credito-seguro.buider-sys.pro Open in urlscan Pro
2a02:4780:13:987:0:178e:e7db:f  Malicious Activity! Public Scan

URL: https://credito-seguro.buider-sys.pro/
Submission: On April 14 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 20 HTTP transactions. The main IP is 2a02:4780:13:987:0:178e:e7db:f, located in São Paulo, Brazil and belongs to AS-HOSTINGER, CY. The main domain is credito-seguro.buider-sys.pro.
TLS certificate: Issued by R3 on April 14th 2024. Valid for: 3 months.
This is the only time credito-seguro.buider-sys.pro was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Caixa (Government)

Domain & IP information

IP Address AS Autonomous System
7 2a02:4780:13:... 47583 (AS-HOSTINGER)
8 89.117.7.198 47583 (AS-HOSTINGER)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 2a03:2880:f17... 32934 (FACEBOOK)
1 188.114.97.3 13335 (CLOUDFLAR...)
20 6
Apex Domain
Subdomains
Transfer
15 buider-sys.pro
credito-seguro.buider-sys.pro
686 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 183
70 KB
1 userstatics.com
userstatics.com — Cisco Umbrella Rank: 78042
645 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 97
274 B
0 liberarnovasolicitacao.online Failed
liberarnovasolicitacao.online Failed
20 5
Domain Requested by
15 credito-seguro.buider-sys.pro credito-seguro.buider-sys.pro
2 connect.facebook.net credito-seguro.buider-sys.pro
connect.facebook.net
1 userstatics.com credito-seguro.buider-sys.pro
1 www.facebook.com credito-seguro.buider-sys.pro
0 liberarnovasolicitacao.online Failed
20 5

This site contains no links.

Subject Issuer Validity Valid
credito-seguro.buider-sys.pro
R3
2024-04-14 -
2024-07-13
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-01-23 -
2024-04-22
3 months crt.sh
userstatics.com
E1
2024-03-28 -
2024-06-26
3 months crt.sh

This page contains 1 frames:

Primary Page: https://credito-seguro.buider-sys.pro/
Frame ID: FD7936FB86506509157D7BFDE25E0B4D
Requests: 20 HTTP requests in this frame

Screenshot

Page Title

Empréstimo Auxilio Brasil

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]+?href="[^"]+sweetalert2(?:\.min)?\.css
  • sweetalert2(?:\.all)?(?:\.min)?\.js

Page Statistics

20
Requests

95 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

6
IPs

3
Countries

757 kB
Transfer

1368 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
credito-seguro.buider-sys.pro/
6 KB
3 KB
Document
General
Full URL
https://credito-seguro.buider-sys.pro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:13:987:0:178e:e7db:f São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed / PHP/8.1.27
Resource Hash
32265765678fc213b95bf6c82a82616511dc12967f67f896dda6df7fd820d592
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-length
2725
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Sun, 14 Apr 2024 23:13:03 GMT
platform
hostinger
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/8.1.27
index.css
credito-seguro.buider-sys.pro/src/assets/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://credito-seguro.buider-sys.pro/src/assets/css/index.css
Requested by
Host: credito-seguro.buider-sys.pro
URL: https://credito-seguro.buider-sys.pro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:13:987:0:178e:e7db:f São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
df22f350b3aa8616d1717e2125575073d29ac5ed8886139b855a08ec8c657300
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://credito-seguro.buider-sys.pro/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 23:13:03 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Sun, 14 Apr 2024 23:01:08 GMT
server
LiteSpeed
etag
"ba7-661c6034-fff4738f190bf162;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
900
expires
Sun, 21 Apr 2024 23:13:03 GMT
bootstrap.min.css
credito-seguro.buider-sys.pro/src/assets/css/
227 KB
27 KB
Stylesheet
General
Full URL
https://credito-seguro.buider-sys.pro/src/assets/css/bootstrap.min.css
Requested by
Host: credito-seguro.buider-sys.pro
URL: https://credito-seguro.buider-sys.pro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:13:987:0:178e:e7db:f São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
16ee7f3d53462650bbd32e263c48c0ea759574fcf620c681ad719008912c461a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://credito-seguro.buider-sys.pro/
Origin
https://credito-seguro.buider-sys.pro
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 23:13:03 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Sun, 14 Apr 2024 23:01:08 GMT
server
LiteSpeed
etag
"38cf3-661c6034-9ccb037d1afe2aee;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
27179
expires
Sun, 21 Apr 2024 23:13:03 GMT
all.min.css
credito-seguro.buider-sys.pro/src/assets/css/
122 KB
22 KB
Stylesheet
General
Full URL
https://credito-seguro.buider-sys.pro/src/assets/css/all.min.css
Requested by
Host: credito-seguro.buider-sys.pro
URL: https://credito-seguro.buider-sys.pro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:13:987:0:178e:e7db:f São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
88edfd7d301e4c23f8aa5f0d31302620e16414a90a328fa0513f786efdcc2fb7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Origin
https://credito-seguro.buider-sys.pro
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 23:13:03 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Sun, 14 Apr 2024 23:01:08 GMT
server
LiteSpeed
etag
"1e7d2-661c6034-b5ac4ade39f99efd;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
22173
expires
Sun, 21 Apr 2024 23:13:03 GMT
sweetalert2.min.css
credito-seguro.buider-sys.pro/src/assets/css/
22 KB
4 KB
Stylesheet
General
Full URL
https://credito-seguro.buider-sys.pro/src/assets/css/sweetalert2.min.css
Requested by
Host: credito-seguro.buider-sys.pro
URL: https://credito-seguro.buider-sys.pro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:13:987:0:178e:e7db:f São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
b594b8d833ee6135c84734924c94bd83028fbfcfa98256c17cdb4950dbddc96e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://credito-seguro.buider-sys.pro/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 23:13:03 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Sun, 14 Apr 2024 23:01:09 GMT
server
LiteSpeed
etag
"58a2-661c6035-9fccde8810ebb007;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
3896
expires
Sun, 21 Apr 2024 23:13:03 GMT
aux_brasil.png
credito-seguro.buider-sys.pro/src/assets/imgs/
12 KB
12 KB
Image
General
Full URL
https://credito-seguro.buider-sys.pro/src/assets/imgs/aux_brasil.png
Requested by
Host: credito-seguro.buider-sys.pro
URL: https://credito-seguro.buider-sys.pro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:13:987:0:178e:e7db:f São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
34ed364796a0991f553ef8cf815f8031a1dbe7eca0bd210ca25ed63c90647170
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://credito-seguro.buider-sys.pro/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 23:13:03 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Sun, 14 Apr 2024 23:01:09 GMT
server
LiteSpeed
etag
"302e-661c6035-8f3155d7df599660;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
12334
expires
Sun, 21 Apr 2024 23:13:03 GMT
bolsa_familia_logo.png
credito-seguro.buider-sys.pro/src/assets/imgs/
8 KB
8 KB
Image
General
Full URL
https://credito-seguro.buider-sys.pro/src/assets/imgs/bolsa_familia_logo.png
Requested by
Host: credito-seguro.buider-sys.pro
URL: https://credito-seguro.buider-sys.pro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:13:987:0:178e:e7db:f São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
9647d991e8f6c774daafdf26e34b0de49d1443cba8d763c67888987f993887d6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://credito-seguro.buider-sys.pro/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 23:13:03 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Sun, 14 Apr 2024 23:01:09 GMT
server
LiteSpeed
etag
"1eec-661c6035-97b033b52fb858ff;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
7916
expires
Sun, 21 Apr 2024 23:13:03 GMT
8638314_whatsapp_compress.png
credito-seguro.buider-sys.pro/src/assets/imgs/
270 KB
271 KB
Image
General
Full URL
https://credito-seguro.buider-sys.pro/src/assets/imgs/8638314_whatsapp_compress.png
Requested by
Host: credito-seguro.buider-sys.pro
URL: https://credito-seguro.buider-sys.pro/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
89.117.7.198 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
67ade3dc20f9edc0bff12ea49f18f9579c58bd5e73ef63806cd778d1c2c05d76
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://credito-seguro.buider-sys.pro/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 23:13:04 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Sun, 14 Apr 2024 23:01:09 GMT
server
LiteSpeed
etag
"4394c-661c6035-27fac81fde11801a;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
276812
expires
Sun, 21 Apr 2024 23:13:04 GMT
tutorial_1.png
credito-seguro.buider-sys.pro/src/assets/imgs/
50 KB
50 KB
Image
General
Full URL
https://credito-seguro.buider-sys.pro/src/assets/imgs/tutorial_1.png
Requested by
Host: credito-seguro.buider-sys.pro
URL: https://credito-seguro.buider-sys.pro/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
89.117.7.198 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
259ebfc91f8d7fdf857a0311eaa4a1f3d27576df41ece7321e4272e618a44852
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://credito-seguro.buider-sys.pro/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 23:13:04 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Sun, 14 Apr 2024 23:01:09 GMT
server
LiteSpeed
etag
"c766-661c6035-c8ae3ca3fc8b8dd4;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
51046
expires
Sun, 21 Apr 2024 23:13:04 GMT
x-volume-positiva-54-v2.png
credito-seguro.buider-sys.pro/src/assets/imgs/
982 B
1 KB
Image
General
Full URL
https://credito-seguro.buider-sys.pro/src/assets/imgs/x-volume-positiva-54-v2.png
Requested by
Host: credito-seguro.buider-sys.pro
URL: https://credito-seguro.buider-sys.pro/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
89.117.7.198 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
fc3ce1c3377cbb38f54381f81ab7b58399441ab228b2c9698ace80f69f6e08e2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://credito-seguro.buider-sys.pro/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 23:13:04 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Sun, 14 Apr 2024 23:01:09 GMT
server
LiteSpeed
etag
"3d6-661c6035-e70259dc3e6f2404;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
982
expires
Sun, 21 Apr 2024 23:13:04 GMT
ic-acesso-informacao-54-v2.png
credito-seguro.buider-sys.pro/src/assets/imgs/
960 B
1009 B
Image
General
Full URL
https://credito-seguro.buider-sys.pro/src/assets/imgs/ic-acesso-informacao-54-v2.png
Requested by
Host: credito-seguro.buider-sys.pro
URL: https://credito-seguro.buider-sys.pro/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
89.117.7.198 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
0bc556b39c65201bd4bc63f0062e428580e31c03d046fb58a2c5602adc5019d2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://credito-seguro.buider-sys.pro/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 23:13:04 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Sun, 14 Apr 2024 23:01:09 GMT
server
LiteSpeed
etag
"3c0-661c6035-5ba3e62b262052e;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
960
expires
Sun, 21 Apr 2024 23:13:04 GMT
sweetalert2.min.js
credito-seguro.buider-sys.pro/src/assets/js/
40 KB
13 KB
Script
General
Full URL
https://credito-seguro.buider-sys.pro/src/assets/js/sweetalert2.min.js
Requested by
Host: credito-seguro.buider-sys.pro
URL: https://credito-seguro.buider-sys.pro/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
89.117.7.198 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
254035f46a1e99ce2bb3c0bf1a19658809e8351e2a9d5f7ebc57193ee0a4cbf0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://credito-seguro.buider-sys.pro/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 23:13:04 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Sun, 14 Apr 2024 23:01:09 GMT
server
LiteSpeed
etag
"a179-661c6035-b42b3410a2e400ca;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
12763
expires
Sun, 21 Apr 2024 23:13:04 GMT
bootstrap.bundle.min.js
credito-seguro.buider-sys.pro/src/assets/js/
79 KB
22 KB
Script
General
Full URL
https://credito-seguro.buider-sys.pro/src/assets/js/bootstrap.bundle.min.js
Requested by
Host: credito-seguro.buider-sys.pro
URL: https://credito-seguro.buider-sys.pro/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
89.117.7.198 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
a23bc241647e57f561aef14b09c3e9c6ea14caf2358278cc725eeb179b303ea3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://credito-seguro.buider-sys.pro/
Origin
https://credito-seguro.buider-sys.pro
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 23:13:04 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Sun, 14 Apr 2024 23:01:09 GMT
server
LiteSpeed
etag
"13b4d-661c6035-cf898d17d542199f;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
22397
expires
Sun, 21 Apr 2024 23:13:04 GMT
fbevents.js
connect.facebook.net/en_US/
218 KB
59 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: credito-seguro.buider-sys.pro
URL: https://credito-seguro.buider-sys.pro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bda2cf571d7ea45f68afcdc87f968090dbf4bbdec2c7d6d19ce591b3980c296f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://credito-seguro.buider-sys.pro/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 14 Apr 2024 23:13:03 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57850
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=12, mss=1294, tbw=2762, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
PJDQFn2+9L0fyrr7zoEnqaPtpBPfpHiUVBUJue//lGEkAQ90NoIt7QvugmBuXumX4HtWf0jBOvD6pCAcdXaQKg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
fa-solid-900.woff2
credito-seguro.buider-sys.pro/src/assets/fonts/
147 KB
147 KB
Font
General
Full URL
https://credito-seguro.buider-sys.pro/src/assets/fonts/fa-solid-900.woff2
Requested by
Host: credito-seguro.buider-sys.pro
URL: https://credito-seguro.buider-sys.pro/src/assets/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
89.117.7.198 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
7152a6933ee3d690ec2af3d09da9d701723d16aa3410a6d80f28ff8866f3b880
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://credito-seguro.buider-sys.pro/src/assets/css/all.min.css
Origin
https://credito-seguro.buider-sys.pro
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 23:13:04 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Sun, 14 Apr 2024 23:01:09 GMT
server
LiteSpeed
etag
"24a6c-661c6035-c60e37395e0f0c91;;;"
content-type
font/woff2
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
150124
expires
Sun, 21 Apr 2024 23:13:04 GMT
fa-brands-400.woff2
credito-seguro.buider-sys.pro/src/assets/fonts/
105 KB
106 KB
Font
General
Full URL
https://credito-seguro.buider-sys.pro/src/assets/fonts/fa-brands-400.woff2
Requested by
Host: credito-seguro.buider-sys.pro
URL: https://credito-seguro.buider-sys.pro/src/assets/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
89.117.7.198 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
748332090c4b8e20f95d0ff59f0be20fa9c889359d3b36d4b886d73376054207
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://credito-seguro.buider-sys.pro/src/assets/css/all.min.css
Origin
https://credito-seguro.buider-sys.pro
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 23:13:04 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Sun, 14 Apr 2024 23:01:09 GMT
server
LiteSpeed
etag
"1a5f4-661c6035-1ea0e8e83ebe6163;;;"
content-type
font/woff2
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
108020
expires
Sun, 21 Apr 2024 23:13:04 GMT
607478584510967
connect.facebook.net/signals/config/
56 KB
12 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/607478584510967?v=2.9.153&r=stable&domain=credito-seguro.buider-sys.pro&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
48edea14e367dd808b0674fa4ef0cb96e87679e717f95d37d454ff27bd2d20fe
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://credito-seguro.buider-sys.pro/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 14 Apr 2024 23:13:04 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=37, rtx=0, c=64, mss=1294, tbw=63135, tp=-1, tpl=-1, uplat=79, ullat=0
pragma
public
x-fb-debug
KO/bdCGI1Cuf8S7bCLjTfc54aMzAnHTqXuhjgOQ3W8AHIDP5IMQXuj0sUZSUGIQYkEEEzgioldjaJFvjuDV06g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
0
274 B
Image
General
Full URL
https://www.facebook.com/tr/?id=607478584510967&ev=PageView&dl=https%3A%2F%2Fcredito-seguro.buider-sys.pro%2F&rl=&if=false&ts=1713136384266&sw=1600&sh=1200&v=2.9.153&r=stable&ec=0&o=4126&fbp=fb.1.1713136384265.1033558535&ler=empty&cdl=API_unavailable&it=1713136384131&coo=false&rqm=GET
Requested by
Host: credito-seguro.buider-sys.pro
URL: https://credito-seguro.buider-sys.pro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://credito-seguro.buider-sys.pro/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=37, rtx=0, c=10, mss=1294, tbw=2755, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 14 Apr 2024 23:13:04 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
caixa_tem.png
liberarnovasolicitacao.online/images/
0
0

script.js
userstatics.com/get/
133 B
645 B
Script
General
Full URL
https://userstatics.com/get/script.js?referrer=https://credito-seguro.buider-sys.pro/
Requested by
Host: credito-seguro.buider-sys.pro
URL: https://credito-seguro.buider-sys.pro/src/assets/js/bootstrap.bundle.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.1
Resource Hash
df9690fea031319de38a437cb6d393026c4aae70642ed394c4254ed64f035b26

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://credito-seguro.buider-sys.pro/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 23:13:06 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.2.1
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/html; charset=utf-8
access-control-allow-origin
https://credito-seguro.buider-sys.pro
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ileGBnmBdMTJC0Od3FBC7aLK%2BTu8yQ6eru9LAdnTvHe8xNVMTVXAjQXEpdjKTX3KAl%2BU2gmAjxN3G1qbLR9%2FDTx%2BxN7xHoN%2FQAjVe3PGjICj79GyXr%2B75q5mWxc3SjSIAag%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8747626d6ceb027e-CDG
access-control-allow-headers
X-Requested-With,content-type
alt-svc
h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
liberarnovasolicitacao.online
URL
https://liberarnovasolicitacao.online/images/caixa_tem.png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Caixa (Government)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| fbq function| _fbq function| deleteAllCookies object| aceitarContratoBtn function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal number| uidEvent object| bootstrap

1 Cookies

Domain/Path Name / Value
.buider-sys.pro/ Name: _fbp
Value: fb.1.1713136384265.1033558535

2 Console Messages

Source Level URL
Text
other warning URL: https://connect.facebook.net/signals/config/607478584510967?v=2.9.153&r=stable&domain=credito-seguro.buider-sys.pro&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 97)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://liberarnovasolicitacao.online/images/caixa_tem.png
Message:
Failed to load resource: net::ERR_SSL_PROTOCOL_ERROR

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
credito-seguro.buider-sys.pro
liberarnovasolicitacao.online
userstatics.com
www.facebook.com
liberarnovasolicitacao.online
188.114.97.3
2a02:4780:13:987:0:178e:e7db:f
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
89.117.7.198
0bc556b39c65201bd4bc63f0062e428580e31c03d046fb58a2c5602adc5019d2
16ee7f3d53462650bbd32e263c48c0ea759574fcf620c681ad719008912c461a
254035f46a1e99ce2bb3c0bf1a19658809e8351e2a9d5f7ebc57193ee0a4cbf0
259ebfc91f8d7fdf857a0311eaa4a1f3d27576df41ece7321e4272e618a44852
32265765678fc213b95bf6c82a82616511dc12967f67f896dda6df7fd820d592
34ed364796a0991f553ef8cf815f8031a1dbe7eca0bd210ca25ed63c90647170
48edea14e367dd808b0674fa4ef0cb96e87679e717f95d37d454ff27bd2d20fe
67ade3dc20f9edc0bff12ea49f18f9579c58bd5e73ef63806cd778d1c2c05d76
7152a6933ee3d690ec2af3d09da9d701723d16aa3410a6d80f28ff8866f3b880
748332090c4b8e20f95d0ff59f0be20fa9c889359d3b36d4b886d73376054207
88edfd7d301e4c23f8aa5f0d31302620e16414a90a328fa0513f786efdcc2fb7
9647d991e8f6c774daafdf26e34b0de49d1443cba8d763c67888987f993887d6
a23bc241647e57f561aef14b09c3e9c6ea14caf2358278cc725eeb179b303ea3
b594b8d833ee6135c84734924c94bd83028fbfcfa98256c17cdb4950dbddc96e
bda2cf571d7ea45f68afcdc87f968090dbf4bbdec2c7d6d19ce591b3980c296f
df22f350b3aa8616d1717e2125575073d29ac5ed8886139b855a08ec8c657300
df9690fea031319de38a437cb6d393026c4aae70642ed394c4254ed64f035b26
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fc3ce1c3377cbb38f54381f81ab7b58399441ab228b2c9698ace80f69f6e08e2