pagamentoimposto.site Open in urlscan Pro
2a02:4780:13:1701:0:2fd4:a0ce:3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://pagamentoimposto.site/
Effective URL:
https://pagamentoimposto.site/
Submission Tags: suspect
Submission: On October 13 via api (October 13th 2024, 1:12:51 pm UTC) from BR — Scanned from GB

Summary HTTP 29 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 10 IPs in 5 countries across 7 domains to perform 29 HTTP transactions. The main IP is 2a02:4780:13:1701:0:2fd4:a0ce:3, located in São Paulo, Brazil and belongs to AS-HOSTINGER, CY. The main domain is pagamentoimposto.site.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on October 12th 2024. Valid for: 3 months.

This is the only time pagamentoimposto.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	2a02:4780:13:... 2a02:4780:13:1701:0:2fd4:a0ce:3	47583 (AS-HOSTINGER) (AS-HOSTINGER)
1	2600:9000:239... 2600:9000:2394:600:11:ebaf:b140:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:278... 2a02:26f0:2780:6::214:f587	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:278... 2a02:26f0:2780:5::210:a806	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	54.88.170.186 54.88.170.186	14618 (AMAZON-AES) (AMAZON-AES)
1	34.224.128.91 34.224.128.91	14618 (AMAZON-AES) (AMAZON-AES)
6	2a02:26f0:278... 2a02:26f0:2780:5::210:a808	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	13.74.129.1 13.74.129.1	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	82.112.247.102 82.112.247.102	47583 (AS-HOSTINGER) (AS-HOSTINGER)
29	10

10 2a02:4780:13:1701:0:2fd4:a0ce:3 (São Paulo, Brazil)

ASN47583 (AS-HOSTINGER, CY)

pagamentoimposto.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2394:600:11:ebaf:b140:93a1 (United States)

ASN16509 (AMAZON-02, US)

storage.checkoutblank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:2780:6::214:f587 (Netherlands)

ASN20940 (AKAMAI-ASN1, NL)

scripts.converteai.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:2780:5::210:a806 (Netherlands)

ASN20940 (AKAMAI-ASN1, NL)

images.converteai.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.88.170.186 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-170-186.compute-1.amazonaws.com

a.vturb.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.224.128.91 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-224-128-91.compute-1.amazonaws.com

api.vturb.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:2780:5::210:a808 (Netherlands)

ASN20940 (AKAMAI-ASN1, NL)

cdn.converteai.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.74.129.1 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 82.112.247.102 (United Kingdom)

ASN47583 (AS-HOSTINGER, CY)

pagamentoimposto.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	pagamentoimposto.site pagamentoimposto.site	226 KB
9	converteai.net scripts.converteai.net — Cisco Umbrella Rank: 170122 images.converteai.net — Cisco Umbrella Rank: 173002 cdn.converteai.net — Cisco Umbrella Rank: 134257	2 MB
3	vturb.net a.vturb.net — Cisco Umbrella Rank: 143290
2	clarity.ms 1 redirects c.clarity.ms — Cisco Umbrella Rank: 1236	879 B
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 190	774 B
1	vturb.com.br api.vturb.com.br — Cisco Umbrella Rank: 167944
1	checkoutblank.com storage.checkoutblank.com	2 KB
29	7

	Domain	Requested by
12	pagamentoimposto.site	pagamentoimposto.site
6	cdn.converteai.net	scripts.converteai.net
3	a.vturb.net	scripts.converteai.net
2	c.clarity.ms	1 redirects
2	scripts.converteai.net	pagamentoimposto.site scripts.converteai.net
1	c.bing.com	1 redirects
1	api.vturb.com.br	scripts.converteai.net
1	images.converteai.net	pagamentoimposto.site
1	storage.checkoutblank.com	pagamentoimposto.site
29	9

This site contains links to these domains. Also see Links.

Domain
vturb.com

Subject Issuer	Validity	Valid
pagamentoimposto.site ZeroSSL RSA Domain Secure Site CA	`2024-10-12` - `2025-01-10`	3 months	crt.sh
storage.checkoutblank.com Amazon RSA 2048 M03	`2024-08-08` - `2025-09-06`	a year	crt.sh
converteai.net R10	`2024-09-25` - `2024-12-24`	3 months	crt.sh
*.vturb.net Amazon RSA 2048 M02	`2024-01-14` - `2025-02-12`	a year	crt.sh
*.vturb.com.br Amazon RSA 2048 M03	`2024-09-19` - `2025-10-18`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://pagamentoimposto.site/
Frame ID: 0424E8C7415AC46DE258A92BDFEAD390
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Empréstimo facilitado, simulação gratuita!

Page URL History Show full URLs

http://pagamentoimposto.site/ HTTP 307
https://pagamentoimposto.site/ Page URL

Page Statistics

29
Requests

90 %
HTTPS

60 %
IPv6

7
Domains

9
Subdomains

10
IPs

5
Countries

1856 kB
Transfer

2646 kB
Size

7
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://vturb.com/?via=player&utm_source=organic&utm_campaign=rKm-km-rKm&utm_medium=&utm_content=&utm_term=&xcod=hQwK21wXxRrKm-km-rKmhQwK21wXxRhQwK21wXxRhQwK21wXxR&sck=hQwK21wXxRrKm-km-rKmhQwK21wXxRhQwK21wXxRhQwK21wXxR
Title: Powered by Vturb

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://pagamentoimposto.site/ HTTP 307
https://pagamentoimposto.site/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=D99054D872A04C39A3C3BBCD32A5CA82&RedC=c.clarity.ms&MXFR=083745522E5A6F96068E50452A5A61FE HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D99054D872A04C39A3C3BBCD32A5CA82&MUID=115DC683D71669831DF8D394D6F668CC

29 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
pagamentoimposto.site/
Redirect Chain

http://pagamentoimposto.site/
https://pagamentoimposto.site/

45 KB
11 KB

688ms
213ms

Document
text/html

2a02:4780:13:1701:0:2fd4:a0ce:3
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://pagamentoimposto.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:13:1701:0:2fd4:a0ce:3 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

1d37b99230491f4b76d65b36a5a02ef2dcb31f0719e66b69cfd843b10eb5cd4f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 10641
content-security-policy: upgrade-insecure-requests
content-type: text/html
date: Sun, 13 Oct 2024 13:12:45 GMT
etag: "b2e0-6709faf0-93fa8320cdf8c4ec;br"
last-modified: Sat, 12 Oct 2024 04:28:32 GMT
panel: hpanel
platform: hostinger
server: LiteSpeed
vary: Accept-Encoding

Redirect headers

Location: https://pagamentoimposto.site/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 clarity.js Show response
pagamentoimposto.site/js/ 64 KB
21 KB 423ms
422ms Script
application/x-javascript 2a02:4780:13:1701:0:2fd4:a0ce:3
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://pagamentoimposto.site/js/clarity.js

Requested by

Host: pagamentoimposto.site
URL: https://pagamentoimposto.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:13:1701:0:2fd4:a0ce:3 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

30adbc7e799238c336b56a1e20db67910f2a114fc3bc6ced6c550b4c873318aa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://pagamentoimposto.site/

Response headers

panel: hpanel
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
content-encoding: br
etag: "10029-6709fafb-934e2299e9c01972;br"
expires: Sun, 20 Oct 2024 13:12:46 GMT
accept-ranges: bytes
content-length: 21806
date: Sun, 13 Oct 2024 13:12:46 GMT
content-type: application/x-javascript
last-modified: Sat, 12 Oct 2024 04:28:43 GMT
vary: Accept-Encoding
server: LiteSpeed
platform: hostinger

GET
H2 200 oaqncx2h7c Show response
pagamentoimposto.site/ 689 B
748 B 424ms
424ms Script
text/plain 2a02:4780:13:1701:0:2fd4:a0ce:3
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://pagamentoimposto.site/oaqncx2h7c

Requested by

Host: pagamentoimposto.site
URL: https://pagamentoimposto.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:13:1701:0:2fd4:a0ce:3 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

02ffbe208cc94a30a378f1f7ee05622fe2a79abf00c6d27bef5622832171ef40

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://pagamentoimposto.site/

Response headers

content-security-policy: upgrade-insecure-requests
etag: "2b1-6709faf0-10c8bb09a91af460;;;"
accept-ranges: bytes
content-length: 689
date: Sun, 13 Oct 2024 13:12:46 GMT
last-modified: Sat, 12 Oct 2024 04:28:32 GMT
server: LiteSpeed
platform: hostinger
panel: hpanel

GET
H2 200 gtm.js Show response
pagamentoimposto.site/js/ 208 KB
69 KB 624ms
623ms Script
application/x-javascript 2a02:4780:13:1701:0:2fd4:a0ce:3
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://pagamentoimposto.site/js/gtm.js

Requested by

Host: pagamentoimposto.site
URL: https://pagamentoimposto.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:13:1701:0:2fd4:a0ce:3 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

cf6d9b6dda57712631a5f1ed9c61cd6c17342597706eceb22344eae9de3b0d4c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://pagamentoimposto.site/

Response headers

panel: hpanel
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
content-encoding: br
etag: "340b3-6709fafb-381adf89b0274c1e;br"
expires: Sun, 20 Oct 2024 13:12:46 GMT
accept-ranges: bytes
content-length: 70527
date: Sun, 13 Oct 2024 13:12:46 GMT
content-type: application/x-javascript
last-modified: Sat, 12 Oct 2024 04:28:43 GMT
vary: Accept-Encoding
server: LiteSpeed
platform: hostinger

GET
H2 200 lander.js Show response
pagamentoimposto.site/js/ 4 KB
2 KB 829ms
828ms Script
application/x-javascript 2a02:4780:13:1701:0:2fd4:a0ce:3
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://pagamentoimposto.site/js/lander.js

Requested by

Host: pagamentoimposto.site
URL: https://pagamentoimposto.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:13:1701:0:2fd4:a0ce:3 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

0c4cfc682a96fb7162fff1e22e3cc199f1ab6615458ee523541972eb8acaf1b3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://pagamentoimposto.site/

Response headers

panel: hpanel
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
content-encoding: br
etag: "fe8-6709fafb-45725cb71cbb1a8c;br"
expires: Sun, 20 Oct 2024 13:12:46 GMT
accept-ranges: bytes
content-length: 1797
date: Sun, 13 Oct 2024 13:12:46 GMT
content-type: application/x-javascript
last-modified: Sat, 12 Oct 2024 04:28:43 GMT
vary: Accept-Encoding
server: LiteSpeed
platform: hostinger

GET
H2 200 latest.js Show response
pagamentoimposto.site/js/ 11 KB
4 KB 829ms
829ms Script
application/x-javascript 2a02:4780:13:1701:0:2fd4:a0ce:3
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://pagamentoimposto.site/js/latest.js

Requested by

Host: pagamentoimposto.site
URL: https://pagamentoimposto.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:13:1701:0:2fd4:a0ce:3 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

49d27da262ad785fa9419ab27578c8542a4c485af0aa2b0f2cdf57f920729788

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://pagamentoimposto.site/

Response headers

panel: hpanel
content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
content-encoding: br
etag: "2c0f-6709fafb-56279432df7d3718;br"
expires: Sun, 20 Oct 2024 13:12:46 GMT
accept-ranges: bytes
content-length: 3544
date: Sun, 13 Oct 2024 13:12:46 GMT
content-type: application/x-javascript
last-modified: Sat, 12 Oct 2024 04:28:43 GMT
vary: Accept-Encoding
server: LiteSpeed
platform: hostinger

GET
H2 200 0NcOyIJ6MLwj.png
pagamentoimposto.site/images/ 37 KB
37 KB 423ms
423ms Image
image/png 2a02:4780:13:1701:0:2fd4:a0ce:3
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagamentoimposto.site/images/0NcOyIJ6MLwj.png

Requested by

Host: pagamentoimposto.site
URL: https://pagamentoimposto.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:13:1701:0:2fd4:a0ce:3 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

4da7d2f1ffae9e6ae8aadd561a0c0dc340953ee917351dbc1246bb13fcc8ce4d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://pagamentoimposto.site/

Response headers

content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
etag: "9489-6709fb08-ef2222f78d0bcfeb;;;"
expires: Sun, 20 Oct 2024 13:12:46 GMT
accept-ranges: bytes
content-length: 38025
date: Sun, 13 Oct 2024 13:12:46 GMT
content-type: image/png
last-modified: Sat, 12 Oct 2024 04:28:56 GMT
server: LiteSpeed
platform: hostinger
panel: hpanel

GET
H2 200 7CNu61CNOnO7.png
pagamentoimposto.site/images/ 80 KB
81 KB 212ms
211ms Image
image/png 2a02:4780:13:1701:0:2fd4:a0ce:3
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagamentoimposto.site/images/7CNu61CNOnO7.png

Requested by

Host: pagamentoimposto.site
URL: https://pagamentoimposto.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:13:1701:0:2fd4:a0ce:3 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

1f83fa1d8b72803405297df6fabe6333f1ad6a0d73ac7bc9b22a1d5895a3f243

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://pagamentoimposto.site/

Response headers

content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
etag: "141e1-6709fb08-29ed6760e742932e;;;"
expires: Sun, 20 Oct 2024 13:12:46 GMT
accept-ranges: bytes
content-length: 82401
date: Sun, 13 Oct 2024 13:12:46 GMT
content-type: image/png
last-modified: Sat, 12 Oct 2024 04:28:56 GMT
server: LiteSpeed
platform: hostinger
panel: hpanel

GET
H2 200 lander.js Show response
storage.checkoutblank.com/storage/script/ 4 KB
2 KB 174ms
39ms Script
application/javascript 2600:9000:2394:600:11:ebaf:b140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.checkoutblank.com/storage/script/lander.js?v=1.0.1
Requested by: Host: pagamentoimposto.site
URL: https://pagamentoimposto.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2394:600:11:ebaf:b140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0c4cfc682a96fb7162fff1e22e3cc199f1ab6615458ee523541972eb8acaf1b3

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://pagamentoimposto.site/

Response headers

x-amz-cf-pop: AMS1-P2
content-encoding: gzip
etag: W/"afe66fbc7979984813e0220b516e71ea"
age: 33108
via: 1.1 2a46367687c8f1815bbea20c92c7d64c.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: vazAEGBPMxNwaobiKvQ2EVVIkSzTYnz6y1HGDs1E1C4xZkObBS122Q==
date: Sun, 13 Oct 2024 12:45:43 GMT
content-type: application/javascript
vary: Accept-Encoding
server: AmazonS3
last-modified: Wed, 04 Sep 2024 20:03:57 GMT
x-amz-server-side-encryption: AES256

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0b64962de30f040decb6bca5f258cce52964127bab4767b702cb9fd7fa3619d5

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer

Response headers

Content-Type: image/svg+xml

GET
H2 200 player.js Show response
scripts.converteai.net/bcb37fc9-50b1-4b4e-bf39-284a61a45264/players/66f394fe133705000b7934cd/ 10 KB
4 KB 331ms
200ms Script
text/javascript 2a02:26f0:2780:6::214:f587
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.converteai.net/bcb37fc9-50b1-4b4e-bf39-284a61a45264/players/66f394fe133705000b7934cd/player.js
Requested by: Host: pagamentoimposto.site
URL: https://pagamentoimposto.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:2780:6::214:f587 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 3d376303a906c9de34d232c42e6b992e70bda613f429d0579e7232f09b459831

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://pagamentoimposto.site/

Response headers

content-encoding: gzip
etag: "474432a6bde446a3b4eb6105286b8575"
accept-ranges: bytes
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 3812
x-amz-cf-id: gnOWGZjUBbtmhIVYNhC1USTkG2qvsJPgPT7qO1FTxN7xyckM19irmg==
date: Sun, 13 Oct 2024 13:12:46 GMT
content-type: text/javascript
last-modified: Wed, 25 Sep 2024 06:03:24 GMT
vary: Accept-Encoding
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256

GET
H2 200 smartplayer.min.js Show response
scripts.converteai.net/lib/js/smartplayer/v1/ 663 KB
178 KB 47ms
46ms Script
text/javascript 2a02:26f0:2780:6::214:f587
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.converteai.net/lib/js/smartplayer/v1/smartplayer.min.js
Requested by: Host: scripts.converteai.net
URL: https://scripts.converteai.net/bcb37fc9-50b1-4b4e-bf39-284a61a45264/players/66f394fe133705000b7934cd/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:2780:6::214:f587 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: f62ef9b8b0533f3e354646b92fd14e4ebb56de7d072de6f42399ecef1d5f8045

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://pagamentoimposto.site/

Response headers

content-encoding: gzip
etag: "9879dd51b502522b40d1624fb052dc6c"
accept-ranges: bytes
content-length: 181703
x-amz-cf-id: ROrNvjhTqJGaD6XSVnOFCW6wy2ASKP6-rCil00J-RKdXkdMQLgyR4A==
date: Sun, 13 Oct 2024 13:12:46 GMT
x-amz-cf-pop: FRA60-P9
content-type: text/javascript
vary: Accept-Encoding
last-modified: Wed, 09 Oct 2024 12:33:38 GMT
x-amz-server-side-encryption: AES256

GET
H2 200 thumbnail.jpg
images.converteai.net/bcb37fc9-50b1-4b4e-bf39-284a61a45264/players/66f394fe133705000b7934cd/ 1 KB
2 KB 638ms
506ms Image
image/jpeg 2a02:26f0:2780:5::210:a806
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.converteai.net/bcb37fc9-50b1-4b4e-bf39-284a61a45264/players/66f394fe133705000b7934cd/thumbnail.jpg
Requested by: Host: pagamentoimposto.site
URL: https://pagamentoimposto.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:2780:5::210:a806 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b66292c0a5ac4806191227566c2538755b0ce824ec9564c0b615add379a61044

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://pagamentoimposto.site/

Response headers

etag: "8b4274f012fd07dfe907025205bf2ee2"
accept-ranges: bytes
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
server-timing: edge; dur=3, origin; dur=456, cdn-cache; desc=MISS, ak_p; desc="1728825166456_34623238_324700923_45933_762_44_59_219";dur=1
content-length: 1481
x-amz-cf-id: XC5iF-sLzpyqxAES3hFuq3p6UGO_A80zumyZdIHjTaIoFX_VpcXLZw==
date: Sun, 13 Oct 2024 13:12:46 GMT
content-type: image/jpeg
last-modified: Wed, 25 Sep 2024 04:43:46 GMT
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256

OPTIONS
H2 204 x
a.vturb.net/ 0
0 349ms
113ms Preflight 54.88.170.186
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vturb.net/x
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.88.170.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-88-170-186.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pagamentoimposto.site
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

access-control-allow-headers: Origin,Content-Length,Content-Type
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS
access-control-allow-origin: *
access-control-max-age: 43200
date: Sun, 13 Oct 2024 13:12:46 GMT

OPTIONS
H2 403 check
api.vturb.com.br/vturb/ 0
0 369ms
113ms Preflight
text/html 34.224.128.91
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.vturb.com.br/vturb/check
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.224.128.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-224-128-91.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pagamentoimposto.site
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

content-length: 118
content-type: text/html
date: Sun, 13 Oct 2024 13:12:46 GMT
server: awselb/2.0

GET
H/1.1 200
OK main.m3u8 Show response
cdn.converteai.net/bcb37fc9-50b1-4b4e-bf39-284a61a45264/66f394fadee2cc000bcf5872/ 346 B
991 B 437ms
317ms XHR
application/x-mpegurl 2a02:26f0:2780:5::210:a808
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.converteai.net/bcb37fc9-50b1-4b4e-bf39-284a61a45264/66f394fadee2cc000bcf5872/main.m3u8
Requested by: Host: scripts.converteai.net
URL: https://scripts.converteai.net/lib/js/smartplayer/v1/smartplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:2780:5::210:a808 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 1acf44ebcfc329223ef973695f2f347a18ed3455c27d486908c71ac7638e38a5

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://pagamentoimposto.site/

Response headers

Access-Control-Max-Age: 86400
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Content-Encoding: gzip
ETag: "4b97768b6a7301be1fb016bedf629769:1727239456.089685"
Access-Control-Allow-Methods: GET,POST,OPTIONS
Date: Sun, 13 Oct 2024 13:12:46 GMT
Content-Type: application/x-mpegURL
Last-Modified: Wed, 25 Sep 2024 04:43:54 GMT
Vary: Accept-Encoding
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Cache-Control: max-age=31034710
Connection: keep-alive
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 214
Server: AkamaiNetStorage
Akamai-Mon-Iucid-Del: 1429301

POST
H2 204 x
a.vturb.net/ 0
0 115ms
113ms Fetch 54.88.170.186
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vturb.net/x
Requested by: Host: scripts.converteai.net
URL: https://scripts.converteai.net/lib/js/smartplayer/v1/smartplayer.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.88.170.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-88-170-186.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://pagamentoimposto.site/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Accept: application/json
Content-Type: application/json

Response headers

date: Sun, 13 Oct 2024 13:12:46 GMT
access-control-allow-origin: *

POST check
api.vturb.com.br/vturb/ 0
0

GET
DATA 200
OK truncated
/ 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer

Response headers

Content-Type: image/png

GET
H/1.1 200
OK original_360p.m3u8 Show response
cdn.converteai.net/bcb37fc9-50b1-4b4e-bf39-284a61a45264/66f394fadee2cc000bcf5872/ 305 B
943 B 314ms
314ms XHR
application/x-mpegurl 2a02:26f0:2780:5::210:a808
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.converteai.net/bcb37fc9-50b1-4b4e-bf39-284a61a45264/66f394fadee2cc000bcf5872/original_360p.m3u8
Requested by: Host: scripts.converteai.net
URL: https://scripts.converteai.net/lib/js/smartplayer/v1/smartplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:2780:5::210:a808 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 929b300e564cba1f08a581a88287a0a2eb5038b49809c83307aae316d08d9088

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://pagamentoimposto.site/

Response headers

Access-Control-Max-Age: 86400
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Content-Encoding: gzip
ETag: "dba90ce6a4be4b938be7e694fd58fb73:1727239457.157788"
Access-Control-Allow-Methods: GET,POST,OPTIONS
Date: Sun, 13 Oct 2024 13:12:47 GMT
Content-Type: application/x-mpegURL
Last-Modified: Wed, 25 Sep 2024 04:43:54 GMT
Vary: Accept-Encoding
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Cache-Control: max-age=31034692
Connection: keep-alive
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 166
Server: AkamaiNetStorage
Akamai-Mon-Iucid-Del: 1429301

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=D99054D872A04C39A3C3BBCD32A5CA82&RedC=c.clarity.ms&MXFR=083745522E5A6F96068E50452A5A61FE
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D99054D872A04C39A3C3BBCD32A5CA82&MUID=115DC683D71669831DF8D394D6F668CC

42 B
443 B

43ms
43ms

Image
image/gif

13.74.129.1
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D99054D872A04C39A3C3BBCD32A5CA82&MUID=115DC683D71669831DF8D394D6F668CC
Protocol: H2
Server: 13.74.129.1 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://pagamentoimposto.site/

Response headers

cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
etag: "bb391b5d70eeda1:0"
accept-ranges: bytes
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length: 42
date: Sun, 13 Oct 2024 13:12:46 GMT
content-type: image/gif
last-modified: Wed, 14 Aug 2024 17:35:32 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

Redirect headers

cache-control: private, no-cache, proxy-revalidate, no-store
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D99054D872A04C39A3C3BBCD32A5CA82&MUID=115DC683D71669831DF8D394D6F668CC
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9032172EE112498EB9D7F548AF8F5EDA Ref B: LON04EDGE1014 Ref C: 2024-10-13T13:12:47Z
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length: 0
date: Sun, 13 Oct 2024 13:12:46 GMT
x-powered-by: ASP.NET

GET
H2 200 0NcOyIJ6MLwj.png
pagamentoimposto.site/images/ 37 KB
0 0ms
0ms Other
image/png 2a02:4780:13:1701:0:2fd4:a0ce:3
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://pagamentoimposto.site/images/0NcOyIJ6MLwj.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:13:1701:0:2fd4:a0ce:3 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

4da7d2f1ffae9e6ae8aadd561a0c0dc340953ee917351dbc1246bb13fcc8ce4d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://pagamentoimposto.site/

Response headers

content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
etag: "9489-6709fb08-ef2222f78d0bcfeb;;;"
expires: Sun, 20 Oct 2024 13:12:46 GMT
accept-ranges: bytes
content-length: 38025
date: Sun, 13 Oct 2024 13:12:46 GMT
content-type: image/png
last-modified: Sat, 12 Oct 2024 04:28:56 GMT
server: LiteSpeed
platform: hostinger
panel: hpanel

GET
H3 200 mNKa6jCpzMtZ.png
pagamentoimposto.site/images/ 63 B
394 B 216ms
215ms Other
image/png 82.112.247.102
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://pagamentoimposto.site/images/mNKa6jCpzMtZ.png

Protocol

Security

QUIC, , AES_128_GCM

Server

82.112.247.102 , United Kingdom, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

26a01836ff2dec700ff0756e469a8e23aade8f2b2c474e247ba954e8e215d0f8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://pagamentoimposto.site/

Response headers

content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
etag: "3f-6709fb08-9b4e54e75b56d0fc;;;"
expires: Sun, 20 Oct 2024 13:12:47 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 63
date: Sun, 13 Oct 2024 13:12:47 GMT
content-type: image/png
last-modified: Sat, 12 Oct 2024 04:28:56 GMT
server: LiteSpeed
platform: hostinger
panel: hpanel

GET
H2 200 0NcOyIJ6MLwj.png
pagamentoimposto.site/images/ 37 KB
0 0ms
0ms Other
image/png 2a02:4780:13:1701:0:2fd4:a0ce:3
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://pagamentoimposto.site/images/0NcOyIJ6MLwj.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:13:1701:0:2fd4:a0ce:3 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

4da7d2f1ffae9e6ae8aadd561a0c0dc340953ee917351dbc1246bb13fcc8ce4d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://pagamentoimposto.site/

Response headers

content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
etag: "9489-6709fb08-ef2222f78d0bcfeb;;;"
expires: Sun, 20 Oct 2024 13:12:46 GMT
accept-ranges: bytes
content-length: 38025
date: Sun, 13 Oct 2024 13:12:46 GMT
content-type: image/png
last-modified: Sat, 12 Oct 2024 04:28:56 GMT
server: LiteSpeed
platform: hostinger
panel: hpanel

GET
H3 200 Kf0lMtmRHOgv.png
pagamentoimposto.site/images/ 63 B
108 B 213ms
213ms Other
image/png 82.112.247.102
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://pagamentoimposto.site/images/Kf0lMtmRHOgv.png

Protocol

Security

QUIC, , AES_128_GCM

Server

82.112.247.102 , United Kingdom, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

26a01836ff2dec700ff0756e469a8e23aade8f2b2c474e247ba954e8e215d0f8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://pagamentoimposto.site/

Response headers

content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
etag: "3f-6709fb08-c8f5de4d1aa1da7;;;"
expires: Sun, 20 Oct 2024 13:12:47 GMT
accept-ranges: bytes
content-length: 63
date: Sun, 13 Oct 2024 13:12:47 GMT
content-type: image/png
last-modified: Sat, 12 Oct 2024 04:28:56 GMT
server: LiteSpeed
platform: hostinger
panel: hpanel

GET
H/1.1 200
OK segment__00001.ts Show response
cdn.converteai.net/bcb37fc9-50b1-4b4e-bf39-284a61a45264/66f394fadee2cc000bcf5872/original_360p/ 383 KB
384 KB 405ms
405ms XHR
video/mp2t 2a02:26f0:2780:5::210:a808
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.converteai.net/bcb37fc9-50b1-4b4e-bf39-284a61a45264/66f394fadee2cc000bcf5872/original_360p/segment__00001.ts
Requested by: Host: scripts.converteai.net
URL: https://scripts.converteai.net/lib/js/smartplayer/v1/smartplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:2780:5::210:a808 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 28f9750df7b70b92f54ab4e441a8d95b5c96ea906db472ee6a94759e184cae17

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://pagamentoimposto.site/

Response headers

Access-Control-Max-Age: 86400
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
ETag: "5230d9cb46f162091e525b15638e390d:1727239457.963227"
Access-Control-Allow-Methods: GET,POST,OPTIONS
Date: Sun, 13 Oct 2024 13:12:47 GMT
Last-Modified: Wed, 25 Sep 2024 04:43:46 GMT
Content-Type: video/MP2T
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Cache-Control: max-age=31034639
Connection: keep-alive
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 392544
Server: AkamaiNetStorage
Akamai-Mon-Iucid-Del: 1429301

GET 262155a8-c475-4d63-96db-394f9eec62fb
https://pagamentoimposto.site/ 0
0

GET
H/1.1 200
OK segment__00002.ts Show response
cdn.converteai.net/bcb37fc9-50b1-4b4e-bf39-284a61a45264/66f394fadee2cc000bcf5872/original_360p/ 394 KB
395 KB 434ms
434ms XHR
video/mp2t 2a02:26f0:2780:5::210:a808
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.converteai.net/bcb37fc9-50b1-4b4e-bf39-284a61a45264/66f394fadee2cc000bcf5872/original_360p/segment__00002.ts
Requested by: Host: scripts.converteai.net
URL: https://scripts.converteai.net/lib/js/smartplayer/v1/smartplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:2780:5::210:a808 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: a1b06420c483eaff82975bbc7c66cae077a4ef4abfc932aae2858561b5d6d71b

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://pagamentoimposto.site/

Response headers

Access-Control-Max-Age: 86400
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
ETag: "5807e1a85651db4b745647367169af82:1727239458.394771"
Access-Control-Allow-Methods: GET,POST,OPTIONS
Date: Sun, 13 Oct 2024 13:12:48 GMT
Last-Modified: Wed, 25 Sep 2024 04:43:48 GMT
Content-Type: video/MP2T
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Cache-Control: max-age=31034642
Connection: keep-alive
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 403260
Server: AkamaiNetStorage
Akamai-Mon-Iucid-Del: 1429301

POST
H2 204 x
a.vturb.net/ 0
0 115ms
114ms Fetch 54.88.170.186
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vturb.net/x
Requested by: Host: scripts.converteai.net
URL: https://scripts.converteai.net/lib/js/smartplayer/v1/smartplayer.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.88.170.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-88-170-186.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://pagamentoimposto.site/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Accept: application/json
Content-Type: application/json

Response headers

date: Sun, 13 Oct 2024 13:12:48 GMT
access-control-allow-origin: *

GET
H/1.1 200
OK segment__00003.ts Show response
cdn.converteai.net/bcb37fc9-50b1-4b4e-bf39-284a61a45264/66f394fadee2cc000bcf5872/original_360p/ 336 KB
336 KB 268ms
268ms XHR
video/mp2t 2a02:26f0:2780:5::210:a808
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.converteai.net/bcb37fc9-50b1-4b4e-bf39-284a61a45264/66f394fadee2cc000bcf5872/original_360p/segment__00003.ts
Requested by: Host: scripts.converteai.net
URL: https://scripts.converteai.net/lib/js/smartplayer/v1/smartplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:2780:5::210:a808 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 06e7e4fd7acccd445855f42906ef0b99211ea3e9e74d7c0d53dc184f9fca93a1

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://pagamentoimposto.site/

Response headers

Access-Control-Max-Age: 86400
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
ETag: "d0b7cf520a41b822205e823f5a1af0c7:1727239459.015287"
Access-Control-Allow-Methods: GET,POST,OPTIONS
Date: Sun, 13 Oct 2024 13:12:49 GMT
Last-Modified: Wed, 25 Sep 2024 04:43:49 GMT
Content-Type: video/MP2T
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Cache-Control: max-age=31036564
Connection: keep-alive
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 343664
Server: AkamaiNetStorage
Akamai-Mon-Iucid-Del: 1429301

GET
H/1.1 200
OK segment__00004.ts Show response
cdn.converteai.net/bcb37fc9-50b1-4b4e-bf39-284a61a45264/66f394fadee2cc000bcf5872/original_360p/ 327 KB
328 KB 422ms
422ms XHR
video/mp2t 2a02:26f0:2780:5::210:a808
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.converteai.net/bcb37fc9-50b1-4b4e-bf39-284a61a45264/66f394fadee2cc000bcf5872/original_360p/segment__00004.ts
Requested by: Host: scripts.converteai.net
URL: https://scripts.converteai.net/lib/js/smartplayer/v1/smartplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:2780:5::210:a808 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 51db6533d62549771c6b9f617c0d2bcbec062872f16695f090b8832773edef56

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://pagamentoimposto.site/

Response headers

Access-Control-Max-Age: 86400
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
ETag: "a0d19f551ff42d4c4f2faf2ba3770517:1727239459.818113"
Access-Control-Allow-Methods: GET,POST,OPTIONS
Date: Sun, 13 Oct 2024 13:12:50 GMT
Last-Modified: Wed, 25 Sep 2024 04:43:51 GMT
Content-Type: video/MP2T
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Cache-Control: max-age=31036500
Connection: keep-alive
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 334640
Server: AkamaiNetStorage
Akamai-Mon-Iucid-Del: 1429301

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.vturb.com.br
URL: https://api.vturb.com.br/vturb/check

Domain: pagamentoimposto.site
URL: blob:https://pagamentoimposto.site/262155a8-c475-4d63-96db-394f9eec62fb

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bing.com/	1970-01-21 09:35:21	Name: MUID Value: 115DC683D71669831DF8D394D6F668CC
.c.bing.com/	1970-01-21 00:23:49	Name: MR Value: 0
.c.bing.com/	1970-01-21 09:35:21	Name: SRM_B Value: 115DC683D71669831DF8D394D6F668CC
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 09:35:21	Name: MUID Value: 115DC683D71669831DF8D394D6F668CC
.c.clarity.ms/	1970-01-21 00:23:49	Name: MR Value: 0
.c.clarity.ms/	1970-01-21 00:13:45	Name: ANONCHK Value: 0

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://scripts.converteai.net/lib/js/smartplayer/v1/smartplayer.min.js Message: Specifying 'overflow: visible' on img, video and canvas tags may cause them to produce visual content outside of the element bounds. See https://github.com/WICG/view-transitions/blob/main/debugging_overflow_on_images.md for details.
javascript	error	URL: https://pagamentoimposto.site/ Message: Access to XMLHttpRequest at 'https://api.vturb.com.br/vturb/check' from origin 'https://pagamentoimposto.site' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.vturb.com.br/vturb/check Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.vturb.net
api.vturb.com.br
c.bing.com
c.clarity.ms
cdn.converteai.net
images.converteai.net
pagamentoimposto.site
scripts.converteai.net
storage.checkoutblank.com
api.vturb.com.br
pagamentoimposto.site
13.74.129.1
2600:9000:2394:600:11:ebaf:b140:93a1
2620:1ec:c11::237
2a02:26f0:2780:5::210:a806
2a02:26f0:2780:5::210:a808
2a02:26f0:2780:6::214:f587
2a02:4780:13:1701:0:2fd4:a0ce:3
34.224.128.91
54.88.170.186
82.112.247.102
02ffbe208cc94a30a378f1f7ee05622fe2a79abf00c6d27bef5622832171ef40
06e7e4fd7acccd445855f42906ef0b99211ea3e9e74d7c0d53dc184f9fca93a1
0b64962de30f040decb6bca5f258cce52964127bab4767b702cb9fd7fa3619d5
0c4cfc682a96fb7162fff1e22e3cc199f1ab6615458ee523541972eb8acaf1b3
1acf44ebcfc329223ef973695f2f347a18ed3455c27d486908c71ac7638e38a5
1d37b99230491f4b76d65b36a5a02ef2dcb31f0719e66b69cfd843b10eb5cd4f
1f83fa1d8b72803405297df6fabe6333f1ad6a0d73ac7bc9b22a1d5895a3f243
26a01836ff2dec700ff0756e469a8e23aade8f2b2c474e247ba954e8e215d0f8
28f9750df7b70b92f54ab4e441a8d95b5c96ea906db472ee6a94759e184cae17
30adbc7e799238c336b56a1e20db67910f2a114fc3bc6ced6c550b4c873318aa
3d376303a906c9de34d232c42e6b992e70bda613f429d0579e7232f09b459831
49d27da262ad785fa9419ab27578c8542a4c485af0aa2b0f2cdf57f920729788
4da7d2f1ffae9e6ae8aadd561a0c0dc340953ee917351dbc1246bb13fcc8ce4d
51db6533d62549771c6b9f617c0d2bcbec062872f16695f090b8832773edef56
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
929b300e564cba1f08a581a88287a0a2eb5038b49809c83307aae316d08d9088
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a1b06420c483eaff82975bbc7c66cae077a4ef4abfc932aae2858561b5d6d71b
b66292c0a5ac4806191227566c2538755b0ce824ec9564c0b615add379a61044
cf6d9b6dda57712631a5f1ed9c61cd6c17342597706eceb22344eae9de3b0d4c
f62ef9b8b0533f3e354646b92fd14e4ebb56de7d072de6f42399ecef1d5f8045

pagamentoimposto.site Open in urlscan Pro 2a02:4780:13:1701:0:2fd4:a0ce:3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

29 Requests

90 %HTTPS

60 %IPv6

7 Domains

9 Subdomains

10 IPs

5 Countries

1856 kBTransfer

2646 kBSize

7 Cookies

1 Outgoing links

Page URL History

Redirected requests

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

pagamentoimposto.site Open in urlscan Pro
2a02:4780:13:1701:0:2fd4:a0ce:3 Public Scan

Screenshot
Live screenshot

Full Image

29
Requests

90 %
HTTPS

60 %
IPv6

7
Domains

9
Subdomains

10
IPs

5
Countries

1856 kB
Transfer

2646 kB
Size

7
Cookies

29 HTTP transactions
2 data transactions