seguro.paguecompras.online Open in urlscan Pro
172.66.44.87 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://seguro.paguecompras.online/
Submission: On November 17 via automatic, source certstream-suspicious (November 17th 2024, 8:31:16 pm UTC) — Scanned from US

Summary HTTP 24 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 1 countries across 9 domains to perform 24 HTTP transactions. The main IP is 172.66.44.87, located in United States and belongs to CLOUDFLARENET, US. The main domain is seguro.paguecompras.online.
TLS certificate: Issued by WE1 on November 17th 2024. Valid for: 3 months.

This is the only time seguro.paguecompras.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	172.66.44.87 172.66.44.87	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4004:c0b::61	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c08::5f	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:bdf::40 2620:1ec:bdf::40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2607:f8b0:400... 2607:f8b0:4004:c09::79	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:64	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	64.233.180.94 64.233.180.94	15169 (GOOGLE) (GOOGLE)
2	20.114.189.70 20.114.189.70	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	20.110.205.119 20.110.205.119	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
24	10

11 172.66.44.87 (United States)

ASN13335 (CLOUDFLARENET, US)

seguro.paguecompras.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c0b::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c08::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c09::79 (Washington, United States)

ASN15169 (GOOGLE, US)

api.checkoutblank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:64 (United States)

ASN13335 (CLOUDFLARENET, US)

get.geojs.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.180.94 (United States)

ASN15169 (GOOGLE, US)
PTR: pe-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.114.189.70 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

t.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.110.205.119 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	paguecompras.online seguro.paguecompras.online	311 KB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 625 t.clarity.ms — Cisco Umbrella Rank: 8178 c.clarity.ms — Cisco Umbrella Rank: 1269	30 KB
2	checkoutblank.com api.checkoutblank.com	13 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	158 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 205	773 B
1	gstatic.com fonts.gstatic.com	35 KB
1	geojs.io get.geojs.io — Cisco Umbrella Rank: 17012	1001 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
24	9

	Domain	Requested by
11	seguro.paguecompras.online	seguro.paguecompras.online
2	c.clarity.ms	1 redirects
2	t.clarity.ms	www.clarity.ms
2	api.checkoutblank.com	seguro.paguecompras.online
2	www.clarity.ms	seguro.paguecompras.online www.clarity.ms
2	www.googletagmanager.com	seguro.paguecompras.online www.googletagmanager.com
1	www.google-analytics.com	www.googletagmanager.com
1	c.bing.com	1 redirects
1	fonts.gstatic.com	fonts.googleapis.com
1	get.geojs.io	seguro.paguecompras.online
1	fonts.googleapis.com	seguro.paguecompras.online
24	11

This site contains no links.

Subject Issuer	Validity	Valid
seguro.paguecompras.online WE1	`2024-11-17` - `2025-02-15`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2024-09-04` - `2025-09-04`	a year	crt.sh
api.checkoutblank.com WR3	`2024-10-04` - `2025-01-03`	3 months	crt.sh
geojs.io WE1	`2024-11-02` - `2025-01-31`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://seguro.paguecompras.online/
Frame ID: BABA79A7CBF4241C0EA5E9D7566A0F21
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Link Inválido

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

24
Requests

96 %
HTTPS

64 %
IPv6

9
Domains

11
Subdomains

10
IPs

1
Countries

549 kB
Transfer

1680 kB
Size

12
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=5478BC9EDA15479CBA79261D20B3BD74&RedC=c.clarity.ms&MXFR=1FAC18F7916C65333B9D0DCD956C6B16 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=5478BC9EDA15479CBA79261D20B3BD74&MUID=2E8BECD85C796E9E0006F9E25DE96F64

24 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
seguro.paguecompras.online/ 2 KB
1 KB 1448ms
306ms Document
text/html 172.66.44.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguro.paguecompras.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc707198340c3068839077f90f1cd2af13e60e9aca779da49f603c34d86bb716

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-ray: 8e427b9d4c61b3d9-MIA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 17 Nov 2024 20:31:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cVSewHVdR%2FLeWS9%2FxuafnflYwwPYCEbA0lsVCF4HOUc0lA90%2BKatlTjRa2UrUgm%2F1BUWordc7faSq%2Bott77c2tELjwSl3mVKbPRny0J8PIJXDqX%2FZY3BZs%2BRda8Xx%2BdVbwfV%2FT30LThkfdImjw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=30551&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4145&recv_bytes=4489&delivery_rate=504&cwnd=12000&unsent_bytes=0&cid=7d709c8fa10c7b19&ts=313&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H3 200 vendor.d8c0d9d3.css
seguro.paguecompras.online/css/ 290 KB
53 KB 188ms
187ms Stylesheet
text/css 172.66.44.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguro.paguecompras.online/css/vendor.d8c0d9d3.css

Requested by

Host: seguro.paguecompras.online
URL: https://seguro.paguecompras.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b760f4c847e21ca0fec552f5077e18e820b51fbb1cda02bd1a34ade5eabe45fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://seguro.paguecompras.online/

Response headers

content-encoding: br
etag: W/"5b65d9a7383889cca0351e316c014cc9"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2MuLzxELt%2BW65xMxjQU5oKlWiTz1UdQf60N3pvB%2BH2zUDosm65MPFfpNfaWppNFEsv2P5FTVvzJnSHun2w1N5bJ22YrUmkYSJMxf2atdgMjHfI2ds8ookTIQEejxBjIbvZqpVvLWGzqE%2FiJYYw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=30436&sent=26&recv=15&lost=0&retrans=0&sent_bytes=17661&recv_bytes=5807&delivery_rate=49603&cwnd=12000&unsent_bytes=0&cid=7d709c8fa10c7b19&ts=490&x=1", cfExtPri, cfHdrFlush;dur=21
date: Sun, 17 Nov 2024 20:31:11 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e427b9f3ef6b3d9-MIA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 app.40d263ea.css
seguro.paguecompras.online/css/ 9 KB
3 KB 158ms
157ms Stylesheet
text/css 172.66.44.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguro.paguecompras.online/css/app.40d263ea.css

Requested by

Host: seguro.paguecompras.online
URL: https://seguro.paguecompras.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b7702499535ae029f3c0bcd74efa7d7997b81930ebb68c124e2f9ae405d9a3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://seguro.paguecompras.online/

Response headers

content-encoding: br
etag: W/"1482c3669f1e4954313d84e7d300ae97"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H8ove3t81CblOI1w4vVanwpOrNZM5B07jnCHEFIuliqiNu9pZpuqToPe4N2YlCj36MQ3A%2Bjc%2FsJHwRo7piKHLLWu4Gx6G%2BZMAOKidUkfiqP1Uv1npd7aBV3oo4DWngj9Xm6xTDHa%2By8N94uMdw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=30436&sent=15&recv=15&lost=0&retrans=0&sent_bytes=5661&recv_bytes=5807&delivery_rate=49603&cwnd=12000&unsent_bytes=0&cid=7d709c8fa10c7b19&ts=481&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 17 Nov 2024 20:31:11 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e427b9f3ef9b3d9-MIA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 137 KB
53 KB 184ms
66ms Script
application/javascript 2607:f8b0:4004:c0b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js

Requested by

Host: seguro.paguecompras.online
URL: https://seguro.paguecompras.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0b3b15d621b2e30a55bbd37131e7e3f4a580b320eeaa737733ea2c22549d93b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://seguro.paguecompras.online/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sun, 17 Nov 2024 20:31:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 17 Nov 2024 20:31:11 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 17 Nov 2024 18:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 53199
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 vendor.88bab874.js Show response
seguro.paguecompras.online/js/ 744 KB
231 KB 317ms
316ms Script
application/javascript 172.66.44.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguro.paguecompras.online/js/vendor.88bab874.js

Requested by

Host: seguro.paguecompras.online
URL: https://seguro.paguecompras.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc34d9a348f9e8e12c7af720bcc7064eea44509f4b9b0ce91e841e93137176f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://seguro.paguecompras.online/

Response headers

content-encoding: br
etag: W/"b8504aa166bc6cd8699ef3996478cec4"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EvAjkbQmeqVh8fhAa4oRfo2hxPJmqN%2Bkw2%2F0tAeqrrR5prdQIPRbgE4YFyaeMAH1eYNkRuKtagxibaIHPTedHm9198dNbvCpA9nJFHPYHwcA2AyHc%2BouVtOO81JEewXH0h8YnjJzyINexJ0dEg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=36473&sent=78&recv=46&lost=0&retrans=0&sent_bytes=76319&recv_bytes=7149&delivery_rate=1128195&cwnd=39900&unsent_bytes=0&cid=7d709c8fa10c7b19&ts=640&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 17 Nov 2024 20:31:11 GMT
content-type: application/javascript
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e427b9f3efab3d9-MIA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 app.2b429c84.js Show response
seguro.paguecompras.online/js/ 33 KB
12 KB 162ms
161ms Script
application/javascript 172.66.44.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguro.paguecompras.online/js/app.2b429c84.js

Requested by

Host: seguro.paguecompras.online
URL: https://seguro.paguecompras.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd59e74cee34ea324c157daae13d95d20fb73c9da2ea091caf8b56b3d7bc4994

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://seguro.paguecompras.online/

Response headers

content-encoding: br
etag: W/"d91a7a21bd40b68b25a541d20939f109"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gk0UJHLSHo2NC0sS0dvmtnpEWzeI3sCTy1YpNCSQX%2FvXniuJJlAH9v2x6vYeIrp8kzkrGIZat19PwR7zLtidilnb2f2k2AFI2RsdTeBDtDntrofvnA84f7r0ohB2yMIbEoqRi5ImrukaGOMI6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=30436&sent=18&recv=15&lost=0&retrans=0&sent_bytes=8388&recv_bytes=5807&delivery_rate=49603&cwnd=12000&unsent_bytes=0&cid=7d709c8fa10c7b19&ts=486&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 17 Nov 2024 20:31:11 GMT
content-type: application/javascript
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e427b9f3efeb3d9-MIA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 css2
fonts.googleapis.com/ 13 KB
1 KB 186ms
70ms Stylesheet
text/css 2607:f8b0:4004:c08::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Rubik:wght@300;400;500;700;900&display=swap

Requested by

Host: seguro.paguecompras.online
URL: https://seguro.paguecompras.online/css/app.40d263ea.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3c61186b1acc4b68b5e071737df2051eace6cf3128f6c4322c467f2e9a1111fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://seguro.paguecompras.online/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sun, 17 Nov 2024 20:31:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 17 Nov 2024 20:31:11 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sun, 17 Nov 2024 20:31:11 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 foweli79f9 Show response
www.clarity.ms/tag/ 689 B
1 KB 222ms
64ms Script
application/x-javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/foweli79f9
Requested by: Host: seguro.paguecompras.online
URL: https://seguro.paguecompras.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cb142b64195ef91e59fbd48610642bad019bbfc366048876fb9983f2700c8975

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://seguro.paguecompras.online/

Response headers

cache-control: no-cache, no-store
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
expires: -1
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 689
date: Sun, 17 Nov 2024 20:31:11 GMT
content-type: application/x-javascript
x-azure-ref: 20241117T203111Z-17958fbc6d4vfl2xhC1MIA8hz000000007bg00000001fqfx

OPTIONS
H2 204 options
api.checkoutblank.com/api/ 0
0 429ms
112ms Preflight
text/html 2607:f8b0:4004:c09::79
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.checkoutblank.com/api/options

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::79 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: GET
Origin: https://seguro.paguecompras.online
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: authorization,content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://seguro.paguecompras.online
access-control-expose-headers: X-Total-Count
content-length: 0
content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Sun, 17 Nov 2024 20:31:12 GMT
origin-agent-cluster: ?1
referrer-policy: no-referrer
server: Google Frontend
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin, Access-Control-Request-Headers
x-cloud-trace-context: bb8c8ea52a7789aa95807e94fa3df93c;o=1
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

GET
H2 200 geo.json Show response
get.geojs.io/v1/ip/ 347 B
1001 B 146ms
66ms XHR
application/json 2606:4700:20::681a:64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://get.geojs.io/v1/ip/geo.json

Requested by

Host: seguro.paguecompras.online
URL: https://seguro.paguecompras.online/js/vendor.88bab874.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f39bfeaa281e3c4d477e09c6b4f3b99ac9c3509969354d9b863a3059fff3b119

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://seguro.paguecompras.online/

Response headers

x-request-id: 9ef2db4f9c6d07d1350df0a45ac2430b-ASH
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0q30EShFo1fzBDBElcvVwjkwzoAp4iuBFexuDIVL83%2FNxJBeefI8kRY9l4s3Q20XPnB2%2BqFzbfpibV2OuHJvXMnou4mB%2BnNwJaKDB9v%2BYOaxBWcJYAFrEF9qTZKlt9y0hG0ZI168%2FzT6fg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=29878&sent=8&recv=12&lost=0&retrans=0&sent_bytes=4044&recv_bytes=2237&delivery_rate=129881&cwnd=254&unsent_bytes=0&cid=0c20606ccc28ce79&ts=72&x=0"
date: Sun, 17 Nov 2024 20:31:11 GMT
content-type: application/json
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
cf-ray: 8e427ba2af2521f4-MIA
access-control-allow-origin: *
geojs-backend: ash-01
server: cloudflare

GET
H3 200 1.98522d91.css
seguro.paguecompras.online/css/ 245 B
848 B 145ms
144ms Stylesheet
text/css 172.66.44.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguro.paguecompras.online/css/1.98522d91.css

Requested by

Host: seguro.paguecompras.online
URL: https://seguro.paguecompras.online/js/app.2b429c84.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62a7271080761b60064642dcaf2fd4d35998573377486002d8f5d7e35c6b5c0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://seguro.paguecompras.online/

Response headers

content-encoding: br
etag: W/"c3f9156917e066d228a27aa77185daee"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bl9Vsn2%2BRfn2Zf6XKH0BhVx34w%2BvUTKKnVtvsNTFBvOltO5CtMbHUs6SQDjigcsRwKbwO99yQAIkOIP62sQXG%2BS%2FraR0JnqnOZcCcSLzjDXP3bmLeeWs3cGqGbbINkadbQkfoudBVDZIDA8wvA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=39762&sent=289&recv=83&lost=0&retrans=0&sent_bytes=318754&recv_bytes=9842&delivery_rate=2817538&cwnd=138300&unsent_bytes=0&cid=7d709c8fa10c7b19&ts=945&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 17 Nov 2024 20:31:11 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e427ba23adbb3d9-MIA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 1.e0234c23.js Show response
seguro.paguecompras.online/js/ 1 KB
1 KB 188ms
186ms Script
application/javascript 172.66.44.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguro.paguecompras.online/js/1.e0234c23.js

Requested by

Host: seguro.paguecompras.online
URL: https://seguro.paguecompras.online/js/app.2b429c84.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

114a0d9d604e8222b60e0d5e8c2a737758a5b630da0853aa24ceccf6ea8452ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://seguro.paguecompras.online/

Response headers

content-encoding: br
etag: W/"40b0964fb602751099696238971d1f05"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o6pp7Y%2B0egaPKgK6iDtcmORs17BYQ8RAqrJr0oREOh5%2B0tcV%2BSlBh0IG4Wr5prYGndZEROrokDDcioGgiOQ35yFkLrK5phzSPQuU1iN8vb4YH8jzX7g8lCh8qSukUv5T0eUtgqMEzW2uAiwFwg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=38643&sent=293&recv=84&lost=0&retrans=0&sent_bytes=321839&recv_bytes=9887&delivery_rate=11391&cwnd=138300&unsent_bytes=0&cid=7d709c8fa10c7b19&ts=988&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 17 Nov 2024 20:31:11 GMT
content-type: application/javascript
vary: Accept-Encoding
priority: u=3,i=?0
cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e427ba23adeb3d9-MIA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 6.0ed2d574.css
seguro.paguecompras.online/css/ 182 B
828 B 151ms
150ms Stylesheet
text/css 172.66.44.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguro.paguecompras.online/css/6.0ed2d574.css

Requested by

Host: seguro.paguecompras.online
URL: https://seguro.paguecompras.online/js/app.2b429c84.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d18791d57e5492ef18b744408872c9a4b096ae43f247dbcd9fe7b08cabab86ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://seguro.paguecompras.online/

Response headers

content-encoding: br
etag: W/"46c4c40677ede8664668ef2094c48e65"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X47QrwOH1DqTjnvHiQDvpG%2B7IqG0T5xIsK9MStNxLfpp2%2FitBQmUQMIAxqYTaqhgzJTrJMKlcxoVlJlq%2Fpbr68XRJruJ3P7Kg5W6sr6s1421GUqgZFJBUkbwCfCgCPVm6SsWjUjkpuGVEUAClg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=39762&sent=290&recv=83&lost=0&retrans=0&sent_bytes=319625&recv_bytes=9842&delivery_rate=2817538&cwnd=138300&unsent_bytes=0&cid=7d709c8fa10c7b19&ts=952&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 17 Nov 2024 20:31:11 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e427ba23adfb3d9-MIA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 6.d3925a7d.js Show response
seguro.paguecompras.online/js/ 1 KB
1 KB 156ms
154ms Script
application/javascript 172.66.44.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguro.paguecompras.online/js/6.d3925a7d.js

Requested by

Host: seguro.paguecompras.online
URL: https://seguro.paguecompras.online/js/app.2b429c84.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b6328a73be17c8cc111af86cd7bd73ac3ff74d7e96f7b87a9e7894daee20415

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://seguro.paguecompras.online/

Response headers

content-encoding: br
etag: W/"7a7c113fbd034e3ce3caac9bd00f8fe0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XXIV48v3sP4sZO%2Bs5BfeNNcxWQJF3GJUHQI5qMGJzNjV3WEKvg%2F5CPRDZAl4fir6yUzib5sot8pZf7I9ecwQJOVyIghl2%2BXJnIxgbm8cA4lcAi6JshD7vkfEvtOrSgn2VWd%2FFJbdKe0dIhen0A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=39762&sent=291&recv=83&lost=0&retrans=0&sent_bytes=320476&recv_bytes=9842&delivery_rate=2817538&cwnd=138300&unsent_bytes=0&cid=7d709c8fa10c7b19&ts=957&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 17 Nov 2024 20:31:11 GMT
content-type: application/javascript
vary: Accept-Encoding
priority: u=3,i=?0
cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e427ba23ae0b3d9-MIA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 options Show response
api.checkoutblank.com/api/ 13 KB
13 KB 83ms
83ms XHR
application/json 2607:f8b0:4004:c09::79
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.checkoutblank.com/api/options

Requested by

Host: seguro.paguecompras.online
URL: https://seguro.paguecompras.online/js/vendor.88bab874.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::79 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

5e117084db223207a17b61dda1459b31a9e00871d69c74825e33da06643caae5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Authorization: Bearer null
Referer: https://seguro.paguecompras.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Content-Type: application/json

Response headers

access-control-expose-headers: X-Total-Count
etag: W/"3216-ImKRegKhzt2mS5aDFR3YDgZlyKs"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
date: Sun, 17 Nov 2024 20:31:12 GMT
content-type: application/json; charset=utf-8
vary: Origin
x-cloud-trace-context: 034330963f17394a17e895001faedb04
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control: off
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
referrer-policy: no-referrer
x-download-options: noopen
cross-origin-embedder-policy: require-corp
access-control-allow-origin: https://seguro.paguecompras.online
content-length: 12822
x-xss-protection: 0
origin-agent-cluster: ?1
server: Google Frontend

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.56/ 66 KB
28 KB 73ms
73ms Script
application/javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.56/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/foweli79f9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: dc1da692990307185621fd661b7305e29d3a0a5ba0f0d998e5a1463a17c57044

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://seguro.paguecompras.online/

Response headers

x-azure-ref: 20241117T203111Z-17958fbc6d4vfl2xhC1MIA8hz000000007bg00000001fqg8
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
content-encoding: br
etag: W/"0x8DD041B2B98F09E"
x-fd-int-roxy-purgeid: 79034942
x-ms-request-id: 6d9c5319-001e-0079-5d71-36d2ff000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Sun, 17 Nov 2024 20:31:11 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 13 Nov 2024 19:41:29 GMT

GET
H3 200 iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v28/ 35 KB
35 KB 113ms
56ms Font
font/woff2 64.233.180.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v28/iJWKBXyIfDnIV7nBrXw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Rubik:wght@300;400;500;700;900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

64.233.180.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

pe-in-f94.1e100.net

Software

sffe /

Resource Hash

47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://seguro.paguecompras.online
Referer: https://fonts.googleapis.com/

Response headers

age: 28168
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Mon, 17 Nov 2025 12:41:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 17 Nov 2024 12:41:44 GMT
last-modified: Thu, 29 Jun 2023 16:14:39 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 35448
x-xss-protection: 0
server: sffe

GET
H3 200 loading.svg
seguro.paguecompras.online/img/ 4 KB
3 KB 156ms
155ms Image
image/svg+xml 172.66.44.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguro.paguecompras.online/img/loading.svg

Requested by

Host: seguro.paguecompras.online
URL: https://seguro.paguecompras.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5695cd649e469e035fbed574660a2822b2416d2e714731950249f1291567c7fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://seguro.paguecompras.online/

Response headers

content-encoding: br
etag: W/"d8f7be82002f57582470d9e5f6760c17"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1RNp9mLki4uV1aDoGpaComcw9Y%2BGJtzwnojOJyquyRex%2BB90eS0Jb0tK67iRrN7YWMoW%2FVctzebhEjU%2BX1v6UGiv74sTLhocrt3Ic3WZMe6MjDQiVXKDQDViqgxtWQJDodIPw2o3R3STJir%2FXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=38389&sent=296&recv=87&lost=0&retrans=0&sent_bytes=323442&recv_bytes=10357&delivery_rate=18865&cwnd=138300&unsent_bytes=0&cid=7d709c8fa10c7b19&ts=1183&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 17 Nov 2024 20:31:12 GMT
content-type: image/svg+xml
vary: Accept-Encoding
priority: u=3,i
cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e427ba3acceb3d9-MIA
access-control-allow-origin: *
server: cloudflare

POST
H/1.1 204
No Content collect Show response
t.clarity.ms/ 0
290 B 207ms
58ms XHR
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.56/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://seguro.paguecompras.online/

Response headers

Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
Access-Control-Allow-Origin: https://seguro.paguecompras.online
Date: Sun, 17 Nov 2024 20:31:12 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=5478BC9EDA15479CBA79261D20B3BD74&RedC=c.clarity.ms&MXFR=1FAC18F7916C65333B9D0DCD956C6B16
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=5478BC9EDA15479CBA79261D20B3BD74&MUID=2E8BECD85C796E9E0006F9E25DE96F64

42 B
466 B

52ms
51ms

Image
image/gif

20.110.205.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=5478BC9EDA15479CBA79261D20B3BD74&MUID=2E8BECD85C796E9E0006F9E25DE96F64
Protocol: H2
Server: 20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://seguro.paguecompras.online/

Response headers

cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
etag: "8d3dafd6e71fdb1:0"
accept-ranges: bytes
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length: 42
date: Sun, 17 Nov 2024 20:31:12 GMT
content-type: image/gif
last-modified: Wed, 16 Oct 2024 16:24:13 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

Redirect headers

cache-control: private, no-cache, proxy-revalidate, no-store
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=5478BC9EDA15479CBA79261D20B3BD74&MUID=2E8BECD85C796E9E0006F9E25DE96F64
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3503B09FE74440ECA9A197BE9917C926 Ref B: MIAEDGE1808 Ref C: 2024-11-17T20:31:12Z
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length: 0
date: Sun, 17 Nov 2024 20:31:12 GMT
x-powered-by: ASP.NET

GET
H3 200 favicon.ico
seguro.paguecompras.online/ 15 KB
4 KB 64ms
64ms Other
image/vnd.microsoft.icon 172.66.44.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguro.paguecompras.online/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

820bf5f409fd502222f96b753037aed3b9489c754c15c8c0eae44470ae9b3cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://seguro.paguecompras.online/

Response headers

content-encoding: br
etag: W/"9e6ac86fc61f148eb98908347d7aaab3"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kzw2CWzNvr57Z9V7%2F%2BHt56KUquXCgp%2Fg5vwlEREDFZvkLIsDnUkPZAKZo9f2glS7g6FEbjHQRjc76OktzH64cXC%2FleX8Ip5ljoKR%2B1UbOS9VJibeeyBZbbJJHQmUsdiYUSTg2ItPC%2FLFv4jQOw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=37305&sent=300&recv=88&lost=0&retrans=0&sent_bytes=326344&recv_bytes=10750&delivery_rate=17963&cwnd=138300&unsent_bytes=0&cid=7d709c8fa10c7b19&ts=1253&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 17 Nov 2024 20:31:12 GMT
content-type: image/vnd.microsoft.icon
vary: Accept-Encoding
priority: u=1,i
cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e427ba4ae6ab3d9-MIA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 316 KB
105 KB 89ms
87ms Script
application/javascript 2607:f8b0:4004:c0b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JGJ0MDW63C&l=dataLayer&cx=c&gtm=453e4bc0za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2fd27b2a124f9a15253f48d1aaea67cd770f742b94d7d6edf654c02c335408af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://seguro.paguecompras.online/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sun, 17 Nov 2024 20:31:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 17 Nov 2024 20:31:12 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 107874
x-xss-protection: 0
server: Google Tag Manager

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 289ms
80ms Fetch
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-JGJ0MDW63C&gtm=45je4bc0h1v9104969356za200&_p=1731875471573&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067554~102067808~102077855&cid=1303534592.1731875472&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1731875472&sct=1&seg=0&dl=https%3A%2F%2Fseguro.paguecompras.online%2F&dt=Link%20Inv%C3%A1lido&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2739
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JGJ0MDW63C&l=dataLayer&cx=c&gtm=453e4bc0za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://seguro.paguecompras.online/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://seguro.paguecompras.online
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 17 Nov 2024 20:31:12 GMT
content-type: text/plain
server: Golfe2

POST
H/1.1 204
No Content collect Show response
t.clarity.ms/ 0
290 B 55ms
54ms XHR
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.56/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://seguro.paguecompras.online/

Response headers

Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
Access-Control-Allow-Origin: https://seguro.paguecompras.online
Date: Sun, 17 Nov 2024 20:31:13 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.clarity.ms/	1970-01-21 09:50:11	Name: CLID Value: 51bc459ea95b419baa1e7ee4883464f6.20241117.20251117
.paguecompras.online/	1970-01-21 09:50:11	Name: _clck Value: rhy14y%7C2%7Cfqy%7C0%7C1782
.paguecompras.online/	1970-01-21 01:06:01	Name: _clsk Value: 1flb4gm%7C1731875472212%7C1%7C1%7Ct.clarity.ms%2Fcollect
.paguecompras.online/	1970-01-21 10:40:35	Name: _ga Value: GA1.1.1303534592.1731875472
.paguecompras.online/	1970-01-21 10:40:35	Name: _ga_JGJ0MDW63C Value: GS1.1.1731875472.1.0.1731875472.0.0.0
.bing.com/	1970-01-21 10:26:11	Name: MUID Value: 2E8BECD85C796E9E0006F9E25DE96F64
.c.bing.com/	1970-01-21 01:14:40	Name: MR Value: 0
.c.bing.com/	1970-01-21 10:26:11	Name: SRM_B Value: 2E8BECD85C796E9E0006F9E25DE96F64
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 10:26:11	Name: MUID Value: 2E8BECD85C796E9E0006F9E25DE96F64
.c.clarity.ms/	1970-01-21 01:14:40	Name: MR Value: 0
.c.clarity.ms/	1970-01-21 01:04:36	Name: ANONCHK Value: 0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.checkoutblank.com
c.bing.com
c.clarity.ms
fonts.googleapis.com
fonts.gstatic.com
get.geojs.io
seguro.paguecompras.online
t.clarity.ms
www.clarity.ms
www.google-analytics.com
www.googletagmanager.com
172.66.44.87
20.110.205.119
20.114.189.70
2001:4860:4802:34::178
2606:4700:20::681a:64
2607:f8b0:4004:c08::5f
2607:f8b0:4004:c09::79
2607:f8b0:4004:c0b::61
2620:1ec:bdf::40
2620:1ec:c11::237
64.233.180.94
0b3b15d621b2e30a55bbd37131e7e3f4a580b320eeaa737733ea2c22549d93b8
114a0d9d604e8222b60e0d5e8c2a737758a5b630da0853aa24ceccf6ea8452ce
2b6328a73be17c8cc111af86cd7bd73ac3ff74d7e96f7b87a9e7894daee20415
2fd27b2a124f9a15253f48d1aaea67cd770f742b94d7d6edf654c02c335408af
3c61186b1acc4b68b5e071737df2051eace6cf3128f6c4322c467f2e9a1111fe
47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445
5695cd649e469e035fbed574660a2822b2416d2e714731950249f1291567c7fb
5e117084db223207a17b61dda1459b31a9e00871d69c74825e33da06643caae5
62a7271080761b60064642dcaf2fd4d35998573377486002d8f5d7e35c6b5c0c
820bf5f409fd502222f96b753037aed3b9489c754c15c8c0eae44470ae9b3cda
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b7702499535ae029f3c0bcd74efa7d7997b81930ebb68c124e2f9ae405d9a3a
b760f4c847e21ca0fec552f5077e18e820b51fbb1cda02bd1a34ade5eabe45fe
bd59e74cee34ea324c157daae13d95d20fb73c9da2ea091caf8b56b3d7bc4994
cb142b64195ef91e59fbd48610642bad019bbfc366048876fb9983f2700c8975
d18791d57e5492ef18b744408872c9a4b096ae43f247dbcd9fe7b08cabab86ea
dc1da692990307185621fd661b7305e29d3a0a5ba0f0d998e5a1463a17c57044
dc34d9a348f9e8e12c7af720bcc7064eea44509f4b9b0ce91e841e93137176f4
dc707198340c3068839077f90f1cd2af13e60e9aca779da49f603c34d86bb716
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f39bfeaa281e3c4d477e09c6b4f3b99ac9c3509969354d9b863a3059fff3b119

seguro.paguecompras.online Open in urlscan Pro 172.66.44.87 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

24 Requests

96 %HTTPS

64 %IPv6

9 Domains

11 Subdomains

10 IPs

1 Countries

549 kBTransfer

1680 kBSize

12 Cookies

0 Outgoing links

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

12 Cookies

Security Headers

Indicators

seguro.paguecompras.online Open in urlscan Pro
172.66.44.87 Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

96 %
HTTPS

64 %
IPv6

9
Domains

11
Subdomains

10
IPs

1
Countries

549 kB
Transfer

1680 kB
Size

12
Cookies

24 HTTP transactions
0 data transactions