uberspromosemanal.tk Open in urlscan Pro
2606:4700:3036::681c:1097  Malicious Activity! Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

37 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response uberspromosemanal.tk/	29 KB 8 KB	297ms 238ms	Document text/html	2606:4700:3036::681c:1097 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://uberspromosemanal.tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::681c:1097 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 414d05e6afb49b4f7c7f7a2cf18fda3140e6976c9559e965c9a427bc720abf22 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority uberspromosemanal.tk :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Tue, 04 Aug 2020 03:36:15 GMT content-type text/html; charset=UTF-8 set-cookie __cfduid=d34087c10495e3ea97c5fecdf659b78ec1596512174; expires=Thu, 03-Sep-20 03:36:14 GMT; path=/; domain=.uberspromosemanal.tk; HttpOnly; SameSite=Lax; Secure x-xss-protection 1; mode=block x-content-type-options nosniff x-request-id 7eef8e51e4be7a31bde28821e235a0b3 cf-cache-status DYNAMIC cf-request-id 0459239ad600003258850d8200000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 5bd53ba489ca3258-FRA content-encoding br
GET H2	200	superfine.css uberspromosemanal.tk/uber_files/	118 KB 18 KB	480ms 480ms	Stylesheet text/css	2606:4700:3036::681c:1097 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://uberspromosemanal.tk/uber_files/superfine.css Requested by Host: uberspromosemanal.tk URL: https://uberspromosemanal.tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::681c:1097 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash acf8385a5c6c6cad6c38eb47b2f8742776d42510feedd49179de3ea2fa0d83da Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://uberspromosemanal.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 04 Aug 2020 03:36:15 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS last-modified Tue, 04 Aug 2020 02:00:04 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 x-xss-protection 1; mode=block cache-control max-age=14400 cf-ray 5bd53ba61c003258-FRA cf-request-id 0459239bca00003258850df200000001 x-request-id 2706b0bf338d5baa771066ae62a35688
GET H2	200	superfine-1.css uberspromosemanal.tk/uber_files/	210 KB 154 KB	584ms 583ms	Stylesheet text/css	2606:4700:3036::681c:1097 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://uberspromosemanal.tk/uber_files/superfine-1.css Requested by Host: uberspromosemanal.tk URL: https://uberspromosemanal.tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::681c:1097 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cbc532210e14fe216bb4fdda45ab0326ca802cbb80c0fd35507b028ec6b74880 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://uberspromosemanal.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 04 Aug 2020 03:36:15 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS last-modified Tue, 04 Aug 2020 02:00:05 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 x-xss-protection 1; mode=block cache-control max-age=14400 cf-ray 5bd53ba61c023258-FRA cf-request-id 0459239bca00003258850e0200000001 x-request-id caf2ac2f548da4f25b325384cd937b8c
GET H2	200	uber-icons.css uberspromosemanal.tk/uber_files/	105 KB 62 KB	466ms 465ms	Stylesheet text/css	2606:4700:3036::681c:1097 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://uberspromosemanal.tk/uber_files/uber-icons.css Requested by Host: uberspromosemanal.tk URL: https://uberspromosemanal.tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::681c:1097 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 420fc0344b8f9d96e2c6de03410bcd6f857f45bc759db2c74f59a171d303ac25 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://uberspromosemanal.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 04 Aug 2020 03:36:15 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS last-modified Tue, 04 Aug 2020 02:00:03 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 x-xss-protection 1; mode=block cache-control max-age=14400 cf-ray 5bd53ba61c033258-FRA cf-request-id 0459239bca00003258850e1200000001 x-request-id 655cb332ce6906ba8bff2c00fb0f8287
GET H2	200	new-sign-up.css uberspromosemanal.tk/uber_files/	9 KB 2 KB	231ms 231ms	Stylesheet text/css	2606:4700:3036::681c:1097 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://uberspromosemanal.tk/uber_files/new-sign-up.css Requested by Host: uberspromosemanal.tk URL: https://uberspromosemanal.tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::681c:1097 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0ef59530802656ab38239c3dc8c2c026db181ba7a871d2c9f07933151d8f2dbc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://uberspromosemanal.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 04 Aug 2020 03:36:15 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS last-modified Tue, 04 Aug 2020 02:00:02 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 x-xss-protection 1; mode=block cache-control max-age=14400 cf-ray 5bd53ba61c043258-FRA cf-request-id 0459239bca00003258850e2200000001 x-request-id 54bccf755f9656a24fc22eca7a7586bd
GET H2	200	jquery.validate.min.js Show response uberspromosemanal.tk/uber_files/	24 KB 8 KB	245ms 239ms	Script application/javascript	2606:4700:3036::681c:1097 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://uberspromosemanal.tk/uber_files/jquery.validate.min.js Requested by Host: uberspromosemanal.tk URL: https://uberspromosemanal.tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::681c:1097 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f8110a988bd0e88b0bf2c1dcbe276d0eb34e7593b70bd2ed14fb45d87d1d3872 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://uberspromosemanal.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 04 Aug 2020 03:36:15 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS last-modified Tue, 04 Aug 2020 02:00:04 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 x-xss-protection 1; mode=block cache-control max-age=14400 cf-ray 5bd53ba9f9893258-FRA cf-request-id 0459239e370000325885101200000001 x-request-id 6a73dd843c911b48fbf4b56a5bb69fb3
GET H2	200	additional-methods.min.js Show response uberspromosemanal.tk/uber_files/	22 KB 6 KB	553ms 547ms	Script application/javascript	2606:4700:3036::681c:1097 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://uberspromosemanal.tk/uber_files/additional-methods.min.js Requested by Host: uberspromosemanal.tk URL: https://uberspromosemanal.tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::681c:1097 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 769a6653733b3e64e850f13421940414afafe8625acf963354e64dfaec51883c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://uberspromosemanal.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 04 Aug 2020 03:36:16 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS last-modified Tue, 04 Aug 2020 02:00:06 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 x-xss-protection 1; mode=block cache-control max-age=14400 cf-ray 5bd53ba9f98a3258-FRA cf-request-id 0459239e370000325885102200000001 x-request-id e97a8a924ea69be35209bacaaa6992c7
GET H2	200	jquery-3.5.1.min.js Show response uberspromosemanal.tk/uber_files/	87 KB 30 KB	355ms 349ms	Script application/javascript	2606:4700:3036::681c:1097 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://uberspromosemanal.tk/uber_files/jquery-3.5.1.min.js Requested by Host: uberspromosemanal.tk URL: https://uberspromosemanal.tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::681c:1097 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://uberspromosemanal.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 04 Aug 2020 03:36:16 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS last-modified Tue, 04 Aug 2020 02:00:03 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 x-xss-protection 1; mode=block cache-control max-age=14400 cf-ray 5bd53ba9f98b3258-FRA cf-request-id 0459239e370000325885103200000001 x-request-id 1839a5b97d4788bf7138e05efa603e9e
GET H2	200	jquery.mask.min.js Show response uberspromosemanal.tk/uber_files/	8 KB 3 KB	243ms 238ms	Script application/javascript	2606:4700:3036::681c:1097 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://uberspromosemanal.tk/uber_files/jquery.mask.min.js Requested by Host: uberspromosemanal.tk URL: https://uberspromosemanal.tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::681c:1097 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2a0db34dc14ef4b5ce73b230701c7561e5012667a4c9cb274ecab646e1474995 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://uberspromosemanal.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 04 Aug 2020 03:36:15 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS last-modified Tue, 04 Aug 2020 02:00:05 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 x-xss-protection 1; mode=block cache-control max-age=14400 cf-ray 5bd53ba9f98c3258-FRA cf-request-id 0459239e370000325885104200000001 x-request-id 55f5d10562040fbdfe72536ee0e7021f
GET H2	404	linkid.js.asd uberspromosemanal.tk/uber_files/	0 0	232ms 226ms	Script text/html	2606:4700:3036::681c:1097 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://uberspromosemanal.tk/uber_files/linkid.js.asd Requested by Host: uberspromosemanal.tk URL: https://uberspromosemanal.tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::681c:1097 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://uberspromosemanal.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 04 Aug 2020 03:36:15 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type text/html; charset=UTF-8 status 404 cf-request-id 0459239e380000325885105200000001 cf-ray 5bd53ba9f98e3258-FRA x-xss-protection 1; mode=block x-request-id a20d6a9cacf31cf1a2a290be44a3aaea
GET H2	404	ec.js uberspromosemanal.tk/uber_files/	0 0	233ms 228ms	Script text/html	2606:4700:3036::681c:1097 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://uberspromosemanal.tk/uber_files/ec.js Requested by Host: uberspromosemanal.tk URL: https://uberspromosemanal.tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::681c:1097 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://uberspromosemanal.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 04 Aug 2020 03:36:15 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=UTF-8 status 404 x-xss-protection 1; mode=block cache-control max-age=14400 cf-ray 5bd53ba9f9903258-FRA cf-request-id 0459239e380000325885106200000001 x-request-id 6c579888777aa9708a88abc8f56851f1
GET H2	404	analytics.js uberspromosemanal.tk/uber_files/	0 0	231ms 226ms	Script text/html	2606:4700:3036::681c:1097 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://uberspromosemanal.tk/uber_files/analytics.js Requested by Host: uberspromosemanal.tk URL: https://uberspromosemanal.tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::681c:1097 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://uberspromosemanal.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 04 Aug 2020 03:36:15 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=UTF-8 status 404 x-xss-protection 1; mode=block cache-control max-age=14400 cf-ray 5bd53ba9f9913258-FRA cf-request-id 0459239e380000325885107200000001 x-request-id 804ab9f1fe982d53119e633adffc96b4
GET H2	404	fbevents.js uberspromosemanal.tk/uber_files/	0 0	240ms 235ms	Script text/html	2606:4700:3036::681c:1097 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://uberspromosemanal.tk/uber_files/fbevents.js Requested by Host: uberspromosemanal.tk URL: https://uberspromosemanal.tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::681c:1097 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://uberspromosemanal.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 04 Aug 2020 03:36:15 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=UTF-8 status 404 x-xss-protection 1; mode=block cache-control max-age=14400 cf-ray 5bd53ba9f9923258-FRA cf-request-id 0459239e380000325885108200000001 x-request-id 635d5e3483b3670879ff12cdaa7555f1
GET H2	404	conversion_async.js uberspromosemanal.tk/uber_files/	0 0	247ms 242ms	Script text/html	2606:4700:3036::681c:1097 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://uberspromosemanal.tk/uber_files/conversion_async.js Requested by Host: uberspromosemanal.tk URL: https://uberspromosemanal.tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::681c:1097 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://uberspromosemanal.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 04 Aug 2020 03:36:15 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=UTF-8 status 404 x-xss-protection 1; mode=block cache-control max-age=14400 cf-ray 5bd53ba9f9953258-FRA cf-request-id 0459239e3b0000325885109200000001 x-request-id d852062b06ab7f322745d817ac6c2429
GET H2	404	recaptcha__pt_br.js.dsae uberspromosemanal.tk/uber_files/	0 0	241ms 236ms	Script text/html	2606:4700:3036::681c:1097 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://uberspromosemanal.tk/uber_files/recaptcha__pt_br.js.dsae Requested by Host: uberspromosemanal.tk URL: https://uberspromosemanal.tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::681c:1097 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://uberspromosemanal.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 04 Aug 2020 03:36:15 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type text/html; charset=UTF-8 status 404 cf-request-id 0459239e3b000032588510a200000001 cf-ray 5bd53ba9f9963258-FRA x-xss-protection 1; mode=block x-request-id e2f601bf3149c67be4305dfb52fa41a8
GET H2	404	2593.js uberspromosemanal.tk/uber_files/	0 0	232ms 231ms	Script text/html	2606:4700:3036::681c:1097 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://uberspromosemanal.tk/uber_files/2593.js Requested by Host: uberspromosemanal.tk URL: https://uberspromosemanal.tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::681c:1097 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://uberspromosemanal.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 04 Aug 2020 03:36:15 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=UTF-8 status 404 x-xss-protection 1; mode=block cache-control max-age=14400 cf-ray 5bd53ba61c053258-FRA cf-request-id 0459239bcb00003258850e3200000001 x-request-id eff5bfa950019777558ccbe96d5372ae
GET H2	404	utag.44.js uberspromosemanal.tk/uber_files/	0 0	241ms 237ms	Script text/html	2606:4700:3036::681c:1097 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://uberspromosemanal.tk/uber_files/utag.44.js Requested by Host: uberspromosemanal.tk URL: https://uberspromosemanal.tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::681c:1097 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://uberspromosemanal.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 04 Aug 2020 03:36:15 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=UTF-8 status 404 x-xss-protection 1; mode=block cache-control max-age=14400 cf-ray 5bd53ba9f9973258-FRA cf-request-id 0459239e3b000032588510b200000001 x-request-id cd10eae6d6d1fbd353fc34f29682ddf9
GET H2	404	utag.557.js uberspromosemanal.tk/uber_files/	0 0	236ms 232ms	Script text/html	2606:4700:3036::681c:1097 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://uberspromosemanal.tk/uber_files/utag.557.js Requested by Host: uberspromosemanal.tk URL: https://uberspromosemanal.tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::681c:1097 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://uberspromosemanal.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 04 Aug 2020 03:36:15 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=UTF-8 status 404 x-xss-protection 1; mode=block cache-control max-age=14400 cf-ray 5bd53ba9f9983258-FRA cf-request-id 0459239e3b000032588510c200000001 x-request-id 3401a5c5285585c8e2d1f4f6694d2327
GET H2	200	button_participar.png uberspromosemanal.tk/uber_files/	1 KB 1 KB	246ms 243ms	Image image/png	2606:4700:3036::681c:1097 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://uberspromosemanal.tk/uber_files/button_participar.png Requested by Host: uberspromosemanal.tk URL: https://uberspromosemanal.tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::681c:1097 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 54fe85ee41790431f79b63a8ec8490c2d88f7c784f72cf5934cca36fd35f937f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://uberspromosemanal.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 04 Aug 2020 03:36:15 GMT x-content-type-options nosniff cf-cache-status MISS status 200 content-length 1290 cf-request-id 0459239e3b000032588510d200000001 x-request-id b4ecd7729f45ce234697cfe3890768e0 last-modified Tue, 04 Aug 2020 02:00:02 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png x-xss-protection 1; mode=block cache-control max-age=14400 accept-ranges bytes cf-ray 5bd53ba9f99b3258-FRA
GET H2	404	api.js uberspromosemanal.tk/uber_files/	0 0	244ms 240ms	Script text/html	2606:4700:3036::681c:1097 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://uberspromosemanal.tk/uber_files/api.js Requested by Host: uberspromosemanal.tk URL: https://uberspromosemanal.tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::681c:1097 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://uberspromosemanal.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 04 Aug 2020 03:36:15 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=UTF-8 status 404 x-xss-protection 1; mode=block cache-control max-age=14400 cf-ray 5bd53ba9f99c3258-FRA cf-request-id 0459239e3b000032588510e200000001 x-request-id 6fc0b2270a76d9baff375eaa18034501
GET H2	404	jquery.js uberspromosemanal.tk/uber_files/	0 0	237ms 237ms	Script text/html	2606:4700:3036::681c:1097 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://uberspromosemanal.tk/uber_files/jquery.js Requested by Host: uberspromosemanal.tk URL: https://uberspromosemanal.tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::681c:1097 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://uberspromosemanal.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 04 Aug 2020 03:36:15 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=UTF-8 status 404 x-xss-protection 1; mode=block cache-control max-age=14400 cf-ray 5bd53ba918783258-FRA cf-request-id 0459239dab00003258850f9200000001 x-request-id 70a6e810d65f1b7747a32628b4ccabd2
GET H2	404	new-sign-up8eb.js uberspromosemanal.tk/uber_files/	0 0	244ms 243ms	Script text/html	2606:4700:3036::681c:1097 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://uberspromosemanal.tk/uber_files/new-sign-up8eb.js Requested by Host: uberspromosemanal.tk URL: https://uberspromosemanal.tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::681c:1097 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://uberspromosemanal.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 04 Aug 2020 03:36:15 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=UTF-8 status 404 x-xss-protection 1; mode=block cache-control max-age=14400 cf-ray 5bd53ba9c9483258-FRA cf-request-id 0459239e1900003258850fc200000001 x-request-id 575e15066281a486ece90a367f5c0fb4
GET H2	404	phone-format.js.GFDR uberspromosemanal.tk/uber_files/	0 0	132ms 126ms	Script text/html	2606:4700:3036::681c:1097 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://uberspromosemanal.tk/uber_files/phone-format.js.GFDR Requested by Host: uberspromosemanal.tk URL: https://uberspromosemanal.tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::681c:1097 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://uberspromosemanal.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 04 Aug 2020 03:36:15 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type text/html; charset=UTF-8 status 404 cf-request-id 0459239e3600003258850ff200000001 cf-ray 5bd53ba9f9843258-FRA x-xss-protection 1; mode=block x-request-id 363a4c3a0362721ee6b868ad51cf596e
GET H2	404	mobile_availability_helper.js uberspromosemanal.tk/uber_files/	0 0	241ms 234ms	Script text/html	2606:4700:3036::681c:1097 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://uberspromosemanal.tk/uber_files/mobile_availability_helper.js Requested by Host: uberspromosemanal.tk URL: https://uberspromosemanal.tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::681c:1097 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://uberspromosemanal.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 04 Aug 2020 03:36:15 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=UTF-8 status 404 x-xss-protection 1; mode=block cache-control max-age=14400 cf-ray 5bd53ba9f9883258-FRA cf-request-id 0459239e360000325885100200000001 x-request-id 28062c031aab2895ea770a0040a988f6
GET H2	200	footer-powered-by-000webhost-white2.png cdn.000webhost.com/000webhost/logo/	2 KB 2 KB	39ms 16ms	Image image/webp	2606:4700:10::6814:432e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.000webhost.com/000webhost/logo/footer-powered-by-000webhost-white2.png Requested by Host: uberspromosemanal.tk URL: https://uberspromosemanal.tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:432e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 86f2673ec74a632865109a76b2232f4f5b3587daa219e07a17ef1d9c76a0fda5 Security Headers Name Value Strict-Transport-Security max-age=2592000 X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers Referer https://uberspromosemanal.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 04 Aug 2020 03:36:15 GMT x-content-type-options nosniff cf-cache-status HIT age 6361 cf-polished origFmt=png, origSize=2046 status 200 content-disposition inline; filename="footer-powered-by-000webhost-white2.webp" x-hostinger-datacenter srv alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1696 x-xss-protection 1; mode=block expires Tue, 04 Aug 2020 07:36:15 GMT last-modified Wed, 15 Jul 2020 14:19:20 GMT server cloudflare x-frame-options sameorigin etag "5f0f1068-7fe" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=2592000 content-type image/webp vary Accept cache-control public, max-age=14400 x-hostinger-node nl-srv-cdn2 cf-request-id 0459239e4b0000dfbb29bcc200000001 accept-ranges bytes cf-ray 5bd53baa18d2dfbb-FRA cf-bgj imgq:100,h2pri
GET H2	200	api.min.js Show response a.opmnstr.com/app/js/	199 KB 59 KB	96ms 28ms	Script application/javascript	23.111.11.182 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://a.opmnstr.com/app/js/api.min.js Requested by Host: uberspromosemanal.tk URL: https://uberspromosemanal.tk/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.111.11.182 Phoenix, United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software NetDNA-cache/2.2 / Resource Hash 4e60b84a8016a6b39f196bf1dfdbb46234db9735dd6d2bf762be51bcf487096b Request headers Referer https://uberspromosemanal.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 04 Aug 2020 03:36:15 GMT content-encoding gzip last-modified Tue, 04 Aug 2020 03:14:35 GMT server NetDNA-cache/2.2 x-amz-request-id 5565940F97029E2C etag W/"6b7839c603644527f3ed318db11671ef" x-cache HIT content-type application/javascript status 200 cache-control max-age=31104000 access-control-allow-origin * x-amz-id-2 NjaXCGG0hGi776o1uai8+aPg2F6M8JbDnNU15/0A+7OcX3o5nWC74P5XbvaCotKVP6la27fRKoM= expires Fri, 30 Jul 2021 03:36:15 GMT
GET H2	404	2593.js uberspromosemanal.tk/uber_files/	0 0	16ms 15ms	Script text/html	2606:4700:3036::681c:1097 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://uberspromosemanal.tk/uber_files/2593.js Requested by Host: uberspromosemanal.tk URL: https://uberspromosemanal.tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::681c:1097 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://uberspromosemanal.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 04 Aug 2020 03:36:15 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT server cloudflare age 0 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=UTF-8 status 404 x-xss-protection 1; mode=block cache-control max-age=14400 cf-ray 5bd53ba9c94f3258-FRA cf-request-id 0459239e2000003258850fd200000001 x-request-id eff5bfa950019777558ccbe96d5372ae
GET H2	200	uber_background.png uberspromosemanal.tk/uber_files/	17 KB 17 KB	342ms 341ms	Image image/png	2606:4700:3036::681c:1097 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://uberspromosemanal.tk/uber_files/uber_background.png Requested by Host: uberspromosemanal.tk URL: https://uberspromosemanal.tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::681c:1097 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c963a9aeac483dc22ef96c3d0ccf451119c0034fea99e0557ce1d12da80a0fa0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://uberspromosemanal.tk/uber_files/new-sign-up.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 04 Aug 2020 03:36:16 GMT x-content-type-options nosniff cf-cache-status MISS status 200 content-length 16922 cf-request-id 0459239e41000032588510f200000001 x-request-id 54f6b0e0aacbf7fdc1a447e09c1bdb42 last-modified Tue, 04 Aug 2020 02:00:01 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png x-xss-protection 1; mode=block cache-control max-age=14400 accept-ranges bytes cf-ray 5bd53baa09a63258-FRA
GET DATA	200 OK	truncated /	32 KB 32 KB		Font application/font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 27fb71338e0e96f5cd1e83f1f7fed0987e05d4cd5bbb82fa35b20d1d45e87658 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer Origin https://uberspromosemanal.tk Response headers Content-Type application/font-woff
GET DATA	200 OK	truncated /	27 KB 27 KB		Font application/octet-stream
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b6445409d8b440d3ae78c0c1a3a4951aefe5c72c243ccec24f39ac52c13ad120 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer Origin https://uberspromosemanal.tk Response headers Content-Type application/octet-stream
GET DATA	200 OK	truncated /	32 KB 32 KB		Font application/font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 323096575cb514f494901242ac7526db5e1970e0959b85b3603e0987559047e1 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer Origin https://uberspromosemanal.tk Response headers Content-Type application/font-woff
GET H2	404	phone-format.js.GFDR uberspromosemanal.tk/uber_files/	0 0	234ms 234ms	Script text/html	2606:4700:3036::681c:1097 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://uberspromosemanal.tk/uber_files/phone-format.js.GFDR Requested by Host: uberspromosemanal.tk URL: https://uberspromosemanal.tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::681c:1097 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://uberspromosemanal.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 04 Aug 2020 03:36:16 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type text/html; charset=UTF-8 status 404 cf-request-id 0459239f0e0000325885113200000001 cf-ray 5bd53bab4b333258-FRA x-xss-protection 1; mode=block x-request-id 81d876ed0bcd9693eb0f8101aa01d9b8
GET H2	404	mobile_availability_helper.js uberspromosemanal.tk/uber_files/	0 0	13ms 12ms	Script text/html	2606:4700:3036::681c:1097 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://uberspromosemanal.tk/uber_files/mobile_availability_helper.js Requested by Host: uberspromosemanal.tk URL: https://uberspromosemanal.tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::681c:1097 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://uberspromosemanal.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 04 Aug 2020 03:36:16 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT server cloudflare age 1 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=UTF-8 status 404 x-xss-protection 1; mode=block cache-control max-age=14400 cf-ray 5bd53baccdab3258-FRA cf-request-id 0459239ff9000032588511b200000001 x-request-id 28062c031aab2895ea770a0040a988f6
GET H2	200	dest5.html Show response uberspromosemanal.tk/uber_files/ Frame 783B	14 KB 5 KB	230ms 230ms	Document text/html	2606:4700:3036::681c:1097 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://uberspromosemanal.tk/uber_files/dest5.html Requested by Host: uberspromosemanal.tk URL: https://uberspromosemanal.tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::681c:1097 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ca42d4c88470de8c3a94235cfb6d998c3d25673833b89c8666001dcae51eab26 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority uberspromosemanal.tk :scheme https :path /uber_files/dest5.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-origin sec-fetch-mode navigate sec-fetch-dest iframe referer https://uberspromosemanal.tk/ accept-encoding gzip, deflate, br accept-language en-US cookie __cfduid=d34087c10495e3ea97c5fecdf659b78ec1596512174 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://uberspromosemanal.tk/ Response headers status 200 date Tue, 04 Aug 2020 03:36:16 GMT content-type text/html; charset=UTF-8 x-xss-protection 1; mode=block x-content-type-options nosniff x-request-id 65d853b2699fe46e860d053838f11d6e cf-cache-status DYNAMIC cf-request-id 045923a008000032588511d200000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 5bd53bacddc53258-FRA content-encoding br
GET H2	200	f6brbmuxflyqoriatchv Show response api.omappapi.com/v2/embed/71036/	52 KB 7 KB	253ms 197ms	XHR application/json	99.86.7.87 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.omappapi.com/v2/embed/71036/f6brbmuxflyqoriatchv Requested by Host: a.opmnstr.com URL: https://a.opmnstr.com/app/js/api.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 99.86.7.87 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-7-87.fra6.r.cloudfront.net Software Pagely Gateway/1.5.1 / Resource Hash 72f3b7d5bbc574a7670507c38d69507984961a34c2a78235e4cadfd38adb0230 Request headers Referer https://uberspromosemanal.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 04 Aug 2020 03:36:16 GMT content-encoding gzip x-cache-config 0 0 x-amz-cf-pop FRA6-C1 x-cache-status MISS x-cache Miss from cloudfront status 200 access-control-allow-headers X-CSRF-Token x-optinmonster-campaign f6brbmuxflyqoriatchv x-user-agent standard-- last-modified Wed, 17 Jun 2020 15:26:43 GMT server Pagely Gateway/1.5.1 etag W/"be87dcaccc31a2dbac6626bca53ea873" vary Accept-Encoding, User-Agent content-type application/json via 1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront) access-control-expose-headers X-OptinMonster-Campaign cache-control public, max-age=30, stale-while-revalidate=1800 access-control-allow-origin * x-amz-cf-id 1xXiQ9gk8gfYtUkSTT5Wz6KvPpLXfJJfLfNq2zd6zHcITRHX4qdNrg== expires Tue, 04 Aug 2020 03:36:46 GMT
GET H2	200	footer-powered-by-000webhost-white2.png cdn.000webhost.com/000webhost/logo/ Frame 783B	2 KB 2 KB	14ms 13ms	Image image/webp	2606:4700:10::6814:432e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.000webhost.com/000webhost/logo/footer-powered-by-000webhost-white2.png Requested by Host: uberspromosemanal.tk URL: https://uberspromosemanal.tk/uber_files/dest5.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:432e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 86f2673ec74a632865109a76b2232f4f5b3587daa219e07a17ef1d9c76a0fda5 Security Headers Name Value Strict-Transport-Security max-age=2592000 X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers Referer https://uberspromosemanal.tk/uber_files/dest5.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 04 Aug 2020 03:36:16 GMT x-content-type-options nosniff cf-cache-status HIT age 6362 cf-polished origFmt=png, origSize=2046 status 200 content-disposition inline; filename="footer-powered-by-000webhost-white2.webp" x-hostinger-datacenter srv alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1696 x-xss-protection 1; mode=block expires Tue, 04 Aug 2020 07:36:16 GMT last-modified Wed, 15 Jul 2020 14:19:20 GMT server cloudflare x-frame-options sameorigin etag "5f0f1068-7fe" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=2592000 content-type image/webp vary Accept cache-control public, max-age=14400 x-hostinger-node nl-srv-cdn2 cf-request-id 045923a0f20000dfbb29bea200000001 accept-ranges bytes cf-ray 5bd53bae5f3fdfbb-FRA cf-bgj imgq:100,h2pri
GET H2	200	api.min.js Show response a.opmnstr.com/app/js/ Frame 783B	199 KB 59 KB	34ms 34ms	Script application/javascript	23.111.11.182 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://a.opmnstr.com/app/js/api.min.js Requested by Host: uberspromosemanal.tk URL: https://uberspromosemanal.tk/uber_files/dest5.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.111.11.182 Phoenix, United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software NetDNA-cache/2.2 / Resource Hash 4e60b84a8016a6b39f196bf1dfdbb46234db9735dd6d2bf762be51bcf487096b Request headers Referer https://uberspromosemanal.tk/uber_files/dest5.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 04 Aug 2020 03:36:16 GMT content-encoding gzip last-modified Tue, 04 Aug 2020 03:14:35 GMT server NetDNA-cache/2.2 x-amz-request-id 5565940F97029E2C etag W/"6b7839c603644527f3ed318db11671ef" x-cache HIT content-type application/javascript status 200 cache-control max-age=31104000 access-control-allow-origin * x-amz-id-2 NjaXCGG0hGi776o1uai8+aPg2F6M8JbDnNU15/0A+7OcX3o5nWC74P5XbvaCotKVP6la27fRKoM= expires Fri, 30 Jul 2021 03:36:16 GMT
GET H2	200	webfont.js Show response ajax.googleapis.com/ajax/libs/webfont/1.5.18/	16 KB 7 KB	27ms 5ms	Script text/javascript	2a00:1450:4001:824::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/webfont/1.5.18/webfont.js Requested by Host: a.opmnstr.com URL: https://a.opmnstr.com/app/js/api.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://uberspromosemanal.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 22 Jul 2020 20:54:41 GMT content-encoding gzip x-content-type-options nosniff age 1060895 status 200 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6490 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Thu, 22 Jul 2021 20:54:41 GMT
GET H2	200	f6brbmuxflyqoriatchv Show response api.omappapi.com/v2/embed/71036/ Frame 783B	52 KB 7 KB	119ms 119ms	XHR application/json	99.86.7.87 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.omappapi.com/v2/embed/71036/f6brbmuxflyqoriatchv Requested by Host: a.opmnstr.com URL: https://a.opmnstr.com/app/js/api.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 99.86.7.87 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-7-87.fra6.r.cloudfront.net Software Pagely Gateway/1.5.1 / Resource Hash 72f3b7d5bbc574a7670507c38d69507984961a34c2a78235e4cadfd38adb0230 Request headers Referer https://uberspromosemanal.tk/uber_files/dest5.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 04 Aug 2020 03:36:16 GMT content-encoding gzip x-cache-config 0 0 x-amz-cf-pop FRA6-C1 x-cache-status HIT x-cache Miss from cloudfront status 200 access-control-allow-headers X-CSRF-Token x-optinmonster-campaign f6brbmuxflyqoriatchv x-user-agent standard-- last-modified Wed, 17 Jun 2020 15:26:43 GMT server Pagely Gateway/1.5.1 etag W/"be87dcaccc31a2dbac6626bca53ea873" vary Accept-Encoding, User-Agent content-type application/json via 1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront) access-control-expose-headers X-OptinMonster-Campaign cache-control public, max-age=30, stale-while-revalidate=1800 access-control-allow-origin * x-amz-cf-id ylpOHfxg2cKsPD12O628Zr-tU_WuKt3Il97nP9Oh_Kk_Y5eR4tDFkg== expires Tue, 04 Aug 2020 03:36:46 GMT
GET H2	200	webfont.js Show response ajax.googleapis.com/ajax/libs/webfont/1.5.18/ Frame 783B	16 KB 6 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:824::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/webfont/1.5.18/webfont.js Requested by Host: a.opmnstr.com URL: https://a.opmnstr.com/app/js/api.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://uberspromosemanal.tk/uber_files/dest5.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 22 Jul 2020 20:54:41 GMT content-encoding gzip x-content-type-options nosniff age 1060895 status 200 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6490 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Thu, 22 Jul 2021 20:54:41 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Uber (Transportation)

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| utag_data function| formatar object| ANALYTICS_CONFIG object| $jscomp function| $ function| jQuery function| imghide function| getCookie undefined| wordpressAdminBody object| notification object| hostingerLogo undefined| mainContent object| wpSidebar object| wpTopBarRight undefined| googleFont undefined| css undefined| style undefined| sheet undefined| button undefined| link undefined| mainContentHolder undefined| h1Tag undefined| h2Tag undefined| paragraph undefined| list undefined| org_html undefined| new_html undefined| saleImage function| setImmediate function| clearImmediate function| OptinMonsterApp boolean| om_loaded object| f6brbmuxflyqoriatchv boolean| _omvisitsadded object| _omapp object| omf6brbmuxflyqoriatchv object| WebFont

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			uberspromosemanal.tk/	1970-01-19 11:28:32	Name: _omappvs Value: 1596512176454
			uberspromosemanal.tk/	1970-01-23 11:27:05	Name: _omappvp Value: hvz9FEhcKmNZ9KqganuYEhNQOs1jsvWtMjWgEZdZb82jHZLBWtKsxQVNVnIzKhYDcF8NBXHVzb7JMs9NdtZJ1LSODJGWNxxq
			.uberspromosemanal.tk/	1970-01-19 12:11:44	Name: __cfduid Value: d34087c10495e3ea97c5fecdf659b78ec1596512174

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.opmnstr.com
ajax.googleapis.com
api.omappapi.com
cdn.000webhost.com
uberspromosemanal.tk
23.111.11.182
2606:4700:10::6814:432e
2606:4700:3036::681c:1097
2a00:1450:4001:824::200a
99.86.7.87
0ef59530802656ab38239c3dc8c2c026db181ba7a871d2c9f07933151d8f2dbc
27fb71338e0e96f5cd1e83f1f7fed0987e05d4cd5bbb82fa35b20d1d45e87658
2a0db34dc14ef4b5ce73b230701c7561e5012667a4c9cb274ecab646e1474995
323096575cb514f494901242ac7526db5e1970e0959b85b3603e0987559047e1
414d05e6afb49b4f7c7f7a2cf18fda3140e6976c9559e965c9a427bc720abf22
420fc0344b8f9d96e2c6de03410bcd6f857f45bc759db2c74f59a171d303ac25
4e60b84a8016a6b39f196bf1dfdbb46234db9735dd6d2bf762be51bcf487096b
54fe85ee41790431f79b63a8ec8490c2d88f7c784f72cf5934cca36fd35f937f
72f3b7d5bbc574a7670507c38d69507984961a34c2a78235e4cadfd38adb0230
769a6653733b3e64e850f13421940414afafe8625acf963354e64dfaec51883c
86f2673ec74a632865109a76b2232f4f5b3587daa219e07a17ef1d9c76a0fda5
acf8385a5c6c6cad6c38eb47b2f8742776d42510feedd49179de3ea2fa0d83da
b6445409d8b440d3ae78c0c1a3a4951aefe5c72c243ccec24f39ac52c13ad120
c963a9aeac483dc22ef96c3d0ccf451119c0034fea99e0557ce1d12da80a0fa0
ca42d4c88470de8c3a94235cfb6d998c3d25673833b89c8666001dcae51eab26
cbc532210e14fe216bb4fdda45ab0326ca802cbb80c0fd35507b028ec6b74880
ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8110a988bd0e88b0bf2c1dcbe276d0eb34e7593b70bd2ed14fb45d87d1d3872