URL: https://www.moneyback.pt/
Submission: On January 19 via automatic, source certstream-suspicious

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 20 HTTP transactions. The main IP is 94.23.77.197, located in Portugal and belongs to OVH, FR. The main domain is www.moneyback.pt.
TLS certificate: Issued by R3 on January 19th 2021. Valid for: 3 months.
This is the only time www.moneyback.pt was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
17 94.23.77.197 16276 (OVH)
1 2a03:2880:f02... 32934 (FACEBOOK)
2 2a03:2880:f12... 32934 (FACEBOOK)
20 4
Domain Requested by
17 www.moneyback.pt www.moneyback.pt
2 www.facebook.com connect.facebook.net
1 connect.facebook.net www.moneyback.pt
20 3

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
moneyback.pt
Subject Issuer Validity Valid
moneyback.pt
R3
2021-01-19 -
2021-04-19
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2020-12-22 -
2021-03-21
3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.moneyback.pt/
Frame ID: 90C0D89EEA86485B1D2785C2A3CCAEDA
Requests: 22 HTTP requests in this frame

Frame: https://www.facebook.com/v7.0/plugins/customerchat.php?app_id=&attribution=install_email&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1a38b0018aae98%26domain%3Dwww.moneyback.pt%26origin%3Dhttps%253A%252F%252Fwww.moneyback.pt%252Ff8a6b97fc1ed54%26relation%3Dparent.parent&container_width=0&locale=pt_PT&logged_in_greeting=Como%20o%20podemos%20ajudar%3F&logged_out_greeting=Como%20o%20podemos%20ajudar%3F&page_id=109374414194092&request_time=1611046587503&sdk=joey&theme_color=%23ffad00
Frame ID: AE66072BF349D6E7AA542824F8568D59
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v7.0/plugins/customerchat.php?app_id=&attribution=setup_tool&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3c2db4b5990d44%26domain%3Dwww.moneyback.pt%26origin%3Dhttps%253A%252F%252Fwww.moneyback.pt%252Ff8a6b97fc1ed54%26relation%3Dparent.parent&container_width=0&locale=pt_PT&logged_in_greeting=Como%20podemos%20ajudar%3F&logged_out_greeting=Como%20podemos%20ajudar%3F&page_id=107530161054518&request_time=1611046587510&sdk=joey&theme_color=%23ffc300
Frame ID: 6C9957229581C07A70B7241C16C8724E
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

20
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

892 kB
Transfer

20543 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.moneyback.pt/
17 KB
5 KB
Document
General
Full URL
https://www.moneyback.pt/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.23.77.197 , Portugal, ASN16276 (OVH, FR),
Reverse DNS
vouga.logitecnica.net
Software
nginx / PHP/7.2.34 PleskLin
Resource Hash
461d91a8a875fef042d95fdc7d401a571da67f5f7fa3fd02f541ca393a6d9eaa

Request headers

:method
GET
:authority
www.moneyback.pt
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server
nginx
date
Tue, 19 Jan 2021 08:56:26 GMT
content-type
text/html; charset=utf-8
content-length
4665
x-powered-by
PHP/7.2.34 PleskLin
expires
Wed, 17 Aug 2005 00:00:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
set-cookie
43586eb2ca761afb2c4f2df0385fdbe1=dcsuii6sj5d2ssub4gdi432ukm; path=/; HttpOnly
last-modified
Tue, 19 Jan 2021 08:56:26 GMT
vary
Accept-Encoding
content-encoding
gzip
theme.9.css
www.moneyback.pt/templates/yootheme/css/
420 KB
421 KB
Stylesheet
General
Full URL
https://www.moneyback.pt/templates/yootheme/css/theme.9.css?v=1596122527
Requested by
Host: www.moneyback.pt
URL: https://www.moneyback.pt/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.23.77.197 , Portugal, ASN16276 (OVH, FR),
Reverse DNS
vouga.logitecnica.net
Software
nginx / PleskLin
Resource Hash
89c1c232e29279286e1b820414f51d03401636eadc780fd2f407e7384a36ea16

Request headers

Referer
https://www.moneyback.pt/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 19 Jan 2021 08:56:26 GMT
last-modified
Thu, 30 Jul 2020 15:22:07 GMT
server
nginx
x-powered-by
PleskLin
etag
"5f22e59f-69095"
content-type
text/css
accept-ranges
bytes
content-length
430229
uikit.min.js
www.moneyback.pt/templates/yootheme/vendor/assets/uikit/dist/js/
130 KB
130 KB
Script
General
Full URL
https://www.moneyback.pt/templates/yootheme/vendor/assets/uikit/dist/js/uikit.min.js?v=1.18.16
Requested by
Host: www.moneyback.pt
URL: https://www.moneyback.pt/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.23.77.197 , Portugal, ASN16276 (OVH, FR),
Reverse DNS
vouga.logitecnica.net
Software
nginx / PleskLin
Resource Hash
1ec14b80e25a9fb9f111dadb8cd513a75304142f81ec57fe95173bd950278207

Request headers

Referer
https://www.moneyback.pt/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 19 Jan 2021 08:56:26 GMT
last-modified
Tue, 19 Mar 2019 16:39:16 GMT
server
nginx
x-powered-by
PleskLin
etag
"5c911b34-206ef"
content-type
application/javascript
accept-ranges
bytes
content-length
132847
uikit-icons-fjord.min.js
www.moneyback.pt/templates/yootheme/vendor/assets/uikit/dist/js/
62 KB
63 KB
Script
General
Full URL
https://www.moneyback.pt/templates/yootheme/vendor/assets/uikit/dist/js/uikit-icons-fjord.min.js?v=1.18.16
Requested by
Host: www.moneyback.pt
URL: https://www.moneyback.pt/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.23.77.197 , Portugal, ASN16276 (OVH, FR),
Reverse DNS
vouga.logitecnica.net
Software
nginx / PleskLin
Resource Hash
3b0d162d9738aa27d8473ba13e8e7fbf48f69353e4f408974c8dc5e904f40448

Request headers

Referer
https://www.moneyback.pt/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 19 Jan 2021 08:56:26 GMT
last-modified
Tue, 19 Mar 2019 16:39:46 GMT
server
nginx
x-powered-by
PleskLin
etag
"5c911b52-f99c"
content-type
application/javascript
accept-ranges
bytes
content-length
63900
theme.js
www.moneyback.pt/templates/yootheme/js/
2 KB
2 KB
Script
General
Full URL
https://www.moneyback.pt/templates/yootheme/js/theme.js?v=1.18.16
Requested by
Host: www.moneyback.pt
URL: https://www.moneyback.pt/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.23.77.197 , Portugal, ASN16276 (OVH, FR),
Reverse DNS
vouga.logitecnica.net
Software
nginx / PleskLin
Resource Hash
f43a13e37e3fe096028b6a73b2cab72bfa7491782928a0f09c27a8e38a4c530c

Request headers

Referer
https://www.moneyback.pt/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 19 Jan 2021 08:56:26 GMT
last-modified
Tue, 19 Mar 2019 16:39:30 GMT
server
nginx
x-powered-by
PleskLin
etag
"5c911b42-6bc"
content-type
application/javascript
accept-ranges
bytes
content-length
1724
cookie.min.js
www.moneyback.pt/templates/yootheme/vendor/yootheme/theme-cookie/app/
1 KB
2 KB
Script
General
Full URL
https://www.moneyback.pt/templates/yootheme/vendor/yootheme/theme-cookie/app/cookie.min.js?v=1.18.16
Requested by
Host: www.moneyback.pt
URL: https://www.moneyback.pt/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.23.77.197 , Portugal, ASN16276 (OVH, FR),
Reverse DNS
vouga.logitecnica.net
Software
nginx / PleskLin
Resource Hash
a2ebc9986134c7e0ceac40365c254f13c3c96b19d89e16129076eb5874d97dc9

Request headers

Referer
https://www.moneyback.pt/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 19 Jan 2021 08:56:26 GMT
last-modified
Tue, 19 Mar 2019 16:39:38 GMT
server
nginx
x-powered-by
PleskLin
etag
"5c911b4a-5f4"
content-type
application/javascript
accept-ranges
bytes
content-length
1524
logombw-fcff32ee.webp
www.moneyback.pt/templates/yootheme/cache/
2 KB
2 KB
Image
General
Full URL
https://www.moneyback.pt/templates/yootheme/cache/logombw-fcff32ee.webp
Requested by
Host: www.moneyback.pt
URL: https://www.moneyback.pt/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.23.77.197 , Portugal, ASN16276 (OVH, FR),
Reverse DNS
vouga.logitecnica.net
Software
nginx / PleskLin
Resource Hash
e2928e93ff29ec1fd1cf6bba8e7a4b6501af41990515df9d0234b92953c41eac

Request headers

Referer
https://www.moneyback.pt/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 19 Jan 2021 08:56:26 GMT
last-modified
Thu, 30 Jul 2020 15:00:14 GMT
server
nginx
x-powered-by
PleskLin
etag
"5f22e07e-8b6"
content-type
image/webp
accept-ranges
bytes
content-length
2230
logombw.png
www.moneyback.pt/images/yootheme/
3 KB
3 KB
Image
General
Full URL
https://www.moneyback.pt/images/yootheme/logombw.png
Requested by
Host: www.moneyback.pt
URL: https://www.moneyback.pt/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.23.77.197 , Portugal, ASN16276 (OVH, FR),
Reverse DNS
vouga.logitecnica.net
Software
nginx / PleskLin
Resource Hash
84a9e9a4c9d4382a88a380ee3eae1ec71238a00d1262f83d808a42f64224b467

Request headers

Referer
https://www.moneyback.pt/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 19 Jan 2021 08:56:26 GMT
last-modified
Thu, 23 Jul 2020 21:22:03 GMT
server
nginx
x-powered-by
PleskLin
etag
"5f19ff7b-cb4"
content-type
image/png
accept-ranges
bytes
content-length
3252
expert.png
www.moneyback.pt/images/
4 KB
5 KB
Image
General
Full URL
https://www.moneyback.pt/images/expert.png
Requested by
Host: www.moneyback.pt
URL: https://www.moneyback.pt/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.23.77.197 , Portugal, ASN16276 (OVH, FR),
Reverse DNS
vouga.logitecnica.net
Software
nginx / PleskLin
Resource Hash
db625fb57d28a4ae5fbc03c84cb04b5b2c1556c36be5055f46508a5340f3d898

Request headers

Referer
https://www.moneyback.pt/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 19 Jan 2021 08:56:26 GMT
last-modified
Fri, 24 Jul 2020 19:14:36 GMT
server
nginx
x-powered-by
PleskLin
etag
"5f1b331c-119b"
content-type
image/png
accept-ranges
bytes
content-length
4507
kisspng-sound-recording-copyright-symbol-trademark-logo-5ae68a54159e941894780015250581320886.png
www.moneyback.pt/images/yootheme/
153 KB
153 KB
Image
General
Full URL
https://www.moneyback.pt/images/yootheme/kisspng-sound-recording-copyright-symbol-trademark-logo-5ae68a54159e941894780015250581320886.png
Requested by
Host: www.moneyback.pt
URL: https://www.moneyback.pt/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.23.77.197 , Portugal, ASN16276 (OVH, FR),
Reverse DNS
vouga.logitecnica.net
Software
nginx / PleskLin
Resource Hash
ab8e5f6f9036aa8bacf21de256559b1bbab10c721f722340f621dc742a2c8c67

Request headers

Referer
https://www.moneyback.pt/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 19 Jan 2021 08:56:26 GMT
last-modified
Thu, 23 Jul 2020 21:27:23 GMT
server
nginx
x-powered-by
PleskLin
etag
"5f1a00bb-262ab"
content-type
image/png
accept-ranges
bytes
content-length
156331
/
www.moneyback.pt/images/yootheme/
795 B
795 B
Image
General
Full URL
https://www.moneyback.pt/images/yootheme/
Requested by
Host: www.moneyback.pt
URL: https://www.moneyback.pt/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.23.77.197 , Portugal, ASN16276 (OVH, FR),
Reverse DNS
vouga.logitecnica.net
Software
nginx /
Resource Hash
57559551c35735c4acd1ede5a7d3df31a3f9b55acc087fdbb0811813b13d63d3

Request headers

Referer
https://www.moneyback.pt/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 19 Jan 2021 08:56:27 GMT
last-modified
Thu, 23 Jul 2020 08:44:36 GMT
server
nginx
accept-ranges
bytes
etag
"31b-5ab17ddbb8da3"
content-length
795
content-type
text/html
truncated
/
5 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3eec0e2c2219680b7b2cf4b332e927df1e483fc8e6668a28c69ab80ef0b1176e

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=UTF-8
font-30340c01.woff2
www.moneyback.pt/templates/yootheme/fonts/
23 KB
23 KB
Font
General
Full URL
https://www.moneyback.pt/templates/yootheme/fonts/font-30340c01.woff2
Requested by
Host: www.moneyback.pt
URL: https://www.moneyback.pt/templates/yootheme/css/theme.9.css?v=1596122527
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.23.77.197 , Portugal, ASN16276 (OVH, FR),
Reverse DNS
vouga.logitecnica.net
Software
nginx / PleskLin
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Request headers

Origin
https://www.moneyback.pt
Referer
https://www.moneyback.pt/templates/yootheme/css/theme.9.css?v=1596122527
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 19 Jan 2021 08:56:27 GMT
last-modified
Fri, 24 Jul 2020 16:37:03 GMT
server
nginx
x-powered-by
PleskLin
etag
"5f1b0e2f-5bbc"
content-type
font/woff2
accept-ranges
bytes
content-length
23484
truncated
/
71 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a5bf767bcfa8f33e1e1c35556b7b84c02424fa522e6dd4d7dccc1d71e1bd5d20

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
69 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bdefd54d4cb6c969200547615c1c5791ffc29770f89c211226f2f62d0d186220

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
Sequence%2004.mp4
www.moneyback.pt/images/videos/
19 MB
0
Media
General
Full URL
https://www.moneyback.pt/images/videos/Sequence%2004.mp4
Requested by
Host: www.moneyback.pt
URL: https://www.moneyback.pt/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.23.77.197 , Portugal, ASN16276 (OVH, FR),
Reverse DNS
vouga.logitecnica.net
Software
nginx / PleskLin
Resource Hash

Request headers

Referer
https://www.moneyback.pt/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 19 Jan 2021 08:56:27 GMT
last-modified
Thu, 23 Jul 2020 22:14:34 GMT
server
nginx
x-powered-by
PleskLin
etag
"5f1a0bca-272c692"
content-type
video/mp4
Content-Range
bytes 0-41076369/41076370
Content-Length
41076370
xfbml.customerchat.js
connect.facebook.net/pt_PT/sdk/
255 KB
75 KB
Script
General
Full URL
https://connect.facebook.net/pt_PT/sdk/xfbml.customerchat.js
Requested by
Host: www.moneyback.pt
URL: https://www.moneyback.pt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d4abc82b2d44df63dc655d0a8aae276ef6b76c0dbcdc4d8e689a65e1285da8f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.moneyback.pt/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
AByL8QRxVYGBOnTqu/DUbg==
cross-origin-resource-policy
cross-origin
expires
Tue, 19 Jan 2021 09:10:21 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
75652
x-fb-rlafr
0
x-fb-debug
4OuoWFlhpBp6m9o+Ize7KbuQ8gkW3CX7bjE5gfGl0FOFR7l+GACJLR4TqEJ2TppI1IFX4D5Qd7AldllV3yXIUA==
x-fb-trip-id
2050670934
x-fb-content-md5
4711e4a2ad97a97aa1b92885f378cf8c
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 19 Jan 2021 08:56:27 GMT
x-frame-options
DENY
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"39ffdb637ad2695e127176109fec9d36"
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
truncated
/
69 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc542dd174fd1aa050acfc75fea864e6320840f4bb6e34cacd0757e2deb0fc75

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
Y2-62736526.webp
www.moneyback.pt/templates/yootheme/cache/
3 KB
4 KB
Image
General
Full URL
https://www.moneyback.pt/templates/yootheme/cache/Y2-62736526.webp
Requested by
Host: www.moneyback.pt
URL: https://www.moneyback.pt/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.23.77.197 , Portugal, ASN16276 (OVH, FR),
Reverse DNS
vouga.logitecnica.net
Software
nginx / PleskLin
Resource Hash
7eb0b05b923f50a8553ea7c0b1b95cf5d474648a9886c11db29a98195c537eae

Request headers

Referer
https://www.moneyback.pt/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 19 Jan 2021 08:56:27 GMT
last-modified
Thu, 30 Jul 2020 15:00:15 GMT
server
nginx
x-powered-by
PleskLin
etag
"5f22e07f-dac"
content-type
image/webp
accept-ranges
bytes
content-length
3500
781859_people_512x512-be72fbf7.webp
www.moneyback.pt/templates/yootheme/cache/
2 KB
2 KB
Image
General
Full URL
https://www.moneyback.pt/templates/yootheme/cache/781859_people_512x512-be72fbf7.webp
Requested by
Host: www.moneyback.pt
URL: https://www.moneyback.pt/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.23.77.197 , Portugal, ASN16276 (OVH, FR),
Reverse DNS
vouga.logitecnica.net
Software
nginx / PleskLin
Resource Hash
bba15e803f13e176ae48169609b7d2297aada6645f81c19703e645d0a6d33a8d

Request headers

Referer
https://www.moneyback.pt/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 19 Jan 2021 08:56:27 GMT
last-modified
Thu, 30 Jul 2020 16:14:15 GMT
server
nginx
x-powered-by
PleskLin
etag
"5f22f1d7-7fa"
content-type
image/webp
accept-ranges
bytes
content-length
2042
iconfinder_07Wallet_290143-1ccee3ff.webp
www.moneyback.pt/templates/yootheme/cache/
476 B
636 B
Image
General
Full URL
https://www.moneyback.pt/templates/yootheme/cache/iconfinder_07Wallet_290143-1ccee3ff.webp
Requested by
Host: www.moneyback.pt
URL: https://www.moneyback.pt/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.23.77.197 , Portugal, ASN16276 (OVH, FR),
Reverse DNS
vouga.logitecnica.net
Software
nginx / PleskLin
Resource Hash
8edacee5165a5f51ca7106ec6ca125f59c4fbc51d52c782f2b283c5e829c6297

Request headers

Referer
https://www.moneyback.pt/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 19 Jan 2021 08:56:27 GMT
last-modified
Thu, 30 Jul 2020 16:14:15 GMT
x-accel-version
0.01
x-powered-by
PleskLin
etag
"1dc-5abaaf6b95d33"
accept-ranges
bytes
content-length
476
server
nginx
SVY-b830587f.webp
www.moneyback.pt/templates/yootheme/cache/
2 KB
3 KB
Image
General
Full URL
https://www.moneyback.pt/templates/yootheme/cache/SVY-b830587f.webp
Requested by
Host: www.moneyback.pt
URL: https://www.moneyback.pt/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.23.77.197 , Portugal, ASN16276 (OVH, FR),
Reverse DNS
vouga.logitecnica.net
Software
nginx / PleskLin
Resource Hash
cb00496bb70632ef8a67938e66cdb16e6bac20451f5ede73ff3df8f1d896b375

Request headers

Referer
https://www.moneyback.pt/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 19 Jan 2021 08:56:27 GMT
last-modified
Thu, 30 Jul 2020 16:14:15 GMT
server
nginx
x-powered-by
PleskLin
etag
"5f22f1d7-9ec"
content-type
image/webp
accept-ranges
bytes
content-length
2540
customerchat.php
www.facebook.com/v7.0/plugins/ Frame AE66
0
0
Document
General
Full URL
https://www.facebook.com/v7.0/plugins/customerchat.php?app_id=&attribution=install_email&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1a38b0018aae98%26domain%3Dwww.moneyback.pt%26origin%3Dhttps%253A%252F%252Fwww.moneyback.pt%252Ff8a6b97fc1ed54%26relation%3Dparent.parent&container_width=0&locale=pt_PT&logged_in_greeting=Como%20o%20podemos%20ajudar%3F&logged_out_greeting=Como%20o%20podemos%20ajudar%3F&page_id=109374414194092&request_time=1611046587503&sdk=joey&theme_color=%23ffad00
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/pt_PT/sdk/xfbml.customerchat.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests; frame-ancestors https://www.facebook.com;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v7.0/plugins/customerchat.php?app_id=&attribution=install_email&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1a38b0018aae98%26domain%3Dwww.moneyback.pt%26origin%3Dhttps%253A%252F%252Fwww.moneyback.pt%252Ff8a6b97fc1ed54%26relation%3Dparent.parent&container_width=0&locale=pt_PT&logged_in_greeting=Como%20o%20podemos%20ajudar%3F&logged_out_greeting=Como%20o%20podemos%20ajudar%3F&page_id=109374414194092&request_time=1611046587503&sdk=joey&theme_color=%23ffad00
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.moneyback.pt/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.moneyback.pt/

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests; frame-ancestors https://www.facebook.com;
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-xss-protection
0
strict-transport-security
max-age=15552000; preload
content-encoding
br
facebook-api-version
v7.0
x-content-type-options
nosniff
vary
Accept-Encoding
pragma
no-cache
x-fb-rlafr
0
content-type
text/html; charset="utf-8"
x-fb-debug
8DXC8sI9yIp6q+kbiXx2V258WU2ldrNaKyQLSRvuJACSJmacT+0z2P2g6nAZyRzSfiQ2pfJx8Ex8lv2QQQP+NA==
date
Tue, 19 Jan 2021 08:56:27 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
customerchat.php
www.facebook.com/v7.0/plugins/ Frame 6C99
0
0
Document
General
Full URL
https://www.facebook.com/v7.0/plugins/customerchat.php?app_id=&attribution=setup_tool&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3c2db4b5990d44%26domain%3Dwww.moneyback.pt%26origin%3Dhttps%253A%252F%252Fwww.moneyback.pt%252Ff8a6b97fc1ed54%26relation%3Dparent.parent&container_width=0&locale=pt_PT&logged_in_greeting=Como%20podemos%20ajudar%3F&logged_out_greeting=Como%20podemos%20ajudar%3F&page_id=107530161054518&request_time=1611046587510&sdk=joey&theme_color=%23ffc300
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/pt_PT/sdk/xfbml.customerchat.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests; frame-ancestors https://www.facebook.com;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v7.0/plugins/customerchat.php?app_id=&attribution=setup_tool&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3c2db4b5990d44%26domain%3Dwww.moneyback.pt%26origin%3Dhttps%253A%252F%252Fwww.moneyback.pt%252Ff8a6b97fc1ed54%26relation%3Dparent.parent&container_width=0&locale=pt_PT&logged_in_greeting=Como%20podemos%20ajudar%3F&logged_out_greeting=Como%20podemos%20ajudar%3F&page_id=107530161054518&request_time=1611046587510&sdk=joey&theme_color=%23ffc300
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.moneyback.pt/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.moneyback.pt/

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests; frame-ancestors https://www.facebook.com;
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-xss-protection
0
strict-transport-security
max-age=15552000; preload
content-encoding
br
facebook-api-version
v7.0
x-content-type-options
nosniff
vary
Accept-Encoding
pragma
no-cache
x-fb-rlafr
0
content-type
text/html; charset="utf-8"
x-fb-debug
OKask9n20aBlkV0dIdEL/pAqc64DSo8CLsDgBcyM8M/7ueJAGwUEnkdd9F4hVn3N9pHe8cy9VPTAlRVqDd4+vQ==
date
Tue, 19 Jan 2021 08:56:27 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| UIkit function| UIkitFjord object| $theme function| fbAsyncInit string| prefix string| path string| addy428d856a53f94e07782ea07c43f89b78 string| addy_text428d856a53f94e07782ea07c43f89b78 object| $load object| FB

1 Cookies

Domain/Path Name / Value
www.moneyback.pt/ Name: 43586eb2ca761afb2c4f2df0385fdbe1
Value: dcsuii6sj5d2ssub4gdi432ukm

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
www.facebook.com
www.moneyback.pt
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
94.23.77.197
1ec14b80e25a9fb9f111dadb8cd513a75304142f81ec57fe95173bd950278207
3b0d162d9738aa27d8473ba13e8e7fbf48f69353e4f408974c8dc5e904f40448
3eec0e2c2219680b7b2cf4b332e927df1e483fc8e6668a28c69ab80ef0b1176e
461d91a8a875fef042d95fdc7d401a571da67f5f7fa3fd02f541ca393a6d9eaa
57559551c35735c4acd1ede5a7d3df31a3f9b55acc087fdbb0811813b13d63d3
7eb0b05b923f50a8553ea7c0b1b95cf5d474648a9886c11db29a98195c537eae
84a9e9a4c9d4382a88a380ee3eae1ec71238a00d1262f83d808a42f64224b467
89c1c232e29279286e1b820414f51d03401636eadc780fd2f407e7384a36ea16
8edacee5165a5f51ca7106ec6ca125f59c4fbc51d52c782f2b283c5e829c6297
a2ebc9986134c7e0ceac40365c254f13c3c96b19d89e16129076eb5874d97dc9
a5bf767bcfa8f33e1e1c35556b7b84c02424fa522e6dd4d7dccc1d71e1bd5d20
ab8e5f6f9036aa8bacf21de256559b1bbab10c721f722340f621dc742a2c8c67
bba15e803f13e176ae48169609b7d2297aada6645f81c19703e645d0a6d33a8d
bdefd54d4cb6c969200547615c1c5791ffc29770f89c211226f2f62d0d186220
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
cb00496bb70632ef8a67938e66cdb16e6bac20451f5ede73ff3df8f1d896b375
d4abc82b2d44df63dc655d0a8aae276ef6b76c0dbcdc4d8e689a65e1285da8f0
db625fb57d28a4ae5fbc03c84cb04b5b2c1556c36be5055f46508a5340f3d898
e2928e93ff29ec1fd1cf6bba8e7a4b6501af41990515df9d0234b92953c41eac
f43a13e37e3fe096028b6a73b2cab72bfa7491782928a0f09c27a8e38a4c530c
fc542dd174fd1aa050acfc75fea864e6320840f4bb6e34cacd0757e2deb0fc75