pasomiq-nsisoamssmiq.ltseg.com.br

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 3 HTTP transactions. The main IP is 187.18.5.29, located in Salvador, Brazil and belongs to COMPUTADORES E SISTEMAS LTDA, BR. The main domain is pasomiq-nsisoamssmiq.ltseg.com.br.
TLS certificate: Issued by cPanel, Inc. Certification Authority on July 28th 2023. Valid for: 3 months.

This is the only time pasomiq-nsisoamssmiq.ltseg.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	187.18.5.29 187.18.5.29	28269 (COMPUTADO...) (COMPUTADORES E SISTEMAS LTDA)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 187.18.5.29 (Salvador, Brazil)

ASN28269 (COMPUTADORES E SISTEMAS LTDA, BR)
PTR: compos-cp1.compos.com.br

pasomiq-nsisoamssmiq.ltseg.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	ltseg.com.br pasomiq-nsisoamssmiq.ltseg.com.br	120 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 265	11 KB
1	linkedin.com 1 redirects www.linkedin.com — Cisco Umbrella Rank: 543	3 KB
3	3

	Domain	Requested by
2	pasomiq-nsisoamssmiq.ltseg.com.br	pasomiq-nsisoamssmiq.ltseg.com.br
1	cdnjs.cloudflare.com	pasomiq-nsisoamssmiq.ltseg.com.br
1	www.linkedin.com	1 redirects
3	3

This site contains no links.

Subject Issuer	Validity	Valid
pasomiq-nsisoamssmiq.ltseg.com.br cPanel, Inc. Certification Authority	`2023-07-28` - `2023-10-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://pasomiq-nsisoamssmiq.ltseg.com.br/XDqJwqL
Frame ID: 157F698EE999403D6562727E11552892
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Notice Antibot

Page URL History Show full URLs

https://www.linkedin.com/slink?code=gQ4jt_fi HTTP 301
https://pasomiq-nsisoamssmiq.ltseg.com.br/XDqJwqL Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

3
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

131 kB
Transfer

188 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.linkedin.com/slink?code=gQ4jt_fi HTTP 301
https://pasomiq-nsisoamssmiq.ltseg.com.br/XDqJwqL Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

403
Forbidden

Primary Request XDqJwqL Show response
pasomiq-nsisoamssmiq.ltseg.com.br/
Redirect Chain

https://www.linkedin.com/slink?code=gQ4jt_fi
https://pasomiq-nsisoamssmiq.ltseg.com.br/XDqJwqL

3 KB
4 KB

2540ms
945ms

Document
text/html

187.18.5.29
COMPUTADORES E SI...

General

Check archive.org

Show headers Download Go to

Full URL: https://pasomiq-nsisoamssmiq.ltseg.com.br/XDqJwqL
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 187.18.5.29 Salvador, Brazil, ASN28269 (COMPUTADORES E SISTEMAS LTDA, BR),
Reverse DNS: compos-cp1.compos.com.br
Software: Apache / PHP/7.4.33
Resource Hash: 398bca5d530f5476442444bdf7820c510b8a2320ed6c470847421e8a8fdfb552

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Sat, 29 Jul 2023 20:09:54 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Apache
Transfer-Encoding: chunked
X-Powered-By: PHP/7.4.33

Redirect headers

cache-control: no-cache, no-store
content-encoding: gzip
content-security-policy: default-src 'none'; connect-src 'self' *.licdn.com *.linkedin.com cdn.linkedin.oribi.io dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.microsoft.com *.adnxs.com; script-src 'report-sample' 'sha256-SSoodjUD3LGm2FfFCVHGqEb8D4UM3OOigidT2UKDcYg=' 'sha256-cKTgdnmO6+hXd85a9wKg1effVfVzenUAtUCyOKY9bQE=' 'sha256-DwtT8+ZZKpxH9pqZNAmJ3GdbLAh5SsYaXR3omTXPCns=' 'sha256-sV9jZa797T0QWBzcU/CNd4tpBhTnh+TFdLnfjlitl28=' 'sha256-aa/Q8CRBDSqTQbCIyioPhZaz+G+dbPyu7BzsjInEmiU=' 'sha256-THuVhwbXPeTR0HszASqMOnIyxqEgvGyBwSPBKBF/iMc=' 'sha256-zTIusdVJJeXz9+iox2a+pdDglzbpRpFVRzEwvW4AONk=' 'sha256-iC8MPqNLw0FDnsBf4DlSkFLNTwhkI85aouiAEB819ic=' 'sha256-2EqrEvcPzl8c6/TSGVvaVMEe7lg700MAz/te4/3kTYY=' 'sha256-y5uW69VItKj51mcc7UD9qfptDVUqicZL+bItEpvVNDw=' 'sha256-DatsFGoJ8gFkzzxo47Ou76WZ+3QBPOQHtBu9p9b3DhA=' 'sha256-k95cyM8gFgPziZe5VQ2IvJvBUVyd5zFt2CokIUwqdHE=' 'sha256-PyCXNcEkzRWqbiNr087fizmiBBrq9O6GGD8eV3P09Ik=' 'sha256-2SQ55Erm3CPCb+k03EpNxU9bdV3XL9TnVTriDs7INZ4=' 'sha256-S/KSPe186K/1B0JEjbIXcCdpB97krdzX05S+dHnQjUs=' 'sha256-3RIGhhApBii1KY+aW1xk7kFyoQY8vSVE5DfT7E9SJUc=' 'sha256-9pXOIwF4N0gPltLd3AI69lkCjSC2H/Eb3sc5zdmUyYU=' 'sha256-jou6v/Nleyzoc+LXktAv1Fp8M807dVVxy7E/yzVljHc=' 'sha256-6E4e/3dSvj/8JZT2S2yR91mspqM6MyOpKl5lrhHsZa8=' 'sha256-3woF8BZ54TeXM+czaH3aXoaJsVpiamuAKFsXDykAR/Q=' 'sha256-vIfNcKb8ixJg1cfJIoNNYjWcm0lezj1/XpUNFiZyVsU=' 'sha256-cLsHUHFgT/VGX04cZrJ9xgm4HbzTR7ptutkxK+7BlMk=' 'sha256-BwU8jMnQYUhjOpsDVABpfddV/DlP1ZYrFcTumYw7x54=' 'sha256-wz6ika9i3WU3bpUPdhYDZeO/NrDQniDyiscN0LWnyaY=' 'sha256-wy4DvlEW9PHPIGvQJW6Wv4woBSa/0LJHs8LHsBVVXCs=' 'sha256-065A0cJTDQ+hyKvufSL/flW02hIbgLndOINLRWux6To=' 'sha256-Ga5SLB8hPdWUE8Wb6LgZ05D9Z5vrdLAaPbDBW2m3BI8=' snap.licdn.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; img-src data: blob: * android-webview-video-poster:; font-src data: *; style-src 'self' 'unsafe-inline' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; media-src 'self' *.licdn.com *.lynda.com; worker-src 'self' blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; frame-src 'self' www.youtube.com/embed/ www.youtube-nocookie.com/embed/ lnkd.demdex.net smartlock.google.com accounts.google.com player.vimeo.com *.linkedin.com www.slideshare.net *.megaphone.fm *.omny.fm *.sounder.fm msit.powerbi.com app.powerbi.com linkedin.github.io *.licdn.com *.adnxs.com acdn.adnxs-simple.com radar.cedexis.com; frame-ancestors 'self' *.www.linkedin.com:*; manifest-src 'self'; report-uri https://www.linkedin.com/security/csp?f=default
date: Sat, 29 Jul 2023 20:09:53 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://pasomiq-nsisoamssmiq.ltseg.com.br/XDqJwqL
pragma: no-cache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
x-content-type-options: nosniff
x-frame-options: sameorigin
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAYBpcfWsgSGkO4Vxk/OUQ==
x-msedge-ref: Ref A: BB2D1A2F04D7468B9EF5C426FF8CC3AE Ref B: FRAEDGE1917 Ref C: 2023-07-29T20:09:54Z

GET
H2 200 all.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.2/css/ 68 KB
11 KB 39ms
15ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.2/css/all.css

Requested by

Host: pasomiq-nsisoamssmiq.ltseg.com.br
URL: https://pasomiq-nsisoamssmiq.ltseg.com.br/XDqJwqL

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a62a847fb029ec2329b3c92b0d0b1239366017e314ff430fc8f5b67a78f9238d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pasomiq-nsisoamssmiq.ltseg.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 20:09:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 6883370
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10228
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-111e5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=etrjBsiDSi1R3jamFAXLyPB1jUV4FpqeZ%2FVr0SV63ONxsSxKT4vcgWWD%2FIh%2F3s%2FkEkhX93DeXi902EdBL%2BzhRP50ITa2sTeWhKKk6%2B%2Ff00eepGCbI7wqf0VZbtFBxiBxdpagyxS%2B5b8vsklKmreZce3Z"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7ee800a2c92b085d-FRA
expires: Thu, 18 Jul 2024 20:09:56 GMT

GET
H/1.1 200
OK style.css
pasomiq-nsisoamssmiq.ltseg.com.br/ 116 KB
117 KB 229ms
229ms Stylesheet
text/css 187.18.5.29
COMPUTADORES E SI...

General

Check archive.org

Show headers Download Go to

Full URL: https://pasomiq-nsisoamssmiq.ltseg.com.br/style.css
Requested by: Host: pasomiq-nsisoamssmiq.ltseg.com.br
URL: https://pasomiq-nsisoamssmiq.ltseg.com.br/XDqJwqL
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 187.18.5.29 Salvador, Brazil, ASN28269 (COMPUTADORES E SISTEMAS LTDA, BR),
Reverse DNS: compos-cp1.compos.com.br
Software: Apache /
Resource Hash: 39918f52f979c28d141aa54e7912146f374c9eab13b9fa998805dd233446fbb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pasomiq-nsisoamssmiq.ltseg.com.br/XDqJwqL
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Sat, 29 Jul 2023 20:09:55 GMT
Last-Modified: Mon, 07 Oct 2019 20:02:30 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 119248

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.linkedin.com/	1970-01-20 22:23:17	Name: bcookie Value: "v=2&64841258-1e62-4099-8a25-184ca8d25a16"
.www.linkedin.com/	1970-01-20 22:23:17	Name: bscookie Value: "v=1&202307292009542a213494-9e98-44ef-82b1-c17c3f28b356AQELnhw2SbVpApyq7bQC8w9Rywo3dAl8"
.linkedin.com/	1970-01-20 17:56:53	Name: li_gc Value: MTswOzE2OTA2NjEzOTQ7MjswMjHJOjFP39w2lhcVBxAwIe+/1mqnSldxma3CHa3lwcRzlg==
.linkedin.com/	1970-01-20 13:39:07	Name: lidc Value: "b=OGST00:s=O:r=O:a=O:p=O:g=3040:u=1:x=1:i=1690661394:t=1690747794:v=2:sig=AQGOVEJqzAgdWK3KjnzKkNhgtSu5W6Nj"
pasomiq-nsisoamssmiq.ltseg.com.br/	1969-12-31 23:59:59	Name: PHPSESSID Value: ad25bdb78e8012c644ddc124be00699b

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pasomiq-nsisoamssmiq.ltseg.com.br/XDqJwqL Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
pasomiq-nsisoamssmiq.ltseg.com.br
www.linkedin.com
187.18.5.29
2606:4700::6811:190e
2620:1ec:21::14
398bca5d530f5476442444bdf7820c510b8a2320ed6c470847421e8a8fdfb552
39918f52f979c28d141aa54e7912146f374c9eab13b9fa998805dd233446fbb3
a62a847fb029ec2329b3c92b0d0b1239366017e314ff430fc8f5b67a78f9238d

pasomiq-nsisoamssmiq.ltseg.com.br Open in urlscan Pro 187.18.5.29 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

3 Requests

100 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

2 IPs

2 Countries

131 kBTransfer

188 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

5 Cookies

1 Console Messages

Indicators

pasomiq-nsisoamssmiq.ltseg.com.br Open in urlscan Pro
187.18.5.29 Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

131 kB
Transfer

188 kB
Size

5
Cookies

3 HTTP transactions
0 data transactions