app.safereport.com.br Open in urlscan Pro
15.229.165.123 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://app.safereport.com.br/
Effective URL:
https://app.safereport.com.br/login
Submission: On May 02 via automatic, source certstream-suspicious (May 2nd 2023, 1:21:08 am UTC) — Scanned from DE

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 11 HTTP transactions. The main IP is 15.229.165.123, located in São Paulo, Brazil and belongs to AMAZON-02, US. The main domain is app.safereport.com.br.
TLS certificate: Issued by R3 on May 2nd 2023. Valid for: 3 months.

This is the only time app.safereport.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 7	15.229.165.123 15.229.165.123	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:e2:... 2606:4700:e2::ac40:840f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:303... 2606:4700:3038::6815:e9e2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
11	5

7 15.229.165.123 (São Paulo, Brazil) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-15-229-165-123.sa-east-1.compute.amazonaws.com

app.safereport.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e2::ac40:840f (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3038::6815:e9e2 (United States)

ASN13335 (CLOUDFLARENET, US)

rsms.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	safereport.com.br 3 redirects app.safereport.com.br	85 KB
3	rsms.me rsms.me — Cisco Umbrella Rank: 22472	203 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1718	303 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	83 KB
1	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1543	10 KB
11	5

	Domain	Requested by
7	app.safereport.com.br	3 redirects app.safereport.com.br
3	rsms.me	app.safereport.com.br rsms.me
2	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	app.safereport.com.br
1	use.fontawesome.com	app.safereport.com.br
11	5

This site contains no links.

Subject Issuer	Validity	Valid
app.safereport.com.br R3	`2023-05-02` - `2023-07-31`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://app.safereport.com.br/login
Frame ID: 2A1D634265B7B7232B99F3CE200A5B7B
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login - SafeReport

Page URL History Show full URLs

https://app.safereport.com.br/ HTTP 302
https://app.safereport.com.br/dashboard HTTP 302
https://app.safereport.com.br/email/verify HTTP 302
https://app.safereport.com.br/login Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

11
Requests

100 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

379 kB
Transfer

806 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://app.safereport.com.br/ HTTP 302
https://app.safereport.com.br/dashboard HTTP 302
https://app.safereport.com.br/email/verify HTTP 302
https://app.safereport.com.br/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
app.safereport.com.br/
Redirect Chain

https://app.safereport.com.br/
https://app.safereport.com.br/dashboard
https://app.safereport.com.br/email/verify
https://app.safereport.com.br/login

6 KB
2 KB

237ms
237ms

Document
text/html

15.229.165.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.safereport.com.br/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.229.165.123 São Paulo, Brazil, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-229-165-123.sa-east-1.compute.amazonaws.com

Software

nginx /

Resource Hash

ea08175eb20cc12c9c268e39fb47cd2d6ac083d9e181edd72e7c7a289fd3b6f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 02 May 2023 01:21:01 GMT
server: nginx
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-cache, private
content-type: text/html; charset=UTF-8
date: Tue, 02 May 2023 01:21:00 GMT
location: https://app.safereport.com.br/login
server: nginx
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 app.js Show response
app.safereport.com.br/js/ 194 KB
58 KB 419ms
417ms Script
application/javascript 15.229.165.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.safereport.com.br/js/app.js

Requested by

Host: app.safereport.com.br
URL: https://app.safereport.com.br/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.229.165.123 São Paulo, Brazil, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-229-165-123.sa-east-1.compute.amazonaws.com

Software

nginx /

Resource Hash

b4583182352cb94ebb2a5fdb94d8630954e1ba69e85d5778f38d6a8640cd1843

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.safereport.com.br/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 01:21:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 May 2023 01:11:44 GMT
server: nginx
etag: W/"64506350-3095c"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
x-xss-protection: 1; mode=block

GET
H2 200 app.css
app.safereport.com.br/css/ 113 KB
19 KB 639ms
637ms Stylesheet
text/css 15.229.165.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.safereport.com.br/css/app.css?v=0.0.2

Requested by

Host: app.safereport.com.br
URL: https://app.safereport.com.br/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.229.165.123 São Paulo, Brazil, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-229-165-123.sa-east-1.compute.amazonaws.com

Software

nginx /

Resource Hash

9c252129742ac2ca82df67fc4fec98cd0f9568d19feedb85b7331b38024ddd4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.safereport.com.br/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 01:21:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 May 2023 01:11:44 GMT
server: nginx
etag: W/"64506350-1c575"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
x-xss-protection: 1; mode=block

GET
H2 200 all.css
use.fontawesome.com/releases/v5.0.13/css/ 40 KB
10 KB 150ms
123ms Stylesheet
text/css 2606:4700:e2::ac40:840f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.0.13/css/all.css
Requested by: Host: app.safereport.com.br
URL: https://app.safereport.com.br/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43730866612149a27f49159d7c4f19185c8694bb91bf41abc884a6fe1346e96e

Request headers

Referer: https://app.safereport.com.br/
Origin: https://app.safereport.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 01:21:01 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: AXPDPF6V0C0TGZR4
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: ZiModJioBlFM9ozRhy4AR0eJRq7/gKtid8PPju+GgDlnWHjQ8IgcR2a6A55I7WjCaV6R0mZndDA=
last-modified: Wed, 30 Jun 2021 15:27:31 GMT
server: cloudflare
etag: W/"d61bfe9b56c13ecff5313ee3abb45e8b"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bWroAYJW3lDTlhc99ldLuJpw%2BWYYPXsrg4FRZQPlaetgwuF2d3iJGpEWFItIuK%2FGGDemxbmG%2BA9VG6JWEbIyutdpWtqmTVgX4IOxsBNLSMHNMFTJSkDaprlQguyRPUhwIePX3s25TroFqGEpNJnfXBMI"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 7c0c71ef0e9a90d7-FRA

GET
H2 200 inter.css
rsms.me/inter/ 5 KB
2 KB 65ms
22ms Stylesheet
text/css 2606:4700:3038::6815:e9e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rsms.me/inter/inter.css
Requested by: Host: app.safereport.com.br
URL: https://app.safereport.com.br/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:e9e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c14569b287795db20f175729c90108f5e756049018e48f45d6f92c11c31be884

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.safereport.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-fastly-request-id: a22b6653a9b61b1a6f69bfe6e7319b7384db8151
date: Tue, 02 May 2023 01:21:01 GMT
via: 1.1 varnish
content-encoding: br
expires: Thu, 27 Apr 2023 15:51:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9
x-cache: HIT
x-proxy-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230035-FRA
last-modified: Thu, 27 Apr 2023 15:37:02 GMT
server: cloudflare
x-github-request-id: 9166:C2DF:715E98:7521BB:644A979E
x-timer: S1682610231.181894,VS0,VE9
etag: W/"644a969e-1490"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=74wR%2BF6xMI%2BIuNqhG9Xkz%2FYUwitFIEqRdNspqdcyWymKRR%2FnyerCGl0Zk83x2q48%2FvdKT1COUXn7d7lybndf8eH%2FBWvWRrSyaAuACWVu32W8mkRjP%2FtI7U9DiWYmMVivGgrUYw%2Bi"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
x-origin-cache: HIT
cf-ray: 7c0c71ef2dd936dd-FRA
x-cache-hits: 1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 245 KB
83 KB 145ms
55ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PMPR2RYZ9M

Requested by

Host: app.safereport.com.br
URL: https://app.safereport.com.br/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7ec067b22f63c64b6ff1929f41efa0eb4546e5c1ebfa420f2ffa47e378d32355

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.safereport.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 01:21:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84782
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 02 May 2023 01:21:02 GMT

GET
H2 200 yN6urFAHWOP8EXrHMkbtMG0CjC0ZtlkIusY4v3sT.png
app.safereport.com.br/uploads/brand/ 3 KB
3 KB 206ms
205ms Image
image/png 15.229.165.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.safereport.com.br/uploads/brand/yN6urFAHWOP8EXrHMkbtMG0CjC0ZtlkIusY4v3sT.png

Requested by

Host: app.safereport.com.br
URL: https://app.safereport.com.br/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.229.165.123 São Paulo, Brazil, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-229-165-123.sa-east-1.compute.amazonaws.com

Software

nginx /

Resource Hash

26c6d1b6901346dd017e517e3e2f88ca43f942894812df24e24b09c391fd6f1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.safereport.com.br/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 01:21:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 02 May 2023 01:11:44 GMT
server: nginx
etag: "64506350-bbe"
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 3006
x-xss-protection: 1; mode=block

GET
H2 200 Inter-Medium.woff2
rsms.me/inter/font-files/ 103 KB
104 KB 33ms
17ms Font
font/woff2 2606:4700:3038::6815:e9e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rsms.me/inter/font-files/Inter-Medium.woff2?v=3.19
Requested by: Host: rsms.me
URL: https://rsms.me/inter/inter.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:e9e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b498b959e5b7decbf9185803591d25bc1fbf83e798372ed30d32d5c79d82ff6

Request headers

Referer: https://rsms.me/inter/inter.css
Origin: https://app.safereport.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-fastly-request-id: 8fa226ff9c80f7072ead85243e0adfeeffda3d39
date: Tue, 02 May 2023 01:21:01 GMT
via: 1.1 varnish
expires: Thu, 27 Apr 2023 15:50:54 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache: MISS
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 105924
x-served-by: cache-fra-eddf8230051-FRA
last-modified: Thu, 27 Apr 2023 15:36:57 GMT
server: cloudflare
x-github-request-id: B26C:9340:704BD7:741B1F:644A9785
x-timer: S1682990462.935072,VS0,VE0
etag: "644a9699-19dc4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=85tXMpn0WK6Pu8jFGEaUYb1Sm4Od4T0Iry%2FCfVQH%2FO7xPIP4GJrM%2BS92n%2BVIdRBXy25YGas56GaVsThgc1o8Z8X31vZnH2pS4VyFDU9v1jD8rxNLZU4XYARwoPx%2Bk7GMMiqxlQTR"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
x-origin-cache: HIT
cf-ray: 7c0c71f30eb85c80-FRA
x-cache-hits: 3

GET
H2 200 Inter-Regular.woff2
rsms.me/inter/font-files/ 97 KB
97 KB 41ms
25ms Font
font/woff2 2606:4700:3038::6815:e9e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rsms.me/inter/font-files/Inter-Regular.woff2?v=3.19
Requested by: Host: rsms.me
URL: https://rsms.me/inter/inter.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:e9e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6

Request headers

Referer: https://rsms.me/inter/inter.css
Origin: https://app.safereport.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-fastly-request-id: a4bc8cb80cbc1291b7882def85ba5783862c2a7b
date: Tue, 02 May 2023 01:21:01 GMT
via: 1.1 varnish
expires: Thu, 27 Apr 2023 15:50:53 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache: MISS
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 98868
x-served-by: cache-fra-eddf8230135-FRA
last-modified: Thu, 27 Apr 2023 15:36:57 GMT
server: cloudflare
x-github-request-id: 8E1E:A460:7102F4:74C2DA:644A9784
x-timer: S1682990462.936113,VS0,VE0
etag: "644a9699-18234"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BXZjMSJ3ADHlzELkbhZxxJvzCaHWN3spTWjS58ABNoUAVsbb95JnNrBRgYsiWPfZtf98E3Bz9q6Z%2F%2BYKJg3cxzFAKVL07CJiPzHr010BYcXuhfZRye17hrxoQO6H0izcoWj04WlJ"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
x-origin-cache: HIT
cf-ray: 7c0c71f30eb75c80-FRA
x-cache-hits: 3

POST
H2 204 collect
region1.google-analytics.com/g/ 0
258 B 69ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-PMPR2RYZ9M&gtm=45je34q0&_p=1088462616&cid=240601588.1682990462&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1682990462&sct=1&seg=0&dl=https%3A%2F%2Fapp.safereport.com.br%2Flogin&dt=Login%20-%20SafeReport&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PMPR2RYZ9M
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.safereport.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 May 2023 01:21:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app.safereport.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 18ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-PMPR2RYZ9M&gtm=45je34q0&_p=1088462616&cid=240601588.1682990462&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1682990462&sct=1&seg=0&dl=https%3A%2F%2Fapp.safereport.com.br%2Flogin&dt=Login%20-%20SafeReport&en=scroll&epn.percent_scrolled=90&_et=17
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PMPR2RYZ9M
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.safereport.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 May 2023 01:21:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app.safereport.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
app.safereport.com.br/	1970-01-20 20:15:26	Name: XSRF-TOKEN Value: eyJpdiI6Im4vQ2JmQ2xkSU5rc3Z4M294K3pCeGc9PSIsInZhbHVlIjoiUUl0aEhmT0hTOEhvd1g0dXo4YmlVL0E1YXM0ZUxXK2dTZTgxWVh0dU5lS0lRdERGZHA5VmFIOWkwUFUvOW1BQWVVYWxWLytXVy9oSGRuWGhmNlZJcC8xcFppS2hJd2t0S0ZteEhNVHB4dkcvNHlHQzNtRjIrL3FoYnYxTHRPekYiLCJtYWMiOiI5NWFhYTU0YWIwNjI0NDRkMTc3MDllY2Q0ZDU1NDYyYjA0MzBkZmI3MzJmZGIyNGY4NjZjMjgzMzlhYjA2OTlhIiwidGFnIjoiIn0%3D
app.safereport.com.br/	1970-01-20 20:15:26	Name: safereport_session Value: eyJpdiI6IkZnLzZmNU9BVVNaMDB0ZEN6eWs0VGc9PSIsInZhbHVlIjoiZS9kM1BnSjFScTloeVZialNudEhFQ0dRUjlWNUJJWksxekwzUmlpVGtCdmp4dlZuZ09XQWhWY3FOeTVheFY1WHNIRzdpQnlTS3k0a2dxNTlpNU96aWE1WUJsZUVtK1J1am5HYkgrSjZTYnpyMHRpSlIzUzVSV0VxMU4vRE1ZVHciLCJtYWMiOiI0Zjk3ODA3OTA1OTc4NTllOGI1N2FjYjA0YmRiNDE2Mzg0OTEyODIzMjk4N2IwZmU4NzFmMmYzOTA3MWRhNTBhIiwidGFnIjoiIn0%3D
.safereport.com.br/	1970-01-20 21:05:50	Name: _ga Value: GA1.1.240601588.1682990462
.safereport.com.br/	1970-01-20 21:05:50	Name: _ga_PMPR2RYZ9M Value: GS1.1.1682990462.1.0.1682990462.0.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.safereport.com.br
region1.google-analytics.com
rsms.me
use.fontawesome.com
www.googletagmanager.com
15.229.165.123
2001:4860:4802:34::36
2606:4700:3038::6815:e9e2
2606:4700:e2::ac40:840f
2a00:1450:4001:82f::2008
1b498b959e5b7decbf9185803591d25bc1fbf83e798372ed30d32d5c79d82ff6
26c6d1b6901346dd017e517e3e2f88ca43f942894812df24e24b09c391fd6f1a
43730866612149a27f49159d7c4f19185c8694bb91bf41abc884a6fe1346e96e
7ec067b22f63c64b6ff1929f41efa0eb4546e5c1ebfa420f2ffa47e378d32355
9c252129742ac2ca82df67fc4fec98cd0f9568d19feedb85b7331b38024ddd4a
b4583182352cb94ebb2a5fdb94d8630954e1ba69e85d5778f38d6a8640cd1843
c14569b287795db20f175729c90108f5e756049018e48f45d6f92c11c31be884
d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea08175eb20cc12c9c268e39fb47cd2d6ac083d9e181edd72e7c7a289fd3b6f7

app.safereport.com.br Open in urlscan Pro 15.229.165.123 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

11 Requests

100 %HTTPS

80 %IPv6

5 Domains

5 Subdomains

5 IPs

3 Countries

379 kBTransfer

806 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

4 Cookies

Security Headers

Indicators

app.safereport.com.br Open in urlscan Pro
15.229.165.123 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

379 kB
Transfer

806 kB
Size

4
Cookies

11 HTTP transactions
0 data transactions