liipeeret-001-site1.jtempurl.com Open in urlscan Pro
208.98.35.134 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://liipeeret-001-site1.jtempurl.com/index.php
Effective URL:
https://liipeeret-001-site1.jtempurl.com/index.php
Submission: On October 23 via automatic, source openphish (October 23rd 2024, 1:23:23 am UTC) — Scanned from CA

Summary HTTP 39 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 15 IPs in 2 countries across 11 domains to perform 39 HTTP transactions. The main IP is 208.98.35.134, located in Chicago, United States and belongs to SHARKTECH, US. The main domain is liipeeret-001-site1.jtempurl.com.
TLS certificate: Issued by R11 on September 17th 2024. Valid for: 3 months.

This is the only time liipeeret-001-site1.jtempurl.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Realize (Financial)

Domain & IP information

	IP Address	AS Autonomous System
14	208.98.35.134 208.98.35.134	46844 (SHARKTECH) (SHARKTECH)
2	142.251.41.35 142.251.41.35	15169 (GOOGLE) (GOOGLE)
4	172.217.165.14 172.217.165.14	15169 (GOOGLE) (GOOGLE)
3	54.207.13.8 54.207.13.8	16509 (AMAZON-02) (AMAZON-02)
3	142.251.41.40 142.251.41.40	15169 (GOOGLE) (GOOGLE)
1	13.226.94.98 13.226.94.98	16509 (AMAZON-02) (AMAZON-02)
1	142.251.41.42 142.251.41.42	15169 (GOOGLE) (GOOGLE)
3	142.251.41.68 142.251.41.68	15169 (GOOGLE) (GOOGLE)
1	52.95.163.30 52.95.163.30	16509 (AMAZON-02) (AMAZON-02)
1	142.251.41.14 142.251.41.14	15169 (GOOGLE) (GOOGLE)
1	142.250.31.156 142.250.31.156	15169 (GOOGLE) (GOOGLE)
1	142.251.33.162 142.251.33.162	15169 (GOOGLE) (GOOGLE)
1	142.250.65.227 142.250.65.227	15169 (GOOGLE) (GOOGLE)
1	18.231.77.90 18.231.77.90	16509 (AMAZON-02) (AMAZON-02)
2	3.212.94.43 3.212.94.43	14618 (AMAZON-AES) (AMAZON-AES)
39	15

14 208.98.35.134 (Chicago, United States)

ASN46844 (SHARKTECH, US)

liipeeret-001-site1.jtempurl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.41.35 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: yyz12s08-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.165.14 (United States)

ASN15169 (GOOGLE, US)
PTR: yyz12s06-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.207.13.8 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-207-13-8.sa-east-1.compute.amazonaws.com

cdn.pmweb.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.41.40 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: yyz12s08-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.94.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-94-98.jfk52.r.cloudfront.net

js-cdn.dynatrace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.41.42 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: yyz12s08-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.41.68 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: yyz10s20-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.95.163.30 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: s3-sa-east-1.amazonaws.com

s3-sa-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.41.14 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f14.1e100.net

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.31.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.33.162 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: yyz10s17-in-f2.1e100.net

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.65.227 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f3.1e100.net

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.231.77.90 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-231-77-90.sa-east-1.compute.amazonaws.com

df.pmweb.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.212.94.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-94-43.compute-1.amazonaws.com

bf73995led.bf.dynatrace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	jtempurl.com liipeeret-001-site1.jtempurl.com	477 KB
4	google.com www.google.com — Cisco Umbrella Rank: 3 analytics.google.com — Cisco Umbrella Rank: 147	991 B
4	pmweb.com.br cdn.pmweb.com.br — Cisco Umbrella Rank: 291381 df.pmweb.com.br — Cisco Umbrella Rank: 304504	10 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34	158 KB
3	dynatrace.com js-cdn.dynatrace.com — Cisco Umbrella Rank: 4209 bf73995led.bf.dynatrace.com — Cisco Umbrella Rank: 383365	92 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	181 KB
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 136 td.doubleclick.net — Cisco Umbrella Rank: 192	565 B
2	gstatic.com www.gstatic.com	217 KB
1	google.ca www.google.ca — Cisco Umbrella Rank: 12143	63 B
1	amazonaws.com s3-sa-east-1.amazonaws.com	516 B
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 412	30 KB
39	11

	Domain	Requested by
14	liipeeret-001-site1.jtempurl.com	liipeeret-001-site1.jtempurl.com
4	www.google-analytics.com	liipeeret-001-site1.jtempurl.com www.google-analytics.com
3	www.google.com	liipeeret-001-site1.jtempurl.com
3	www.googletagmanager.com	liipeeret-001-site1.jtempurl.com www.googletagmanager.com
3	cdn.pmweb.com.br	liipeeret-001-site1.jtempurl.com
2	bf73995led.bf.dynatrace.com	js-cdn.dynatrace.com
2	www.gstatic.com	liipeeret-001-site1.jtempurl.com www.google.com
1	df.pmweb.com.br	cdn.pmweb.com.br
1	www.google.ca	liipeeret-001-site1.jtempurl.com
1	td.doubleclick.net	www.googletagmanager.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	s3-sa-east-1.amazonaws.com	liipeeret-001-site1.jtempurl.com
1	ajax.googleapis.com	liipeeret-001-site1.jtempurl.com
1	js-cdn.dynatrace.com	liipeeret-001-site1.jtempurl.com
39	15

This site contains links to these domains. Also see Links.

Domain
www.realizesolucoesfinanceiras.com.br
www.lojasrenner.com.br
www.google.com
play.google.com
apps.apple.com
rennerchat.flexcontact.com.br
wa.me

Subject Issuer	Validity	Valid
liipeeret-001-site1.jtempurl.com R11	`2024-09-17` - `2024-12-16`	3 months	crt.sh
*.gstatic.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.google-analytics.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.pmweb.com.br Amazon RSA 2048 M03	`2024-08-06` - `2025-09-03`	a year	crt.sh
js-cdn.dynatrace.com Amazon RSA 2048 M02	`2024-01-03` - `2025-01-31`	a year	crt.sh
upload.video.google.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.google.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.s3-sa-east-1.amazonaws.com Amazon RSA 2048 M01	`2024-04-12` - `2025-03-30`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.doubleclick.net WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.google.ca WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.bf.dynatrace.com Amazon RSA 2048 M02	`2023-12-20` - `2025-01-16`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://liipeeret-001-site1.jtempurl.com/index.php
Frame ID: 50174A0767D4DA42A98C3F1D847494C8
Requests: 36 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcNwW8UAAAAAJ8eSLfer6Z8Lm28favadVWPryjV&co=aHR0cHM6Ly93d3cucmVhbGl6ZXNvbHVjb2VzZmluYW5jZWlyYXMuY29tLmJyOjQ0Mw..&hl=pt-BR&v=2uoiJ4hP3NUoP9v_eBNfU6CR&size=invisible&badge=inline&cb=uii3yowxuayz
Frame ID: 8F86C3BAA3A820A85892638FCEF5403B
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-8ZK29MQS7R&gacid=1942933331.1729646595&gtm=45je4ah0v9185723139z86457255za200zb6457255&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101686685~101823848&z=58465654
Frame ID: 1158E10663A32B30F94F32AE036FFDB8
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=pt-BR&v=2uoiJ4hP3NUoP9v_eBNfU6CR&k=6LcNwW8UAAAAAJ8eSLfer6Z8Lm28favadVWPryjV
Frame ID: 38C6B23C18379445A8731DEC42222139
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Cartões Renner

Page URL History Show full URLs

http://liipeeret-001-site1.jtempurl.com/index.php HTTP 307
https://liipeeret-001-site1.jtempurl.com/index.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

39
Requests

100 %
HTTPS

0 %
IPv6

11
Domains

15
Subdomains

15
IPs

2
Countries

1166 kB
Transfer

3810 kB
Size

11
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://www.realizesolucoesfinanceiras.com.br/site/

Search URL Search Domain Scan URL

URL: http://www.lojasrenner.com.br/
Title: ir para a loja virtual

Search URL Search Domain Scan URL

URL: https://www.google.com/intl/en/policies/privacy/
Title: Termos

Search URL Search Domain Scan URL

URL: https://www.google.com/intl/en/policies/terms/
Title: Privacidade

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=br.com.lojasrenner&hl=pt-BR

Search URL Search Domain Scan URL

URL: https://apps.apple.com/br/app/lojas-renner-roupas-perfumes/id567763947

Search URL Search Domain Scan URL

URL: https://www.realizesolucoesfinanceiras.com.br/site/cartao_renner/
Title: Cartão Renner

Search URL Search Domain Scan URL

URL: https://www.realizesolucoesfinanceiras.com.br/site/meu-cartao/
Title: Meu Cartão

Search URL Search Domain Scan URL

URL: https://www.realizesolucoesfinanceiras.com.br/site/app_cartao_renner/
Title: Quero Cartão Renner

Search URL Search Domain Scan URL

URL: https://www.realizesolucoesfinanceiras.com.br/site/contato
Title: Contato

Search URL Search Domain Scan URL

URL: https://www.realizesolucoesfinanceiras.com.br/site/institucional
Title: Institucional

Search URL Search Domain Scan URL

URL: https://www.realizesolucoesfinanceiras.com.br/cartoes-renner/duvidas-frequentes/cartao-renner
Title: Cartão Renner

Search URL Search Domain Scan URL

URL: https://www.realizesolucoesfinanceiras.com.br/cartoes-renner/duvidas-frequentes/meu-cartao
Title: Meu Cartão

Search URL Search Domain Scan URL

URL: https://www.realizesolucoesfinanceiras.com.br/site/perguntas-frequentes
Title: Saque Rápido e Seguros

Search URL Search Domain Scan URL

URL: https://www.realizesolucoesfinanceiras.com.br/images/relatorio-governanca/download/2d74c7a135c98327b39e82f8638a6437.pdf
Title: Privacidade e Segurança

Search URL Search Domain Scan URL

URL: https://www.realizesolucoesfinanceiras.com.br/site/central-negociacao
Title: Central de Negociação

Search URL Search Domain Scan URL

URL: https://www.realizesolucoesfinanceiras.com.br/cartoes-renner/login
Title: Acessa Sua Conta

Search URL Search Domain Scan URL

URL: https://rennerchat.flexcontact.com.br/RennerChat_DeficientesAuditivos/
Title: Para acessar o canal de atendimento por vídeo, clique aqui.

Search URL Search Domain Scan URL

URL: https://wa.me/555139214004?text=Oi,%20Clara
Title: +55 (51) 3921 4004

Search URL Search Domain Scan URL

URL: https://www.realizesolucoesfinanceiras.com.br/uploads/institucional_cadastro/20/AtendimentoAuditivosFala.pdf
Title: Orientações para Representantes de Deficientes Auditivos ou de Fala

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://liipeeret-001-site1.jtempurl.com/index.php HTTP 307
https://liipeeret-001-site1.jtempurl.com/index.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request index.php Show response
liipeeret-001-site1.jtempurl.com/
Redirect Chain

http://liipeeret-001-site1.jtempurl.com/index.php
https://liipeeret-001-site1.jtempurl.com/index.php

734 KB
74 KB

635ms
187ms

Document
text/html

208.98.35.134
SHARKTECH

General

Check archive.org

Show headers Download Go to

Full URL: https://liipeeret-001-site1.jtempurl.com/index.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.98.35.134 Chicago, United States, ASN46844 (SHARKTECH, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / PHP/8.0.23 ASP.NET
Resource Hash: 99c8f6021b6ba7c6fb35cce9df0b19026daee7e81802daa9062ebe5870196c4a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 23 Oct 2024 01:23:14 GMT
server: Microsoft-IIS/10.0
vary: Accept-Encoding
x-powered-by: PHP/8.0.23 ASP.NET

Redirect headers

Location: https://liipeeret-001-site1.jtempurl.com/index.php
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 404 recaptcha__pt_br.js
www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/ 0
0 270ms
151ms Script
text/html 142.251.41.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/recaptcha__pt_br.js

Requested by

Host: liipeeret-001-site1.jtempurl.com
URL: https://liipeeret-001-site1.jtempurl.com/index.php

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.35 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

yyz12s08-in-f3.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://liipeeret-001-site1.jtempurl.com
Referer: https://liipeeret-001-site1.jtempurl.com/

Response headers

cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1624
date: Wed, 23 Oct 2024 01:23:14 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: sffe

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 171ms
19ms Script
text/javascript 172.217.165.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: liipeeret-001-site1.jtempurl.com
URL: https://liipeeret-001-site1.jtempurl.com/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.165.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yyz12s06-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://liipeeret-001-site1.jtempurl.com/

Response headers

content-encoding: gzip
age: 4884
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Wed, 23 Oct 2024 02:01:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 00:01:50 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H/1.1 200
OK tag.js Show response
cdn.pmweb.com.br/df/ 22 KB
9 KB 812ms
167ms Script
application/javascript 54.207.13.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.pmweb.com.br/df/tag.js?id=PM-N2FTFQ

Requested by

Host: liipeeret-001-site1.jtempurl.com
URL: https://liipeeret-001-site1.jtempurl.com/index.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.207.13.8 São Paulo, Brazil, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-207-13-8.sa-east-1.compute.amazonaws.com

Software

nginx /

Resource Hash

b6ae3eeee15a8df129fcdc993b0397c73e95373e07cab89029886b02f6e95915

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://liipeeret-001-site1.jtempurl.com/

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Cache-Control: max-age=300
Content-Encoding: gzip
ETag: W/"66f705ff-584d"
Connection: keep-alive
Expires: Wed, 23 Oct 2024 01:28:15 GMT
Content-Length: 9175
Date: Wed, 23 Oct 2024 01:23:15 GMT
Content-Type: application/javascript
Last-Modified: Fri, 27 Sep 2024 19:22:39 GMT
Server: nginx
Vary: Accept-Encoding

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 189 KB
68 KB 53ms
50ms Script
application/javascript 172.217.165.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-W9SBWRL&cid=1003849302.1648069470

Requested by

Host: liipeeret-001-site1.jtempurl.com
URL: https://liipeeret-001-site1.jtempurl.com/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.165.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yyz12s06-in-f14.1e100.net

Software

Google Tag Manager /

Resource Hash

80289ff7801d213cef80fabf5d22515661ca539765ddf5b0bf7a5b006384b355

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://liipeeret-001-site1.jtempurl.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1073:0"}],}
expires: Wed, 23 Oct 2024 01:23:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 01:23:14 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 23 Oct 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1073:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 69588
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 245 KB
86 KB 215ms
60ms Script
application/javascript 142.251.41.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N2FTFQ

Requested by

Host: liipeeret-001-site1.jtempurl.com
URL: https://liipeeret-001-site1.jtempurl.com/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.40 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

yyz12s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

6c0cffa079a98780fc4f206480d3c81ccedb34647ab6446861d3c747a896fddd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://liipeeret-001-site1.jtempurl.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Wed, 23 Oct 2024 01:23:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 01:23:15 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 23 Oct 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 87751
x-xss-protection: 0
server: Google Tag Manager

GET
H2 404 ruxitagentjs_ICA2Vfghjqru_10235220309135426.js
liipeeret-001-site1.jtempurl.com/ 0
0 309ms
306ms Script
text/html 208.98.35.134
SHARKTECH

General

Check archive.org

Show headers Download Go to

Full URL: https://liipeeret-001-site1.jtempurl.com/ruxitagentjs_ICA2Vfghjqru_10235220309135426.js
Requested by: Host: liipeeret-001-site1.jtempurl.com
URL: https://liipeeret-001-site1.jtempurl.com/index.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.98.35.134 Chicago, United States, ASN46844 (SHARKTECH, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://liipeeret-001-site1.jtempurl.com/index.php

Response headers

content-length: 1245
date: Wed, 23 Oct 2024 01:23:14 GMT
content-type: text/html
x-powered-by: ASP.NET
server: Microsoft-IIS/10.0

GET
H2 200 189e25234ffe70ce_complete.js Show response
js-cdn.dynatrace.com/jstag/157944990f8/bf73995led/ 238 KB
90 KB 188ms
37ms Script
application/javascript 13.226.94.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js-cdn.dynatrace.com/jstag/157944990f8/bf73995led/189e25234ffe70ce_complete.js
Requested by: Host: liipeeret-001-site1.jtempurl.com
URL: https://liipeeret-001-site1.jtempurl.com/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.94.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-94-98.jfk52.r.cloudfront.net
Software: /
Resource Hash: 38ceb35c0e7708358567f88a532695045916700ca91335e6deea8c6a63fa078a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://liipeeret-001-site1.jtempurl.com
Referer: https://liipeeret-001-site1.jtempurl.com/

Response headers

dynatrace-response-id: E8S0QKPF7WJL
content-encoding: gzip
age: 2384
expires: Wed, 23 Oct 2024 01:43:30 GMT
x-oneagent-js-injection: true
x-cache: Hit from cloudfront
x-amz-cf-id: LPNekEZnCd-jjrvnMR4B87TDdS8Nky5UkTpl-HAbiCdzRraIpoZ49A==
date: Wed, 23 Oct 2024 00:43:30 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=3600
timing-allow-origin: *
dynatrace-response-source: Cluster
traffic-source: UNKNOWN
via: 1.1 0f0bf0c53ec14c9acfe222b40dee092a.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: JFK52-P10

GET
H2 200 3.bundle-d6a6baaa0dc3faae26db.js Show response
liipeeret-001-site1.jtempurl.com/js/ 37 KB
8 KB 384ms
382ms Script
application/javascript 208.98.35.134
SHARKTECH

General

Check archive.org

Show headers Download Go to

Full URL: https://liipeeret-001-site1.jtempurl.com/js/3.bundle-d6a6baaa0dc3faae26db.js
Requested by: Host: liipeeret-001-site1.jtempurl.com
URL: https://liipeeret-001-site1.jtempurl.com/index.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.98.35.134 Chicago, United States, ASN46844 (SHARKTECH, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4ab4958c63bd706e031161717896c8fbe22f133a4c9ff285cc053e75ceb13d06

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://liipeeret-001-site1.jtempurl.com/index.php

Response headers

cache-control: max-age=31536000
content-encoding: br
etag: "268c284efa3ed81:0"
accept-ranges: bytes
content-length: 8032
date: Wed, 23 Oct 2024 01:23:14 GMT
content-type: application/javascript
last-modified: Wed, 23 Mar 2022 21:09:38 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 404 2.bundle-d410ea60e5b46c298cdd.js
liipeeret-001-site1.jtempurl.com/cartoes-renner/js/ 0
0 337ms
336ms Script
text/html 208.98.35.134
SHARKTECH

General

Check archive.org

Show headers Download Go to

Full URL: https://liipeeret-001-site1.jtempurl.com/cartoes-renner/js/2.bundle-d410ea60e5b46c298cdd.js
Requested by: Host: liipeeret-001-site1.jtempurl.com
URL: https://liipeeret-001-site1.jtempurl.com/index.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.98.35.134 Chicago, United States, ASN46844 (SHARKTECH, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://liipeeret-001-site1.jtempurl.com/index.php

Response headers

content-length: 1245
date: Wed, 23 Oct 2024 01:23:14 GMT
content-type: text/html
x-powered-by: ASP.NET
server: Microsoft-IIS/10.0

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 85 KB
30 KB 230ms
20ms Script
text/javascript 142.251.41.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: liipeeret-001-site1.jtempurl.com
URL: https://liipeeret-001-site1.jtempurl.com/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.42 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

yyz12s08-in-f10.1e100.net

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://liipeeret-001-site1.jtempurl.com/

Response headers

content-encoding: gzip
age: 390325
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options: nosniff
expires: Sat, 18 Oct 2025 12:57:49 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 18 Oct 2024 12:57:49 GMT
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30399
x-xss-protection: 0
server: sffe

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 245 KB
0 215ms
215ms Script
application/javascript 142.251.41.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N2FTFQ

Requested by

Host: liipeeret-001-site1.jtempurl.com
URL: https://liipeeret-001-site1.jtempurl.com/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.40 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

yyz12s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

6c0cffa079a98780fc4f206480d3c81ccedb34647ab6446861d3c747a896fddd

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://liipeeret-001-site1.jtempurl.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Wed, 23 Oct 2024 01:23:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 01:23:15 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 23 Oct 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 87751
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 google-play-badge-reverse.svg
liipeeret-001-site1.jtempurl.com/vectors/ 11 KB
11 KB 121ms
120ms Image
image/svg+xml 208.98.35.134
SHARKTECH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://liipeeret-001-site1.jtempurl.com/vectors/google-play-badge-reverse.svg
Requested by: Host: liipeeret-001-site1.jtempurl.com
URL: https://liipeeret-001-site1.jtempurl.com/index.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.98.35.134 Chicago, United States, ASN46844 (SHARKTECH, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e946d863a136a09089fd275d574ff3346bad8327d4ef378c06af35872d9fe56d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://liipeeret-001-site1.jtempurl.com/index.php

Response headers

cache-control: max-age=31536000
etag: "3716efacfb3ed81:0"
accept-ranges: bytes
content-length: 10789
date: Wed, 23 Oct 2024 01:23:14 GMT
content-type: image/svg+xml
last-modified: Wed, 23 Mar 2022 21:19:26 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 celular-login.png
liipeeret-001-site1.jtempurl.com/images/ 152 KB
152 KB 241ms
240ms Image
image/png 208.98.35.134
SHARKTECH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://liipeeret-001-site1.jtempurl.com/images/celular-login.png
Requested by: Host: liipeeret-001-site1.jtempurl.com
URL: https://liipeeret-001-site1.jtempurl.com/index.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.98.35.134 Chicago, United States, ASN46844 (SHARKTECH, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7db4ada57262fbacd47bef4e96e3cedda276b9267e6ca4d20adeeb1c24d870b6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://liipeeret-001-site1.jtempurl.com/index.php

Response headers

cache-control: max-age=31536000
etag: "2eca8acafb3ed81:0"
accept-ranges: bytes
content-length: 155176
date: Wed, 23 Oct 2024 01:23:14 GMT
content-type: image/png
last-modified: Wed, 23 Mar 2022 21:20:16 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 google-play-badge.svg
liipeeret-001-site1.jtempurl.com/vectors/ 11 KB
11 KB 767ms
767ms Image
image/svg+xml 208.98.35.134
SHARKTECH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://liipeeret-001-site1.jtempurl.com/vectors/google-play-badge.svg
Requested by: Host: liipeeret-001-site1.jtempurl.com
URL: https://liipeeret-001-site1.jtempurl.com/index.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.98.35.134 Chicago, United States, ASN46844 (SHARKTECH, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8827f96ace2afe4aeff4c33db4ac86193f38a62cb30d9fbba949e0b72c2a55ff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://liipeeret-001-site1.jtempurl.com/index.php

Response headers

cache-control: max-age=31536000
etag: "237359f6fb3ed81:0"
accept-ranges: bytes
content-length: 10786
date: Wed, 23 Oct 2024 01:23:14 GMT
content-type: image/svg+xml
last-modified: Wed, 23 Mar 2022 21:21:29 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 app-store-badge.svg
liipeeret-001-site1.jtempurl.com/vectors/ 14 KB
14 KB 763ms
758ms Image
image/svg+xml 208.98.35.134
SHARKTECH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://liipeeret-001-site1.jtempurl.com/vectors/app-store-badge.svg
Requested by: Host: liipeeret-001-site1.jtempurl.com
URL: https://liipeeret-001-site1.jtempurl.com/index.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.98.35.134 Chicago, United States, ASN46844 (SHARKTECH, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3dd08d21a5c010294a50355af3565a50d08ea4aef83e822114be29171209f109

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://liipeeret-001-site1.jtempurl.com/index.php

Response headers

cache-control: max-age=31536000
etag: "95acaa2fc3ed81:0"
accept-ranges: bytes
content-length: 14262
date: Wed, 23 Oct 2024 01:23:14 GMT
content-type: image/svg+xml
last-modified: Wed, 23 Mar 2022 21:21:50 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
0 1ms
1ms Script
text/javascript 172.217.165.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: liipeeret-001-site1.jtempurl.com
URL: https://liipeeret-001-site1.jtempurl.com/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.165.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yyz12s06-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://liipeeret-001-site1.jtempurl.com/

Response headers

content-encoding: gzip
age: 4884
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Wed, 23 Oct 2024 02:01:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 00:01:50 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H2 200 vendors.bundle-859d26788acf215a201a.js Show response
liipeeret-001-site1.jtempurl.com/js/ 670 KB
205 KB 840ms
836ms Script
application/javascript 208.98.35.134
SHARKTECH

General

Check archive.org

Show headers Download Go to

Full URL: https://liipeeret-001-site1.jtempurl.com/js/vendors.bundle-859d26788acf215a201a.js
Requested by: Host: liipeeret-001-site1.jtempurl.com
URL: https://liipeeret-001-site1.jtempurl.com/index.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.98.35.134 Chicago, United States, ASN46844 (SHARKTECH, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 40d596025119e99448ba247d9ad58248525a484a971dabdd366e0724453e3e36

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://liipeeret-001-site1.jtempurl.com/index.php

Response headers

cache-control: max-age=31536000
content-encoding: br
etag: "f93e202bfc3ed81:0"
accept-ranges: bytes
date: Wed, 23 Oct 2024 01:23:14 GMT
content-type: application/javascript
last-modified: Wed, 23 Mar 2022 21:22:58 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
991 B 180ms
48ms Script
text/javascript 142.251.41.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onLoadRecaptcha&render=explicit&hl=pt-BR

Requested by

Host: liipeeret-001-site1.jtempurl.com
URL: https://liipeeret-001-site1.jtempurl.com/index.php

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.68 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

yyz10s20-in-f4.1e100.net

Software

ESF /

Resource Hash

8e377f99d3c498d2d7c6a661190d5803dad033c2633fac136578bd0b88efff1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://liipeeret-001-site1.jtempurl.com/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Wed, 23 Oct 2024 01:23:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Wed, 23 Oct 2024 01:23:15 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame 8F86 0
0 143ms
70ms Document
text/html 142.251.41.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcNwW8UAAAAAJ8eSLfer6Z8Lm28favadVWPryjV&co=aHR0cHM6Ly93d3cucmVhbGl6ZXNvbHVjb2VzZmluYW5jZWlyYXMuY29tLmJyOjQ0Mw..&hl=pt-BR&v=2uoiJ4hP3NUoP9v_eBNfU6CR&size=invisible&badge=inline&cb=uii3yowxuayz

Requested by

Host: liipeeret-001-site1.jtempurl.com
URL: https://liipeeret-001-site1.jtempurl.com/index.php

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.68 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

yyz10s20-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hmiOyytimZmIidy164_x8A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://liipeeret-001-site1.jtempurl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-hmiOyytimZmIidy164_x8A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Wed, 23 Oct 2024 01:23:15 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 404 whatsapp.svg
liipeeret-001-site1.jtempurl.com/cartoes-renner/vectors/ 0
0 1758ms
1757ms Other
text/html 208.98.35.134
SHARKTECH

General

Check archive.org

Show headers Download Go to

Full URL: https://liipeeret-001-site1.jtempurl.com/cartoes-renner/vectors/whatsapp.svg
Requested by: Host: liipeeret-001-site1.jtempurl.com
URL: https://liipeeret-001-site1.jtempurl.com/index.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.98.35.134 Chicago, United States, ASN46844 (SHARKTECH, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://liipeeret-001-site1.jtempurl.com/index.php

Response headers

content-length: 1245
date: Wed, 23 Oct 2024 01:23:14 GMT
content-type: text/html
x-powered-by: ASP.NET
server: Microsoft-IIS/10.0

GET
H/1.1 200
OK bg.png
s3-sa-east-1.amazonaws.com/frame-image-br/ 0
516 B 680ms
183ms Image
image/png 52.95.163.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-sa-east-1.amazonaws.com/frame-image-br/bg.png?x-id=real&x-r=
Requested by: Host: liipeeret-001-site1.jtempurl.com
URL: https://liipeeret-001-site1.jtempurl.com/index.php
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 52.95.163.30 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-sa-east-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://liipeeret-001-site1.jtempurl.com/

Response headers

x-amz-meta-s3cmd-attrs: uid:502/gname:staff/uname:user/gid:20/mode:33188/mtime:1493416832/atime:1493796970/md5:d41d8cd98f00b204e9800998ecf8427e/ctime:1493416832
ETag: "d41d8cd98f00b204e9800998ecf8427e"
x-amz-request-id: SY7TRNGFCKJEPN9T
Accept-Ranges: bytes
Content-Length: 0
Date: Wed, 23 Oct 2024 01:23:16 GMT
Last-Modified: Thu, 04 May 2017 08:21:21 GMT
Content-Type: image/png
Server: AmazonS3
x-amz-id-2: Gq2nPaLxpdqnGe+8ZPxkvzadojDNygN3JmWjOZGI8Krfo1YFwPSHeir8KVzxwwILL4IoeDbl7Zc=

GET
H2 200 bg-login.svg
liipeeret-001-site1.jtempurl.com/vectors/ 664 B
768 B 1753ms
1753ms Image
image/svg+xml 208.98.35.134
SHARKTECH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://liipeeret-001-site1.jtempurl.com/vectors/bg-login.svg
Requested by: Host: liipeeret-001-site1.jtempurl.com
URL: https://liipeeret-001-site1.jtempurl.com/index.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.98.35.134 Chicago, United States, ASN46844 (SHARKTECH, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3bb71cec41dd0b3c5782f72d32b1b028fdc9558f0acace778d1a2c312d50f382

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://liipeeret-001-site1.jtempurl.com/index.php

Response headers

cache-control: max-age=31536000
etag: "2bb2a37afc3ed81:0"
accept-ranges: bytes
content-length: 664
date: Wed, 23 Oct 2024 01:23:14 GMT
content-type: image/svg+xml
last-modified: Wed, 23 Mar 2022 21:25:11 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H3 200 js Show response
www.google-analytics.com/gtm/ 189 KB
68 KB 53ms
52ms Script
application/javascript 172.217.165.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-W9SBWRL&cid=1942933331.1729646595

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.165.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yyz12s06-in-f14.1e100.net

Software

Google Tag Manager /

Resource Hash

3bcd5fe2745fce7e2f001bbf3991c5e0ec7de3240b91ff4a0f9ddc65a19cfc63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://liipeeret-001-site1.jtempurl.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1073:0"}],}
expires: Wed, 23 Oct 2024 01:23:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 01:23:15 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 23 Oct 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1073:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 69576
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 269 KB
94 KB 55ms
53ms Script
application/javascript 142.251.41.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8ZK29MQS7R&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N2FTFQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.40 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

yyz12s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

d8460a389671f8f40084d9a1bf5c2179b72097bd9ff86c7fbdf8cf3ec340a403

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://liipeeret-001-site1.jtempurl.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 23 Oct 2024 01:23:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 01:23:15 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 96395
x-xss-protection: 0
server: Google Tag Manager

GET
H/1.1 200
OK tag.js Show response
cdn.pmweb.com.br/df/ 22 KB
0 536ms
536ms Script
application/javascript 54.207.13.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pmweb.com.br/df/tag.js?id=PM-N2FTFQ
Requested by: Host: liipeeret-001-site1.jtempurl.com
URL: https://liipeeret-001-site1.jtempurl.com/index.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.207.13.8 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-207-13-8.sa-east-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6ae3eeee15a8df129fcdc993b0397c73e95373e07cab89029886b02f6e95915

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://liipeeret-001-site1.jtempurl.com/

Response headers

Cache-Control: max-age=300
Content-Encoding: gzip
ETag: W/"66f705ff-584d"
Expires: Wed, 23 Oct 2024 01:28:15 GMT
Content-Length: 9175
Date: Wed, 23 Oct 2024 01:23:15 GMT
Content-Type: application/javascript
Last-Modified: Fri, 27 Sep 2024 19:22:39 GMT
Server: nginx
Vary: Accept-Encoding

POST
H2 204 collect
analytics.google.com/g/ 0
0 486ms
46ms Fetch
text/plain 142.251.41.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-8ZK29MQS7R&gtm=45je4ah0v9185723139z86457255za200zb6457255&_p=1729646594698&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101686685~101823848&cid=1942933331.1729646595&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1729646595&sct=1&seg=0&dl=https%3A%2F%2Fliipeeret-001-site1.jtempurl.com%2Findex.php&dt=Cart%C3%B5es%20Renner&en=page_view&_fv=1&_ss=1&tfd=1708
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8ZK29MQS7R&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.41.14 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s40-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://liipeeret-001-site1.jtempurl.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://liipeeret-001-site1.jtempurl.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 01:23:15 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
565 B 212ms
45ms Ping
text/plain 142.250.31.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-8ZK29MQS7R&cid=1942933331.1729646595&gtm=45je4ah0v9185723139z86457255za200zb6457255&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101686685~101823848
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8ZK29MQS7R&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.31.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bj-in-f156.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://liipeeret-001-site1.jtempurl.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://liipeeret-001-site1.jtempurl.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 01:23:15 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 1158 0
0 212ms
85ms Document
text/html 142.251.33.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-8ZK29MQS7R&gacid=1942933331.1729646595&gtm=45je4ah0v9185723139z86457255za200zb6457255&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101686685~101823848&z=58465654

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8ZK29MQS7R&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.33.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

yyz10s17-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://liipeeret-001-site1.jtempurl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Oct 2024 01:23:15 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 242ms
98ms Image
image/gif 142.250.65.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8ZK29MQS7R&cid=1942933331.1729646595&gtm=45je4ah0v9185723139z86457255za200zb6457255&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101686685~101823848&tag_exp=101686685~101823848&z=1316526982

Requested by

Host: liipeeret-001-site1.jtempurl.com
URL: https://liipeeret-001-site1.jtempurl.com/index.php

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.227 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://liipeeret-001-site1.jtempurl.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Wed, 23 Oct 2024 01:23:15 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H/1.1 200
OK / Show response
df.pmweb.com.br/push/ 2 B
523 B 763ms
167ms XHR
text/plain 18.231.77.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://df.pmweb.com.br/push/?aid=PM-N2FTFQ&cid=062801729646595718&sid=160001729646595719&pvw=b6f88e86-72e6-4651-a023-870b9b3088e8&v=1.19.0&rs=1600x1200&tt=Cart%C3%B5es%20Renner&ws=1600x1285&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F129.0.0.0%20Safari%2F537.36&url=https%3A%2F%2Fliipeeret-001-site1.jtempurl.com%2Findex.php

Requested by

Host: cdn.pmweb.com.br
URL: https://cdn.pmweb.com.br/df/tag.js?id=PM-N2FTFQ

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.231.77.90 São Paulo, Brazil, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-231-77-90.sa-east-1.compute.amazonaws.com

Software

nginx /

Resource Hash

54d626e08c1c802b305dad30b7e54a82f102390cc92c7d4db112048935236e9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://liipeeret-001-site1.jtempurl.com/

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: keep-alive
Access-Control-Allow-Credentials: true
Expires: 0
Access-Control-Allow-Origin: https://liipeeret-001-site1.jtempurl.com
Content-Length: 2
Date: Wed, 23 Oct 2024 01:23:16 GMT
Content-Type: text/plain
Server: nginx

GET
H/1.1 200
OK tag.js Show response
cdn.pmweb.com.br/df/ 22 KB
0 1ms
1ms Script
application/javascript 54.207.13.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pmweb.com.br/df/tag.js?id=PM-N2FTFQ
Requested by: Host: liipeeret-001-site1.jtempurl.com
URL: https://liipeeret-001-site1.jtempurl.com/index.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.207.13.8 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-207-13-8.sa-east-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6ae3eeee15a8df129fcdc993b0397c73e95373e07cab89029886b02f6e95915

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://liipeeret-001-site1.jtempurl.com/

Response headers

Cache-Control: max-age=300
Content-Encoding: gzip
ETag: W/"66f705ff-584d"
Expires: Wed, 23 Oct 2024 01:28:15 GMT
Content-Length: 9175
Date: Wed, 23 Oct 2024 01:23:15 GMT
Content-Type: application/javascript
Last-Modified: Fri, 27 Sep 2024 19:22:39 GMT
Server: nginx
Vary: Accept-Encoding

GET
H3 200 bframe
www.google.com/recaptcha/api2/ Frame 38C6 0
0 68ms
63ms Document
text/html 142.251.41.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=pt-BR&v=2uoiJ4hP3NUoP9v_eBNfU6CR&k=6LcNwW8UAAAAAJ8eSLfer6Z8Lm28favadVWPryjV

Requested by

Host: liipeeret-001-site1.jtempurl.com
URL: https://liipeeret-001-site1.jtempurl.com/index.php

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.68 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

yyz10s20-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-I2fWfQsBU-zHQRkBvUo5Zg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://liipeeret-001-site1.jtempurl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-I2fWfQsBU-zHQRkBvUo5Zg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Wed, 23 Oct 2024 01:23:17 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 recaptcha__pt_br.js Show response
www.gstatic.com/recaptcha/releases/lqsTZ5beIbCkK4uGEGv9JmUR/ 546 KB
217 KB 32ms
31ms Script
text/javascript 142.251.41.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/lqsTZ5beIbCkK4uGEGv9JmUR/recaptcha__pt_br.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onLoadRecaptcha&render=explicit&hl=pt-BR

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.35 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

yyz12s08-in-f3.1e100.net

Software

sffe /

Resource Hash

33981c40df185a9220ba9e92ac33cac01824dc3356eae71d4dde35629ee1a2ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://liipeeret-001-site1.jtempurl.com
Referer: https://liipeeret-001-site1.jtempurl.com/

Response headers

content-encoding: gzip
age: 82956
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 02:20:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 02:20:41 GMT
last-modified: Mon, 14 Oct 2024 18:32:27 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 222007
x-xss-protection: 0
server: sffe

GET
H2 200 bg-login.svg
liipeeret-001-site1.jtempurl.com/vectors/ 664 B
0 1ms
1ms Image
image/svg+xml 208.98.35.134
SHARKTECH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://liipeeret-001-site1.jtempurl.com/vectors/bg-login.svg
Requested by: Host: liipeeret-001-site1.jtempurl.com
URL: https://liipeeret-001-site1.jtempurl.com/index.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.98.35.134 Chicago, United States, ASN46844 (SHARKTECH, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3bb71cec41dd0b3c5782f72d32b1b028fdc9558f0acace778d1a2c312d50f382

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://liipeeret-001-site1.jtempurl.com/index.php

Response headers

cache-control: max-age=31536000
etag: "2bb2a37afc3ed81:0"
accept-ranges: bytes
content-length: 664
date: Wed, 23 Oct 2024 01:23:14 GMT
content-type: image/svg+xml
last-modified: Wed, 23 Mar 2022 21:25:11 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 404 favicon.ico
liipeeret-001-site1.jtempurl.com/cartoes-renner/images/ 1 KB
1 KB 86ms
75ms Other
text/html 208.98.35.134
SHARKTECH

General

Check archive.org

Show headers Download Go to

Full URL: https://liipeeret-001-site1.jtempurl.com/cartoes-renner/images/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.98.35.134 Chicago, United States, ASN46844 (SHARKTECH, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://liipeeret-001-site1.jtempurl.com/index.php

Response headers

content-length: 1245
date: Wed, 23 Oct 2024 01:23:17 GMT
content-type: text/html
x-powered-by: ASP.NET
server: Microsoft-IIS/10.0

GET
H2 404 lojas-renner.png
liipeeret-001-site1.jtempurl.com/cartoes-renner/images/ 1 KB
1 KB 80ms
77ms Other
text/html 208.98.35.134
SHARKTECH

General

Check archive.org

Show headers Download Go to

Full URL: https://liipeeret-001-site1.jtempurl.com/cartoes-renner/images/lojas-renner.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.98.35.134 Chicago, United States, ASN46844 (SHARKTECH, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://liipeeret-001-site1.jtempurl.com/index.php

Response headers

content-length: 1245
date: Wed, 23 Oct 2024 01:23:17 GMT
content-type: text/html
x-powered-by: ASP.NET
server: Microsoft-IIS/10.0

POST
H2 200 bf Show response
bf73995led.bf.dynatrace.com/ 616 B
900 B 133ms
38ms Fetch
text/plain 3.212.94.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bf73995led.bf.dynatrace.com/bf?type=js3&sn=v_4_srv_-2D7_sn_O2A3G458A7LULTIMPJ6VCHL8DJ3KHJBV&svrid=-7&flavor=cors&vi=MPSIHFARRURRLRKRICTNFCRMJNKAEEKI-0&modifiedSince=1647975459642&rf=https%3A%2F%2Fliipeeret-001-site1.jtempurl.com%2Findex.php&bp=3&app=189e25234ffe70ce&crc=3718853699&en=ovxxhecl&end=1
Requested by: Host: js-cdn.dynatrace.com
URL: https://js-cdn.dynatrace.com/jstag/157944990f8/bf73995led/189e25234ffe70ce_complete.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.212.94.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-212-94-43.compute-1.amazonaws.com
Software: /
Resource Hash: 0e5ce7958caf488d08b4335274c35dc59570a16b39367694c9642cf29e759f74

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://liipeeret-001-site1.jtempurl.com/

Response headers

x-oneagent-js-injection: true
access-control-allow-origin: https://liipeeret-001-site1.jtempurl.com
cache-control: no-cache
content-length: 616
date: Wed, 23 Oct 2024 01:23:19 GMT
content-type: text/plain;charset=utf-8

POST
H2 200 bf Show response
bf73995led.bf.dynatrace.com/ 208 B
492 B 41ms
37ms Fetch
text/plain 3.212.94.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bf73995led.bf.dynatrace.com/bf?type=js3&sn=v_4_srv_7_sn_O2A3G458A7LULTIMPJ6VCHL8DJ3KHJBV_app-3A189e25234ffe70ce_1_ol_0_perc_100000_mul_1&svrid=7&flavor=cors&vi=MPSIHFARRURRLRKRICTNFCRMJNKAEEKI-0&modifiedSince=1729591201295&rf=https%3A%2F%2Fliipeeret-001-site1.jtempurl.com%2Findex.php&bp=3&app=189e25234ffe70ce&crc=4059314242&en=ovxxhecl&end=1
Requested by: Host: js-cdn.dynatrace.com
URL: https://js-cdn.dynatrace.com/jstag/157944990f8/bf73995led/189e25234ffe70ce_complete.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.212.94.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-212-94-43.compute-1.amazonaws.com
Software: /
Resource Hash: 12b6ca6940557d90b64875d9e521583118ba1566a1ad910aa031ae91d34d9ff3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://liipeeret-001-site1.jtempurl.com/

Response headers

x-oneagent-js-injection: true
access-control-allow-origin: https://liipeeret-001-site1.jtempurl.com
cache-control: no-cache
content-length: 208
date: Wed, 23 Oct 2024 01:23:20 GMT
content-type: text/plain;charset=utf-8

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Realize (Financial)

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.jtempurl.com/	1970-01-21 10:03:26	Name: rxVisitor Value: 1729646594678LUMM44OV0P2897NQ1PU1MV5K9DTESHKU
.jtempurl.com/	1969-12-31 23:59:59	Name: dtSa Value: -
.jtempurl.com/	1970-01-21 00:28:52	Name: _gid Value: GA1.2.78879815.1729646595
.jtempurl.com/	1970-01-21 10:03:26	Name: _ga_8ZK29MQS7R Value: GS1.1.1729646595.1.0.1729646595.60.0.0
.jtempurl.com/	1970-01-21 10:03:26	Name: _ga Value: GA1.1.1942933331.1729646595
.doubleclick.net/	1970-01-21 00:27:27	Name: test_cookie Value: CheckForPermission
.jtempurl.com/	1970-01-21 10:03:26	Name: _pm_id Value: 062801729646595718
.jtempurl.com/	1970-01-21 00:27:28	Name: _pm_sid Value: 160001729646595719
.jtempurl.com/	1969-12-31 23:59:59	Name: rxvt Value: 1729648397795\|1729646594680
.jtempurl.com/	1969-12-31 23:59:59	Name: dtPC Value: -7$446594673_786h-vMPSIHFARRURRLRKRICTNFCRMJNKAEEKI-0e0
.jtempurl.com/	1969-12-31 23:59:59	Name: dtCookie Value: v_4_srv_7_sn_O2A3G458A7LULTIMPJ6VCHL8DJ3KHJBV_app-3A189e25234ffe70ce_1_ol_0_perc_100000_mul_1

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/recaptcha__pt_br.js Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://liipeeret-001-site1.jtempurl.com/index.php Message: Refused to execute script from 'https://www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/recaptcha__pt_br.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
network	error	URL: https://liipeeret-001-site1.jtempurl.com/ruxitagentjs_ICA2Vfghjqru_10235220309135426.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://liipeeret-001-site1.jtempurl.com/cartoes-renner/js/2.bundle-d410ea60e5b46c298cdd.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://liipeeret-001-site1.jtempurl.com/cartoes-renner/vectors/whatsapp.svg#whatsapp Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://liipeeret-001-site1.jtempurl.com/cartoes-renner/images/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://liipeeret-001-site1.jtempurl.com/cartoes-renner/images/lojas-renner.png Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
analytics.google.com
bf73995led.bf.dynatrace.com
cdn.pmweb.com.br
df.pmweb.com.br
js-cdn.dynatrace.com
liipeeret-001-site1.jtempurl.com
s3-sa-east-1.amazonaws.com
stats.g.doubleclick.net
td.doubleclick.net
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.gstatic.com
13.226.94.98
142.250.31.156
142.250.65.227
142.251.33.162
142.251.41.14
142.251.41.35
142.251.41.40
142.251.41.42
142.251.41.68
172.217.165.14
18.231.77.90
208.98.35.134
3.212.94.43
52.95.163.30
54.207.13.8
0e5ce7958caf488d08b4335274c35dc59570a16b39367694c9642cf29e759f74
12b6ca6940557d90b64875d9e521583118ba1566a1ad910aa031ae91d34d9ff3
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
33981c40df185a9220ba9e92ac33cac01824dc3356eae71d4dde35629ee1a2ef
38ceb35c0e7708358567f88a532695045916700ca91335e6deea8c6a63fa078a
3bb71cec41dd0b3c5782f72d32b1b028fdc9558f0acace778d1a2c312d50f382
3bcd5fe2745fce7e2f001bbf3991c5e0ec7de3240b91ff4a0f9ddc65a19cfc63
3dd08d21a5c010294a50355af3565a50d08ea4aef83e822114be29171209f109
40d596025119e99448ba247d9ad58248525a484a971dabdd366e0724453e3e36
4ab4958c63bd706e031161717896c8fbe22f133a4c9ff285cc053e75ceb13d06
54d626e08c1c802b305dad30b7e54a82f102390cc92c7d4db112048935236e9c
6c0cffa079a98780fc4f206480d3c81ccedb34647ab6446861d3c747a896fddd
7db4ada57262fbacd47bef4e96e3cedda276b9267e6ca4d20adeeb1c24d870b6
80289ff7801d213cef80fabf5d22515661ca539765ddf5b0bf7a5b006384b355
8827f96ace2afe4aeff4c33db4ac86193f38a62cb30d9fbba949e0b72c2a55ff
8e377f99d3c498d2d7c6a661190d5803dad033c2633fac136578bd0b88efff1e
99c8f6021b6ba7c6fb35cce9df0b19026daee7e81802daa9062ebe5870196c4a
b6ae3eeee15a8df129fcdc993b0397c73e95373e07cab89029886b02f6e95915
d8460a389671f8f40084d9a1bf5c2179b72097bd9ff86c7fbdf8cf3ec340a403
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e946d863a136a09089fd275d574ff3346bad8327d4ef378c06af35872d9fe56d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

liipeeret-001-site1.jtempurl.com Open in urlscan Pro 208.98.35.134 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

39 Requests

100 %HTTPS

0 %IPv6

11 Domains

15 Subdomains

15 IPs

2 Countries

1166 kBTransfer

3810 kBSize

11 Cookies

20 Outgoing links

Page URL History

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

liipeeret-001-site1.jtempurl.com Open in urlscan Pro
208.98.35.134 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

100 %
HTTPS

0 %
IPv6

11
Domains

15
Subdomains

15
IPs

2
Countries

1166 kB
Transfer

3810 kB
Size

11
Cookies

39 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!