHucDpmYv4VUKO7zMCg2%2FmFDohfbzgGdhUcdn%2FZg%2BwghCJKKDoo9GXFBDRFEdilGy2fhQk%2Bes9yRcjIcsbrturR1uyT2VjmLQx%2BRr3CLCE5WbX8XEDmg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2935&sent=25&recv=18&lost=0&retrans=0&sent_bytes=16800&recv_bytes=7006&delivery_rate=136630&cwnd=12000&unsent_bytes=0&cid=fe40f565435684bb&ts=394&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 26 Oct 2024 19:19:12 GMT
content-type: image/png
last-modified: Sun, 03 Sep 2023 11:32:37 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d8ccbec9a81ae60-GRU
accept-ranges: bytes
content-length: 913
server: cloudflare

GET
H3 200 nutransparente.png
secexpanda.online/Entrar%20com%20login%20e%20senha%20-%20Serasa_files/ 6 KB
7 KB 57ms
55ms Image
image/png 104.21.12.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secexpanda.online/Entrar%20com%20login%20e%20senha%20-%20Serasa_files/nutransparente.png
Requested by: Host: secexpanda.online
URL: https://secexpanda.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.12.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84a3d85c067b670c837e8292c6fc33ad76a08443c37fb2987a9a9a6cf7b7f0e9

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://secexpanda.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="130", "Google Chrome";v="130", "Not?A_Brand";v="99"
sec-ch-ua-mobile: ?0

Response headers

cf-cache-status: REVALIDATED
etag: "18e8-60472c0299f40"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lK0UWLjnPvtdBXVKu%2Bm4miVKn0KaiQjDj%2FWbQNQWgw5vpe9u6XIsd2g9nCbc6sBF0fglyL4WEZZQSQomyIsFZVkkrjH5yJ9%2BUaJgGf6EXcSfx3dSNBi0LCgdpMf6YDWUyXxmmg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2833&sent=19&recv=15&lost=0&retrans=0&sent_bytes=9618&recv_bytes=6877&delivery_rate=83096&cwnd=12000&unsent_bytes=0&cid=fe40f565435684bb&ts=389&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 26 Oct 2024 19:19:12 GMT
content-type: image/png
last-modified: Sun, 03 Sep 2023 11:32:37 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d8ccbec9a84ae60-GRU
accept-ranges: bytes
content-length: 6376
server: cloudflare

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 73ms
3ms Script
text/javascript 142.250.219.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HWQFZ3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.219.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

gru14s27-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://secexpanda.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="130", "Google Chrome";v="130", "Not?A_Brand";v="99"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: gzip
age: 3874
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Sat, 26 Oct 2024 20:14:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 18:14:38 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
435 B 59ms
58ms XHR
text/plain 142.250.219.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=968086311&t=pageview&_s=1&dl=https%3A%2F%2Fsecexpanda.online%2F&ul=pt-br&de=UTF-8&dt=Solicita%C3%A7%C3%A3o%20de%20Aumento%20de%20Limite&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAACAAI~&jid=811512709&gjid=119697182&cid=1868147148.1729970352&tid=UA-172503413-1&_gid=1160130759.1729970352&_r=1&_slc=1&gtm=45He4ao0n815HWQFZ3za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533422~101823848&z=1746318807

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.219.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

gru14s27-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

49f0e1c5403268294ad97080d689aeb60ec3dfbc61ea130936102de1ec605fe0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://secexpanda.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="130", "Google Chrome";v="130", "Not?A_Brand";v="99"
Content-Type: text/plain
sec-ch-ua-mobile: ?0

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 19:19:12 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://secexpanda.online
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 15
server: Golfe2

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
83 B 58ms
57ms XHR
text/plain 142.250.219.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=968086311&t=pageview&_s=1&dl=https%3A%2F%2Fsecexpanda.online%2F&ul=pt-br&de=UTF-8&dt=Solicita%C3%A7%C3%A3o%20de%20Aumento%20de%20Limite&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACEABBAAAACAAI~&jid=477223120&gjid=2146843446&cid=1868147148.1729970352&tid=UA-173210945-2&_gid=1160130759.1729970352&_r=1&_slc=1&gtm=45He4ao0n815HWQFZ3za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533422~101823848&z=632658652

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.219.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

gru14s27-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

c521a5193126f9221d5c3b911e9cca7a946031709593fa4e23c0b68f813544d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://secexpanda.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="130", "Google Chrome";v="130", "Not?A_Brand";v="99"
Content-Type: text/plain
sec-ch-ua-mobile: ?0

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 19:19:12 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://secexpanda.online
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 15
server: Golfe2

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
83 B 57ms
57ms XHR
text/plain 142.250.219.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=968086311&t=pageview&_s=1&dl=https%3A%2F%2Fsecexpanda.online%2F&ul=pt-br&de=UTF-8&dt=Solicita%C3%A7%C3%A3o%20de%20Aumento%20de%20Limite&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACEABBAAAACAAI~&jid=1978303234&gjid=405165367&cid=1868147148.1729970352&tid=UA-172503413-4&_gid=1160130759.1729970352&_r=1&_slc=1&gtm=45He4ao0n815HWQFZ3za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533422~101823848&z=1397081262

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.219.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

gru14s27-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

6f820d914079c384c19567ed3f8644ae1d3e7a2e05f7082f0587359168439240

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://secexpanda.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="130", "Google Chrome";v="130", "Not?A_Brand";v="99"
Content-Type: text/plain
sec-ch-ua-mobile: ?0

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 19:19:12 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://secexpanda.online
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 15
server: Golfe2

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 276 KB
97 KB 66ms
62ms Script
application/javascript 172.217.29.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VZRQZLHGNH&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.29.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

pngrua-ac-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

2f669b5a7d0781a26dc532ae192a3762ea9e071221b70652f3c16a552df02a49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://secexpanda.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="130", "Google Chrome";v="130", "Not?A_Brand";v="99"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sat, 26 Oct 2024 19:19:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 19:19:12 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 99202
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 276 KB
97 KB 66ms
65ms Script
application/javascript 172.217.29.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MKDXNEYT8P&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.29.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

pngrua-ac-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e33c7fba2e30b8a6f55fa33d4aee5ab8c310f452b630a8bf3c199ae46d3157a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://secexpanda.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="130", "Google Chrome";v="130", "Not?A_Brand";v="99"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sat, 26 Oct 2024 19:19:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 19:19:12 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 99296
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 276 KB
97 KB 74ms
73ms Script
application/javascript 172.217.29.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2FKYTNS5B1&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.29.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

pngrua-ac-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

5ab1a03e96d090586a824972873f4edbf12c5f60aa3cda48910c64b4e9a0835a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://secexpanda.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="130", "Google Chrome";v="130", "Not?A_Brand";v="99"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sat, 26 Oct 2024 19:19:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 19:19:12 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 99234
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 145ms
4ms Stylesheet
text/css 23.54.21.57
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=cqg6djg&ht=tk&f=2003.2004.2005.2006.2007.2008.2009.2010.2011.2012.9938.9939.39002.39004.17398.17399.17400.17401.22618.22619&a=11406556&app=typekit&e=css
Requested by: Host: secexpanda.online
URL: https://secexpanda.online/Entrar%20com%20login%20e%20senha%20-%20Serasa_files/cqg6djg.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.54.21.57 São Paulo, Brazil, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-54-21-57.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://secexpanda.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="130", "Google Chrome";v="130", "Not?A_Brand";v="99"
sec-ch-ua-mobile: ?0

Response headers

cache-control: public, max-age=604800
etag: "64c3b75e-5"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5
date: Sat, 26 Oct 2024 19:19:12 GMT
content-type: text/css
last-modified: Fri, 28 Jul 2023 12:41:02 GMT
server: nginx

POST
H3 204 collect
www.google-analytics.com/g/ 0
0 54ms
54ms Fetch
text/plain 142.250.219.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-VZRQZLHGNH&gtm=45je4ao0v9125208830za200&_p=1729970351777&gcd=13l3l3l3l2l1&npa=0&dma=0&tag_exp=101533421~101823848&ul=pt-br&sr=1600x1200&cid=1868147148.1729970352&uaa=x86&uab=64&uafvl=Chromium%3B130.0.6723.69%7CGoogle%2520Chrome%3B130.0.6723.69%7CNot%253FA_Brand%3B99.0.0.0&uamb=0&uam=&uap=Linux&uapv=5.15.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fsecexpanda.online%2F&dt=Solicita%C3%A7%C3%A3o%20de%20Aumento%20de%20Limite&sid=1729970352&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=4084
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VZRQZLHGNH&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.219.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: gru14s27-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://secexpanda.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="130", "Google Chrome";v="130", "Not?A_Brand";v="99"
sec-ch-ua-mobile: ?0

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://secexpanda.online
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 19:19:12 GMT
content-type: text/plain
server: Golfe2

POST
H3 204 collect
www.google-analytics.com/g/ 0
0 57ms
57ms Fetch
text/plain 142.250.219.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-MKDXNEYT8P&gtm=45je4ao0v9126254213za200&_p=1729970351777&gcd=13l3l3l3l2l1&npa=0&dma=0&tag_exp=101533422~101823848&ul=pt-br&sr=1600x1200&cid=1868147148.1729970352&uaa=x86&uab=64&uafvl=Chromium%3B130.0.6723.69%7CGoogle%2520Chrome%3B130.0.6723.69%7CNot%253FA_Brand%3B99.0.0.0&uamb=0&uam=&uap=Linux&uapv=5.15.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fsecexpanda.online%2F&dt=Solicita%C3%A7%C3%A3o%20de%20Aumento%20de%20Limite&sid=1729970352&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=4110
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MKDXNEYT8P&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.219.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: gru14s27-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://secexpanda.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="130", "Google Chrome";v="130", "Not?A_Brand";v="99"
sec-ch-ua-mobile: ?0

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://secexpanda.online
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 19:19:12 GMT
content-type: text/plain
server: Golfe2

POST
H3 204 collect
www.google-analytics.com/g/ 0
0 55ms
55ms Fetch
text/plain 142.250.219.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-2FKYTNS5B1&gtm=45je4ao0v9126563486za200&_p=1729970351777&gcd=13l3l3l3l2l1&npa=0&dma=0&tag_exp=101533422~101823848&ul=pt-br&sr=1600x1200&cid=1868147148.1729970352&uaa=x86&uab=64&uafvl=Chromium%3B130.0.6723.69%7CGoogle%2520Chrome%3B130.0.6723.69%7CNot%253FA_Brand%3B99.0.0.0&uamb=0&uam=&uap=Linux&uapv=5.15.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fsecexpanda.online%2F&dt=Solicita%C3%A7%C3%A3o%20de%20Aumento%20de%20Limite&sid=1729970352&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=4133
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2FKYTNS5B1&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.219.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: gru14s27-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://secexpanda.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="130", "Google Chrome";v="130", "Not?A_Brand";v="99"
sec-ch-ua-mobile: ?0

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://secexpanda.online
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 19:19:12 GMT
content-type: text/plain
server: Golfe2

GET
H3 404 bg.jpg
secexpanda.online/img/ 304 B
304 B 62ms
62ms Image
text/html 104.21.12.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secexpanda.online/img/bg.jpg
Requested by: Host: secexpanda.online
URL: https://secexpanda.online/Entrar%20com%20login%20e%20senha%20-%20Serasa_files/login.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.12.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ca7be56acb788de077b1c03c1860a2f017e045d06497507249db7edbae6a25b

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://secexpanda.online/Entrar%20com%20login%20e%20senha%20-%20Serasa_files/login.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="130", "Google Chrome";v="130", "Not?A_Brand";v="99"
sec-ch-ua-mobile: ?0

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MbhGO39EDivr%2BEVRPHJRZoUDWYUEeyeEF%2F5jLAwsLltx5iwQYWcuA3buH%2Fc7a%2BkT7RKJukw0fqH9aJ0LsqhaK7bNg%2BZPi6SfUeEjwZDm0q8VTicY92Z3dP2%2BackfZ5Sj9pGx2w%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d8ccc09dbb5ae60-GRU
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2871&sent=29&recv=23&lost=0&retrans=0&sent_bytes=18474&recv_bytes=9865&delivery_rate=667357&cwnd=12000&unsent_bytes=0&cid=fe40f565435684bb&ts=5078&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 26 Oct 2024 19:19:16 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
server: cloudflare
priority: u=3,i

GET
H3 404 OpenSans-Light-webfont.woff2
secexpanda.online/fonts/ 0
0 75ms
75ms Font
text/html 104.21.12.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secexpanda.online/fonts/OpenSans-Light-webfont.woff2
Requested by: Host: secexpanda.online
URL: https://secexpanda.online/Entrar%20com%20login%20e%20senha%20-%20Serasa_files/patternfly.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.12.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Origin: https://secexpanda.online
sec-ch-ua-platform: "Linux"
Referer: https://secexpanda.online/Entrar%20com%20login%20e%20senha%20-%20Serasa_files/patternfly.min.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="130", "Google Chrome";v="130", "Not?A_Brand";v="99"
sec-ch-ua-mobile: ?0

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uFLrMa9pU65P3qSIdJKsh7E1sA8yVfTQHRfwPghp6%2BQtLyWzogc7x0cbaBWMQvMnxSXtrTmuLcQrYh219eptYFm3SHISB7dQlj2hVoQXVjN9hJ8xjp7OTlXLZbGeSfm3fUL4ew%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d8ccc09ebdfae60-GRU
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2832&sent=34&recv=26&lost=0&retrans=0&sent_bytes=21214&recv_bytes=11320&delivery_rate=195081&cwnd=12000&unsent_bytes=0&cid=fe40f565435684bb&ts=5101&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 26 Oct 2024 19:19:16 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
server: cloudflare
priority: u=0,i=?0

GET
H3 404 OpenSans-Semibold-webfont.woff2
secexpanda.online/fonts/ 0
0 57ms
56ms Font
text/html 104.21.12.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secexpanda.online/fonts/OpenSans-Semibold-webfont.woff2
Requested by: Host: secexpanda.online
URL: https://secexpanda.online/Entrar%20com%20login%20e%20senha%20-%20Serasa_files/patternfly.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.12.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Origin: https://secexpanda.online
sec-ch-ua-platform: "Linux"
Referer: https://secexpanda.online/Entrar%20com%20login%20e%20senha%20-%20Serasa_files/patternfly.min.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="130", "Google Chrome";v="130", "Not?A_Brand";v="99"
sec-ch-ua-mobile: ?0

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Kx4z4zpqd1%2FMyoFUVACeJhtrLYomSgiv37%2BqvUOPm7AhEB2zQifK9MMfTXkittUbLOxtv9Xx4%2BNZ80R19wLz7GNjb%2BGQ0xsmYXBDAzmS3LKi3gotApn0f1gUDeJ7HKLpR7kutw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d8ccc09ebe6ae60-GRU
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2871&sent=30&recv=23&lost=0&retrans=0&sent_bytes=19372&recv_bytes=9865&delivery_rate=667357&cwnd=12000&unsent_bytes=0&cid=fe40f565435684bb&ts=5083&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 26 Oct 2024 19:19:16 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
server: cloudflare
priority: u=0,i=?0

GET
H3 404 OpenSans-Regular-webfont.woff2
secexpanda.online/fonts/ 0
0 64ms
63ms Font
text/html 104.21.12.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secexpanda.online/fonts/OpenSans-Regular-webfont.woff2
Requested by: Host: secexpanda.online
URL: https://secexpanda.online/Entrar%20com%20login%20e%20senha%20-%20Serasa_files/patternfly.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.12.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Origin: https://secexpanda.online
sec-ch-ua-platform: "Linux"
Referer: https://secexpanda.online/Entrar%20com%20login%20e%20senha%20-%20Serasa_files/patternfly.min.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="130", "Google Chrome";v="130", "Not?A_Brand";v="99"
sec-ch-ua-mobile: ?0

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M25sJFy6rYi8JRXrdN3D4PqI2R%2FEJxT0e%2FM6MyNy6Dq%2FTPBSQ2nmPw9moS4slRmDByKTzg7gFhWGvHcO9uAglNpEyplV6cAM0OAUl59f2A5j5tOFkYDeFcUpKL2jFDAb9CEwtA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d8ccc09ebeaae60-GRU
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2833&sent=31&recv=24&lost=0&retrans=0&sent_bytes=20270&recv_bytes=9908&delivery_rate=28167&cwnd=12000&unsent_bytes=0&cid=fe40f565435684bb&ts=5089&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 26 Oct 2024 19:19:16 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
server: cloudflare
priority: u=0,i=?0

GET
H3 404 OpenSans-Semibold-webfont.woff
secexpanda.online/fonts/ 0
0 54ms
53ms Font
text/html 104.21.12.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secexpanda.online/fonts/OpenSans-Semibold-webfont.woff
Requested by: Host: secexpanda.online
URL: https://secexpanda.online/Entrar%20com%20login%20e%20senha%20-%20Serasa_files/patternfly.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.12.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Origin: https://secexpanda.online
sec-ch-ua-platform: "Linux"
Referer: https://secexpanda.online/Entrar%20com%20login%20e%20senha%20-%20Serasa_files/patternfly.min.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="130", "Google Chrome";v="130", "Not?A_Brand";v="99"
sec-ch-ua-mobile: ?0

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5SRwZIfMgMeCmRekwKvCsZY0nh9sNMvBSp8l%2FjIBCGCCuaQFhxpYbsKKNQn4wm53xhMmVlL%2FqSBVAHO65CH7s66htzNL3HA%2BuN7xH0p2Z2aeaPo%2BkdSdn7gBNSDJ5CxmrvpcAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d8ccc0a4c73ae60-GRU
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2890&sent=36&recv=27&lost=0&retrans=0&sent_bytes=22132&recv_bytes=12027&delivery_rate=57800&cwnd=12000&unsent_bytes=0&cid=fe40f565435684bb&ts=5143&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 26 Oct 2024 19:19:16 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
server: cloudflare
priority: u=0,i=?0

GET
H3 404 OpenSans-Regular-webfont.woff
secexpanda.online/fonts/ 0
0 61ms
60ms Font
text/html 104.21.12.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secexpanda.online/fonts/OpenSans-Regular-webfont.woff
Requested by: Host: secexpanda.online
URL: https://secexpanda.online/Entrar%20com%20login%20e%20senha%20-%20Serasa_files/patternfly.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.12.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Origin: https://secexpanda.online
sec-ch-ua-platform: "Linux"
Referer: https://secexpanda.online/Entrar%20com%20login%20e%20senha%20-%20Serasa_files/patternfly.min.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="130", "Google Chrome";v="130", "Not?A_Brand";v="99"
sec-ch-ua-mobile: ?0

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AF6ME1kS0p49QryL%2BdwL48omG0mAcMc0j7HKYVoyANaiiLg8JkDrxDSOUmYra9vOKpT9RMHorQJDiDbsO8ReLqh%2FVKCKc4vxrEKKcdHAcqC7hY0jdotjumW%2FV8ZN%2FALeoptfhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d8ccc0a5c81ae60-GRU
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2897&sent=38&recv=28&lost=0&retrans=0&sent_bytes=23054&recv_bytes=12735&delivery_rate=21520&cwnd=12000&unsent_bytes=0&cid=fe40f565435684bb&ts=5155&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 26 Oct 2024 19:19:16 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
server: cloudflare
priority: u=0,i=?0

GET
H3 404 OpenSans-Light-webfont.woff
secexpanda.online/fonts/ 0
0 55ms
54ms Font
text/html 104.21.12.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secexpanda.online/fonts/OpenSans-Light-webfont.woff
Requested by: Host: secexpanda.online
URL: https://secexpanda.online/Entrar%20com%20login%20e%20senha%20-%20Serasa_files/patternfly.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.12.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Origin: https://secexpanda.online
sec-ch-ua-platform: "Linux"
Referer: https://secexpanda.online/Entrar%20com%20login%20e%20senha%20-%20Serasa_files/patternfly.min.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="130", "Google Chrome";v="130", "Not?A_Brand";v="99"
sec-ch-ua-mobile: ?0

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KSWEJ%2B9bXpPvaNC5YrtzlKxv9bb14ReAOiIK8lC8Cws3dKfJ4qWi2TL2NtMBzfS8ncQn%2BkIDJiYNyl7rIfaJmLlYZu2GW3g%2BK9sm%2B3sI1LGrSGER%2F8TDBLVcV1XdkSNOCvDgpg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d8ccc0a6c95ae60-GRU
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2897&sent=39&recv=28&lost=0&retrans=0&sent_bytes=23951&recv_bytes=12735&delivery_rate=21520&cwnd=12000&unsent_bytes=0&cid=fe40f565435684bb&ts=5160&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 26 Oct 2024 19:19:16 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
server: cloudflare
priority: u=0,i=?0

GET
H3 404 OpenSans-Semibold-webfont.ttf
secexpanda.online/fonts/ 0
0 56ms
55ms Font
text/html 104.21.12.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secexpanda.online/fonts/OpenSans-Semibold-webfont.ttf
Requested by: Host: secexpanda.online
URL: https://secexpanda.online/Entrar%20com%20login%20e%20senha%20-%20Serasa_files/patternfly.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.12.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Origin: https://secexpanda.online
sec-ch-ua-platform: "Linux"
Referer: https://secexpanda.online/Entrar%20com%20login%20e%20senha%20-%20Serasa_files/patternfly.min.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="130", "Google Chrome";v="130", "Not?A_Brand";v="99"
sec-ch-ua-mobile: ?0

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3uKPhL5k5YgNbP%2FTPIdKC0V98TebR3Btd9Q9kZ%2BvedJd8eZhNfV%2B52tLOHSDenYufGd458XUe4sQKi9bKqDOAd0EqcI1BUbrYVSo1kG%2FVhpZiWqQHHAm64HECUwE2l9djgkfIg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d8ccc0aacf3ae60-GRU
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2872&sent=42&recv=31&lost=0&retrans=0&sent_bytes=24899&recv_bytes=14180&delivery_rate=225488&cwnd=12000&unsent_bytes=0&cid=fe40f565435684bb&ts=5204&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 26 Oct 2024 19:19:16 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
server: cloudflare
priority: u=0,i=?0

GET
H3 404 OpenSans-Regular-webfont.ttf
secexpanda.online/fonts/ 0
0 55ms
54ms Font
text/html 104.21.12.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secexpanda.online/fonts/OpenSans-Regular-webfont.ttf
Requested by: Host: secexpanda.online
URL: https://secexpanda.online/Entrar%20com%20login%20e%20senha%20-%20Serasa_files/patternfly.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.12.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Origin: https://secexpanda.online
sec-ch-ua-platform: "Linux"
Referer: https://secexpanda.online/Entrar%20com%20login%20e%20senha%20-%20Serasa_files/patternfly.min.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="130", "Google Chrome";v="130", "Not?A_Brand";v="99"
sec-ch-ua-mobile: ?0

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A0tSNhoWQYbbpIzsQIbZF5R3eUPuphJvLIAR4MpsqWgIQTo9LniL3Xt1TQF9OspFxq6y7BQI9V8bksfpbVxm5ydY391hxAD7N6LdQpj%2B1pWkWMiqIg7wABcAm34vvn5xUCkf5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d8ccc0acd1dae60-GRU
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2872&sent=43&recv=31&lost=0&retrans=0&sent_bytes=25798&recv_bytes=14180&delivery_rate=225488&cwnd=12000&unsent_bytes=0&cid=fe40f565435684bb&ts=5216&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 26 Oct 2024 19:19:16 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
server: cloudflare
priority: u=0,i=?0

GET
H3 404 OpenSans-Light-webfont.ttf
secexpanda.online/fonts/ 0
0 58ms
57ms Font
text/html 104.21.12.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secexpanda.online/fonts/OpenSans-Light-webfont.ttf
Requested by: Host: secexpanda.online
URL: https://secexpanda.online/Entrar%20com%20login%20e%20senha%20-%20Serasa_files/patternfly.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.12.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Origin: https://secexpanda.online
sec-ch-ua-platform: "Linux"
Referer: https://secexpanda.online/Entrar%20com%20login%20e%20senha%20-%20Serasa_files/patternfly.min.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="130", "Google Chrome";v="130", "Not?A_Brand";v="99"
sec-ch-ua-mobile: ?0

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i7tdPVY9NPV8pLwdSPOix6CtBhLXsrFD7HL2R6th%2Blr7abUrCTfQL2GZ3qft%2B1eWCNqIr11bIamltDtpE5mQ1Af%2Fv79SFii0sFLfZ%2BUnAiNJhTFJjX34eFIqPHVwuA4T8DZIig%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d8ccc0acd2aae60-GRU
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2867&sent=44&recv=32&lost=0&retrans=0&sent_bytes=26693&recv_bytes=14223&delivery_rate=34703&cwnd=12000&unsent_bytes=0&cid=fe40f565435684bb&ts=5224&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 26 Oct 2024 19:19:16 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
server: cloudflare
priority: u=0,i=?0

GET
H2 200 l
use.typekit.net/af/a28b50/00000000000000000000e803/27/ 14 KB
14 KB 34ms
4ms Font
application/font-woff2 2.19.10.60
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/a28b50/00000000000000000000e803/27/l?subset_id=2&fvd=n5&v=3
Requested by: Host: secexpanda.online
URL: https://secexpanda.online/Entrar%20com%20login%20e%20senha%20-%20Serasa_files/cqg6djg.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.10.60 São Paulo, Brazil, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-10-60.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6921195f6d966cc0134167205d704064a708697b439e2b0f28241dbe8d58f198

Request headers

Origin: https://secexpanda.online
sec-ch-ua-platform: "Linux"
Referer: https://secexpanda.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="130", "Google Chrome";v="130", "Not?A_Brand";v="99"
sec-ch-ua-mobile: ?0

Response headers

cache-control: public, max-age=31536000
timing-allow-origin: *
etag: "aba9759520a13bcd65ae112a0ee73234856c2eca"
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 14304
date: Sat, 26 Oct 2024 19:19:17 GMT
content-type: application/font-woff2
server: nginx

GET
H2 200 l
use.typekit.net/af/620bf8/00000000000000000000e7fe/27/ 17 KB
17 KB 37ms
7ms Font
application/font-woff2 2.19.10.60
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/620bf8/00000000000000000000e7fe/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: secexpanda.online
URL: https://secexpanda.online/Entrar%20com%20login%20e%20senha%20-%20Serasa_files/cqg6djg.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.10.60 São Paulo, Brazil, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-10-60.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6ca123db8c4e1ce21b2eec77f927c0563c64f04d8fc6c94aff8739eef4ebc9af

Request headers

Origin: https://secexpanda.online
sec-ch-ua-platform: "Linux"
Referer: https://secexpanda.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="130", "Google Chrome";v="130", "Not?A_Brand";v="99"
sec-ch-ua-mobile: ?0

Response headers

cache-control: public, max-age=31536000
timing-allow-origin: *
etag: "b5e7c2e377d10b344b022d96a04daef295e61ac1"
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 17052
date: Sat, 26 Oct 2024 19:19:17 GMT
content-type: application/font-woff2
server: nginx

GET
H2 200 l
use.typekit.net/af/635674/00000000000000000000e800/27/ 15 KB
15 KB 33ms
4ms Font
application/font-woff2 2.19.10.60
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/635674/00000000000000000000e800/27/l?subset_id=2&fvd=n1&v=3
Requested by: Host: secexpanda.online
URL: https://secexpanda.online/Entrar%20com%20login%20e%20senha%20-%20Serasa_files/cqg6djg.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.10.60 São Paulo, Brazil, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-10-60.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 05d950de446200e87f3ad522c1b163f9236a3ad667cd57dc2314fabcfa891c50

Request headers

Origin: https://secexpanda.online
sec-ch-ua-platform: "Linux"
Referer: https://secexpanda.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="130", "Google Chrome";v="130", "Not?A_Brand";v="99"
sec-ch-ua-mobile: ?0

Response headers

cache-control: public, max-age=31536000
timing-allow-origin: *
etag: "adb11759c707b19a8302afc76ae558bcd7acae61"
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 15156
date: Sat, 26 Oct 2024 19:19:17 GMT
content-type: application/font-woff2
server: nginx

GET
H2 200 l
use.typekit.net/af/e3ca36/00000000000000000000e805/27/ 17 KB
17 KB 3ms
3ms Font
application/font-woff2 2.19.10.60
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/e3ca36/00000000000000000000e805/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: secexpanda.online
URL: https://secexpanda.online/Entrar%20com%20login%20e%20senha%20-%20Serasa_files/cqg6djg.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.10.60 São Paulo, Brazil, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-10-60.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 97f752f1bdffe4e12de8fe349f77012495c8926f74f64874a3e740960b365977

Request headers

Origin: https://secexpanda.online
sec-ch-ua-platform: "Linux"
Referer: https://secexpanda.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="130", "Google Chrome";v="130", "Not?A_Brand";v="99"
sec-ch-ua-mobile: ?0

Response headers

cache-control: public, max-age=31536000
timing-allow-origin: *
etag: "4577a8003f294766a3a783ec5fba19dc646ecf7c"
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 17116
date: Sat, 26 Oct 2024 19:19:17 GMT
content-type: application/font-woff2
server: nginx

GET
H3

200

main.js Show response
secexpanda.online/cdn-cgi/challenge-platform/h/b/scripts/jsd/e1a56f38220d/ Frame F173
Redirect Chain

https://secexpanda.online/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://secexpanda.online/cdn-cgi/challenge-platform/h/b/scripts/jsd/e1a56f38220d/main.js?

8 KB
4 KB

16ms
16ms

Script
application/javascript

104.21.12.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secexpanda.online/cdn-cgi/challenge-platform/h/b/scripts/jsd/e1a56f38220d/main.js?

Requested by

Host: secexpanda.online
URL: https://secexpanda.online/

Protocol

Server

104.21.12.70 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c431857ebed000941f29db2b0b69f58eb38e5c3f134106f29bdd913894902aea

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FYNPV38%2BujvLfrsE3z12FsOyOUgmCAKljRD8lgAtye9ufVvo5Ho5szpXcf7hxoCqIcmtlWIVCvNQGpTKtc3myRyQB0WDMdYFUndoKXLnIDKtDWmK3KeBzMpwCpk9af1gDecOsg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8d8ccc0fac73ae60-GRU
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2987&sent=48&recv=35&lost=0&retrans=0&sent_bytes=28347&recv_bytes=15482&delivery_rate=62357&cwnd=12000&unsent_bytes=0&cid=fe40f565435684bb&ts=5961&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 26 Oct 2024 19:19:17 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

Redirect headers

cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/e1a56f38220d/main.js?
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZqqI9dxmU0vu%2BjKteRU59GTzf6Q9OxJy%2BwRbAFwtxDn8htk1Ei%2FSJsQqA0UgJPpHgFx7YFiF4Ej8vwY0W7gh6ni6LNdULxRDm5A5WKh%2F8Hxe9zHOx4ISKkArMc0cEx0I1PE85g%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d8ccc0f9c4bae60-GRU
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=3088&sent=46&recv=34&lost=0&retrans=0&sent_bytes=27614&recv_bytes=14865&delivery_rate=30266&cwnd=12000&unsent_bytes=0&cid=fe40f565435684bb&ts=5945&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 26 Oct 2024 19:19:17 GMT
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

POST
H3 200 8d8ccbd9590c0f3e Show response
secexpanda.online/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame F173 0
1 KB 23ms
19ms XHR
text/plain 104.21.12.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secexpanda.online/cdn-cgi/challenge-platform/h/b/jsd/r/8d8ccbd9590c0f3e
Requested by: Host: secexpanda.online
URL: https://secexpanda.online/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.12.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua-platform: "Linux"
Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="130", "Google Chrome";v="130", "Not?A_Brand";v="99"
Content-Type: application/json
sec-ch-ua-mobile: ?0

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TtN1YBFmFfojjCZp5V7s7CDAA3KNglzaRfQ2A%2BSlVGmr6aCNWOWOmkB%2FuRuidY1Js40v8OCJSsbnoCuREw5yozsJxBSsg8HedcKpVCsyLgM1gaqNk0ujDm5cUYPUWmQgW9kYVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d8ccc106d56ae60-GRU
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3023&sent=56&recv=52&lost=0&retrans=0&sent_bytes=32906&recv_bytes=33001&delivery_rate=336062&cwnd=12000&unsent_bytes=0&cid=fe40f565435684bb&ts=6084&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 0
date: Sat, 26 Oct 2024 19:19:17 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare
priority: u=1,i

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: secexpanda.online
URL: https://secexpanda.online/Entrar%20com%20login%20e%20senha%20-%20Serasa_files/analytics.js.download

Domain: secexpanda.online
URL: https://secexpanda.online/Entrar%20com%20login%20e%20senha%20-%20Serasa_files/gtm.js.download

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Nubank (Banking)

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.secexpanda.online/	1970-01-21 10:08:50	Name: _ga Value: GA1.2.1868147148.1729970352
.secexpanda.online/	1970-01-21 00:34:16	Name: _gid Value: GA1.2.1160130759.1729970352
.secexpanda.online/	1970-01-21 00:32:50	Name: _gat_UA-172503413-1 Value: 1
.secexpanda.online/	1970-01-21 00:32:50	Name: _gat_UA-173210945-2 Value: 1
.secexpanda.online/	1970-01-21 00:32:50	Name: _gat_UA-172503413-4 Value: 1
.secexpanda.online/	1970-01-21 10:08:50	Name: _ga_VZRQZLHGNH Value: GS1.2.1729970352.1.0.1729970352.0.0.0
.secexpanda.online/	1970-01-21 10:08:50	Name: _ga_MKDXNEYT8P Value: GS1.2.1729970352.1.0.1729970352.0.0.0
.secexpanda.online/	1970-01-21 10:08:50	Name: _ga_2FKYTNS5B1 Value: GS1.2.1729970352.1.0.1729970352.0.0.0
.secexpanda.online/	1970-01-21 09:18:26	Name: cf_clearance Value: 3M2keFWLhDe_Gxs5DlTdI2PKgHvvGJQdmN.YKOiss6s-1729970357-1.2.1.1-v8uSv1fH5y4l_caazV3vKWwDqM9EUZVisFg2hyjJMHdRlKNQXbMbu8dNti88py_ZnzNk.4ggxoWb_Ij831ZUXk9kf5UmZyg9lJ4ugK.KJMvLr1HvqEnFKlxiQQiD2eKD0pJO9uIzI.JTtn7Qg8fXTeWprpAVBk7_SG1xNP712TOOU9O._NK9ZyUEToUd8Tj0k5LfoIbcCHIQ8AFVWf.7IZaXCnO9bYxg8_sZ2cKwIMThULKZhnMM6i5FFCbRyVN3Dd.XX95d.7UqZR.rjiFnuuuvU7pRfq7VvLhyBPWO3RcOF26Vhh5BZq0qvLpsxTtkO1Uje1NN10Z0ZPhC.fUYVaPIT37n8N4qpqd3ma7a8p_yi4WDczQCDQy4vfyrA1b6

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://secexpanda.online/img/bg.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://secexpanda.online/fonts/OpenSans-Semibold-webfont.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://secexpanda.online/fonts/OpenSans-Regular-webfont.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://secexpanda.online/fonts/OpenSans-Light-webfont.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://secexpanda.online/fonts/OpenSans-Semibold-webfont.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://secexpanda.online/fonts/OpenSans-Regular-webfont.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://secexpanda.online/fonts/OpenSans-Light-webfont.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://secexpanda.online/fonts/OpenSans-Semibold-webfont.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://secexpanda.online/fonts/OpenSans-Regular-webfont.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://secexpanda.online/fonts/OpenSans-Light-webfont.ttf Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

p.typekit.net
secexpanda.online
use.typekit.net
www.google-analytics.com
www.googletagmanager.com
secexpanda.online
104.21.12.70
142.250.219.14
172.217.29.104
2.19.10.60
23.54.21.57
05d950de446200e87f3ad522c1b163f9236a3ad667cd57dc2314fabcfa891c50
0ca7be56acb788de077b1c03c1860a2f017e045d06497507249db7edbae6a25b
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
2f669b5a7d0781a26dc532ae192a3762ea9e071221b70652f3c16a552df02a49
49f0e1c5403268294ad97080d689aeb60ec3dfbc61ea130936102de1ec605fe0
5ab1a03e96d090586a824972873f4edbf12c5f60aa3cda48910c64b4e9a0835a
6921195f6d966cc0134167205d704064a708697b439e2b0f28241dbe8d58f198
6ca123db8c4e1ce21b2eec77f927c0563c64f04d8fc6c94aff8739eef4ebc9af
6f820d914079c384c19567ed3f8644ae1d3e7a2e05f7082f0587359168439240
84a3d85c067b670c837e8292c6fc33ad76a08443c37fb2987a9a9a6cf7b7f0e9
8ce8eb89aa6e62ae5b57235d0c62d4105fa6b25316c44092dc3e1cbebc4578fb
93274ea461ccab9d2649e482e6f46a7bbcf9596c5c3b0dad0df0467322ccc85e
97f752f1bdffe4e12de8fe349f77012495c8926f74f64874a3e740960b365977
9b0838f80d5373876a86ead7e8658a2d6c8cf8ee5bab604defc220ee0363a25e
a45954d2784005e5de4d6a80f055e94efcf0a0c03c14135a520a37b6c45a2899
a849362d6cd5779e4476c72ea02c5a1e70a13878f0458566f2838877c2e44b89
ae28bec8513af300a2964ae65984e6368f39d6627ed7b3e400329065fa048382
bae41ff593e0cfd5d25ce72edf6731524c8eb91c21e4757ce725e01dafceddb5
c431857ebed000941f29db2b0b69f58eb38e5c3f134106f29bdd913894902aea
c521a5193126f9221d5c3b911e9cca7a946031709593fa4e23c0b68f813544d6
cd5121ba34ce3e40d56417bccf4f29b1b9e135e69176d170e89db8fa382ca1e2
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e01a1506577c1027346e079f21dbc08c617a5fd9d1b00d70d353aa4278de71c8
e33c7fba2e30b8a6f55fa33d4aee5ab8c310f452b630a8bf3c199ae46d3157a0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eccb1c4e0a004f24eb947f501d1fb771104edf515f2f00a3e6b771fa9ad4f739

secexpanda.online Open in urlscan Pro 104.21.12.70 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

40 Requests

93 %HTTPS

0 %IPv6

4 Domains

5 Subdomains

6 IPs

3 Countries

570 kBTransfer

1653 kBSize

9 Cookies

0 Outgoing links

Redirected requests

40 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

secexpanda.online Open in urlscan Pro
104.21.12.70 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

40
Requests

93 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

6
IPs

3
Countries

570 kB
Transfer

1653 kB
Size

9
Cookies

40 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!