www-realizesolucoesfinanceiras-com-br-4.rds.land
Open in
urlscan Pro
34.68.90.188
Malicious Activity!
Public Scan
Submission: On January 01 via api from CH — Scanned from DE
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 5th 2022. Valid for: a year.
This is the only time www-realizesolucoesfinanceiras-com-br-4.rds.land was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Realize (Financial)Domain & IP information
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 188.90.68.34.bc.googleusercontent.com
www-realizesolucoesfinanceiras-com-br-4.rds.land | |
popups.rdstation.com.br |
ASN21499 (GODADDY-SXB, DE)
PTR: 54.220.204.92.host.secureserver.net
cdn.fhgfh.co.uk |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-214-139.fra53.r.cloudfront.net
d335luupugsy2.cloudfront.net |
ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-16.fra56.r.cloudfront.net
static.hotjar.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-19.fra56.r.cloudfront.net
script.hotjar.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-116.fra60.r.cloudfront.net
vars.hotjar.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-253-50.eu-west-1.compute.amazonaws.com
in.hotjar.com |
ASN16509 (AMAZON-02, US)
PTR: server-99-86-240-63.vie50.r.cloudfront.net
vc.hotjar.io |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-149-215.eu-west-1.compute.amazonaws.com
ws27.hotjar.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
cloudfront.net
d335luupugsy2.cloudfront.net |
138 KB |
10 |
fhgfh.co.uk
cdn.fhgfh.co.uk |
172 KB |
5 |
hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 877 script.hotjar.com — Cisco Umbrella Rank: 1181 vars.hotjar.com — Cisco Umbrella Rank: 1235 in.hotjar.com — Cisco Umbrella Rank: 2246 ws27.hotjar.com — Cisco Umbrella Rank: 89581 |
74 KB |
4 |
gstatic.com
fonts.gstatic.com |
83 KB |
4 |
rds.land
www-realizesolucoesfinanceiras-com-br-4.rds.land |
56 KB |
3 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 127 ajax.googleapis.com — Cisco Umbrella Rank: 520 |
36 KB |
2 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 488 |
56 KB |
2 |
fontawesome.com
pro.fontawesome.com — Cisco Umbrella Rank: 11230 |
150 KB |
2 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 356 |
19 KB |
1 |
rdstation.com.br
popups.rdstation.com.br — Cisco Umbrella Rank: 75469 |
248 B |
1 |
hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 2940 |
258 B |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 123 |
37 KB |
48 | 12 |
Domain | Requested by | |
---|---|---|
11 | d335luupugsy2.cloudfront.net |
www-realizesolucoesfinanceiras-com-br-4.rds.land
d335luupugsy2.cloudfront.net |
10 | cdn.fhgfh.co.uk |
www-realizesolucoesfinanceiras-com-br-4.rds.land
|
4 | fonts.gstatic.com |
fonts.googleapis.com
|
4 | www-realizesolucoesfinanceiras-com-br-4.rds.land |
www-realizesolucoesfinanceiras-com-br-4.rds.land
|
2 | cdn.jsdelivr.net |
www-realizesolucoesfinanceiras-com-br-4.rds.land
|
2 | pro.fontawesome.com |
www-realizesolucoesfinanceiras-com-br-4.rds.land
pro.fontawesome.com |
2 | cdnjs.cloudflare.com |
www-realizesolucoesfinanceiras-com-br-4.rds.land
|
2 | fonts.googleapis.com |
www-realizesolucoesfinanceiras-com-br-4.rds.land
|
1 | popups.rdstation.com.br |
d335luupugsy2.cloudfront.net
|
1 | ws27.hotjar.com |
script.hotjar.com
|
1 | vc.hotjar.io |
script.hotjar.com
|
1 | in.hotjar.com |
script.hotjar.com
|
1 | vars.hotjar.com |
static.hotjar.com
|
1 | www.googletagmanager.com |
d335luupugsy2.cloudfront.net
|
1 | script.hotjar.com |
static.hotjar.com
|
1 | static.hotjar.com |
www-realizesolucoesfinanceiras-com-br-4.rds.land
|
1 | ajax.googleapis.com |
www-realizesolucoesfinanceiras-com-br-4.rds.land
|
48 | 17 |
This site contains links to these domains. Also see Links.
Domain |
---|
realizosolucaofinanceira.com |
policies.google.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.rds.land Sectigo RSA Domain Validation Secure Server CA |
2022-10-05 - 2023-11-05 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-11-28 - 2023-02-20 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-08-03 - 2023-08-02 |
a year | crt.sh |
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-11-22 - 2023-12-23 |
a year | crt.sh |
cdn.fhgfh.co.uk cPanel, Inc. Certification Authority |
2022-12-31 - 2023-03-31 |
3 months | crt.sh |
*.cloudfront.net Amazon |
2022-02-01 - 2023-01-31 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-11-28 - 2023-02-20 |
3 months | crt.sh |
*.hotjar.com Amazon |
2022-10-25 - 2023-11-23 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-11-28 - 2023-02-20 |
3 months | crt.sh |
*.hotjar.io Amazon |
2022-07-18 - 2023-08-16 |
a year | crt.sh |
popups.rdstation.com.br R3 |
2022-11-29 - 2023-02-27 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://www-realizesolucoesfinanceiras-com-br-4.rds.land/fatura-renner-hoje?gclid=EAIaIQobChMIy-ak-O6k_AIVif_ICh1WVgCKEAAYASAAEgIvIPD_BwE
Frame ID: F1ED6107A092039ABA5E08CFA88B6DB2
Requests: 47 HTTP requests in this frame
Frame:
https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
Frame ID: 4EDC5019FA0813B61296D3B86C959D7D
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Cartões RennerDetected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
Hotjar (Analytics) Expand
Detected patterns
- //static\.hotjar\.com/
RD Station (Marketing Automation) Expand
Detected patterns
- d335luupugsy2\.cloudfront\.net/js/loader-scripts/.*-loader\.js
Select2 (JavaScript Libraries) Expand
Detected patterns
- select2(?:\.min|\.full)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr (CDN) Expand
Detected patterns
- <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
- //cdn\.jsdelivr\.net/
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Title: Acessar fatura
Search URL Search Domain Scan URL
Title: Termos
Search URL Search Domain Scan URL
Title: Privacidade
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
48 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
fatura-renner-hoje
www-realizesolucoesfinanceiras-com-br-4.rds.land/ |
56 KB 56 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
16 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
select2.min.css
cdnjs.cloudflare.com/ajax/libs/select2/3.5.2/ |
14 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.css
pro.fontawesome.com/releases/v5.10.0/css/ |
153 KB 29 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha1/dist/css/ |
216 KB 32 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha1/dist/js/ |
79 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
www-realizesolucoesfinanceiras-com-br-4.rds.land/cartoes-rener/libs/jquery/ |
0 0 |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-mask.min.js
www-realizesolucoesfinanceiras-com-br-4.rds.land/cartoes-rener/libs/jquery-mask/ |
0 0 |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-realize.svg
cdn.fhgfh.co.uk/ |
21 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
car_rener.png
cdn.fhgfh.co.uk/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cartao-rener-logo.svg
cdn.fhgfh.co.uk/ |
3 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
meu-cartao-logo.svg
cdn.fhgfh.co.uk/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
google-play-badge-reverse.svg
cdn.fhgfh.co.uk/ |
11 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app-store-badge.svg
cdn.fhgfh.co.uk/ |
11 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
celular-login.png
cdn.fhgfh.co.uk/ |
152 KB 153 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
google-play-badge.svg
cdn.fhgfh.co.uk/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app-store-badge_.svg
cdn.fhgfh.co.uk/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
form-1.js
www-realizesolucoesfinanceiras-com-br-4.rds.land/cartoes-rener/ |
0 0 |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.2/ |
94 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.validate.min.js
d335luupugsy2.cloudfront.net/js/jquery.validate/1.9/ |
21 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.form.js
d335luupugsy2.cloudfront.net/js/jquery.form/2.02/ |
31 KB 9 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
select2.min.js
cdnjs.cloudflare.com/ajax/libs/select2/3.5.2/ |
65 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.cookie.v1.4.1.min.js
d335luupugsy2.cloudfront.net/js/lead-tracking/stable/plugins/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
math.uuid.v1.4.min.js
d335luupugsy2.cloudfront.net/js/lead-tracking/stable/plugins/ |
876 B 979 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rdlps.min.js
d335luupugsy2.cloudfront.net/js/rd/stable/ |
165 KB 45 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rdlps-progressive-profiling.min.js
d335luupugsy2.cloudfront.net/js/rd/stable/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rdlps-autofill.min.js
d335luupugsy2.cloudfront.net/js/rd/stable/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
07ce8099-6d35-4357-8c22-56cd034d2365-loader.js
d335luupugsy2.cloudfront.net/js/loader-scripts/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg-login.svg
cdn.fhgfh.co.uk/ |
664 B 518 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
google-play-badge.svg
cdn.fhgfh.co.uk/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
app-store-badge_.svg
cdn.fhgfh.co.uk/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fa-solid-900.woff2
pro.fontawesome.com/releases/v5.10.0/webfonts/ |
120 KB 120 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ |
9 KB 10 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hotjar-3304214.js
static.hotjar.com/c/ |
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ |
23 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v20/ |
34 KB 34 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modules.352fddba5b21bbfc3a08.js
script.hotjar.com/ |
264 KB 68 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
traffic-source-cookie.min.js
d335luupugsy2.cloudfront.net/js/traffic-source-cookie/stable/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
93 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
box-5e66f98b4ee957db209dc6f63e3d59dd.html
vars.hotjar.com/ Frame 4EDC |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
visit-data
in.hotjar.com/api/v2/client/sites/3304214/ |
148 B 322 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3304214
vc.hotjar.io/sessions/ |
0 258 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
content
ws27.hotjar.com/api/v2/sites/3304214/recordings/ |
66 B 259 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rdstation-popup.min.js
d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/ |
203 KB 56 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rd-js-integration.min.js
d335luupugsy2.cloudfront.net/js/integration/2.0.0/ |
30 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
show.json
popups.rdstation.com.br/popup/ |
13 B 248 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- cdn.fhgfh.co.uk
- URL
- http://cdn.fhgfh.co.uk/google-play-badge.svg
- Domain
- cdn.fhgfh.co.uk
- URL
- http://cdn.fhgfh.co.uk/app-store-badge_.svg
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Realize (Financial)32 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| oncontentvisibilityautostatechange number| uidEvent object| bootstrap function| hj object| _hjSettings function| $ function| jQuery object| Select2 function| conversionSuccess object| RdlpsEventListener function| CityInputFieldHandler object| fieldFormatPhone function| initRdlps object| jQuery1112014739426281574675 object| RdlpsAutofill function| origConversionSuccess object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| RDStation object| RDCookieControl boolean| RDStationTrackingCodeChecker object| dataLayer object| TrafficSourceCookie object| google_tag_manager object| RdstationPopup object| credentials object| RdstationFormsIntegration7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www-realizesolucoesfinanceiras-com-br-4.rds.land/fatura-renner-hoje | Name: __rd_experiment_version Value: index |
|
.rds.land/ | Name: _hjSessionUser_3304214 Value: eyJpZCI6IjNmZmVjNjU4LTg3YjEtNWRiYy1hOTRmLTg4N2U0MzM1YTNjYSIsImNyZWF0ZWQiOjE2NzI1ODIzMzc4NjksImV4aXN0aW5nIjpmYWxzZX0= |
|
.rds.land/ | Name: _hjFirstSeen Value: 1 |
|
www-realizesolucoesfinanceiras-com-br-4.rds.land/ | Name: _hjIncludedInSessionSample Value: 1 |
|
.rds.land/ | Name: _hjSession_3304214 Value: eyJpZCI6IjkyYzYwN2IxLTc4OGMtNDRkYy1iNTgxLTFmYjRmY2YwN2RmMiIsImNyZWF0ZWQiOjE2NzI1ODIzMzg1MDksImluU2FtcGxlIjp0cnVlfQ== |
|
www-realizesolucoesfinanceiras-com-br-4.rds.land/ | Name: _hjIncludedInPageviewSample Value: 1 |
|
.rds.land/ | Name: _hjAbsoluteSessionInProgress Value: 1 |
43 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=7776000 |
X-Frame-Options | sameorigin |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
cdn.fhgfh.co.uk
cdn.jsdelivr.net
cdnjs.cloudflare.com
d335luupugsy2.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
in.hotjar.com
popups.rdstation.com.br
pro.fontawesome.com
script.hotjar.com
static.hotjar.com
vars.hotjar.com
vc.hotjar.io
ws27.hotjar.com
www-realizesolucoesfinanceiras-com-br-4.rds.land
www.googletagmanager.com
cdn.fhgfh.co.uk
13.32.27.16
13.32.27.19
143.204.214.139
18.66.147.116
2606:4700::6810:5514
2606:4700::6811:190e
2606:4700::6812:1634
2a00:1450:4001:803::200a
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::200a
2a00:1450:400d:803::2008
34.252.149.215
34.68.90.188
52.48.253.50
92.204.220.54
99.86.240.63
01b3534e9a0ae998591f146fc5e90a4631be4184fb511f65a98c06dc79906e69
061f0b1ea79e6e2ca24f4603e55d3e909f7471ba0b279cdb6dea40554106c6a2
0807e5cf78c221870b48d7383205cdd116c6bbd75cd38695b6fb41327f1d3d3c
09e62de51ee41b28720d7c1d7e0b00b5cd191fc6fcc047d702ce2232ccdfd04c
12eb26350b493d28a6eddfbd3791a5b44816b0983fd20d51beffb10b383e21b2
1f3cd9162638b743c8bf4d939bcfd1dc256f2e97231e13b5cff600502a78a10e
24ab0f5cc1567cfc11392e627c7102bb80d99f86425ca1dfebf7d7aeb53fc875
2af905d92cfd34b5413126a54f639da408166cbbcb54318e413ad5e10b5bf6ec
2dab5241f2900b5765983ae17ef6637ad7714cb34056e783bf5a1a845a9cd910
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
3227090726b08ac1fa000847601fd465a74d5fc4c0478bd854be0ee1ca572d76
3bb71cec41dd0b3c5782f72d32b1b028fdc9558f0acace778d1a2c312d50f382
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
5189da908d02e27c9bede9e09855af92138347c7138c9905b67bf406997ea86e
6c8b822ba2fa788a754e0a94055060c9c897dfb29538d92e04fd3f83d407bcb7
6e617c166794bc15af9f50384e65164ea028003419a5178a2d4cc34ca9490a79
6fe512b1da7beb42a1e633c514a961877a73854398c64b228e2ae3c735d2defd
7db4ada57262fbacd47bef4e96e3cedda276b9267e6ca4d20adeeb1c24d870b6
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
7f8a5022df3199d1c0cfdc94abc6b80b1227adfbd5b36ebce0507a9e8a6df4e5
8fe6b18483431982a14785997627d67323d3793cca37eef75ba51f06216fc691
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
932ea15108928991bcf0c0a46415fc652de5ffc0158c35205357b90c65eeb386
939b4f5c505097e74e93c3a6a82b69b516bb6d160d449bafb37edb72ab260c1d
96963225fdd841e62b2f2d853bf326cd3689ec835f3054e788a35a655074ee51
96ddd38efe76ec82a9f2b4ecb8c151aa7b202d792823131a8936fc9bd616b22a
a700f834d4539a4edfcd428adc332217c53a0cf7bdb9436e4703d25b6cde2cf4
a931d758e10b5f646f42e4b1100ee31b7ce4cdf5a86d59133424b65c8802788b
b137597361a0bdbcdd1051f8a3e89a8cd7cc34c6393422704a4743afcce451dd
b2c8dbbb4b81eec5c9508051511eb6461b456cb76acfb582aab04a3041b4a99d
c98d58b66b5fd07bd05e3f8d8dbd038cf7ac60165a3bfb761ade1942cdffffac
cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc
d27aa8bf9677cf4ef12acd7b37afc20f1f661d7c163b929ae9caf103b01fce37
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e566567aeb9fa0652b76609bed9529dbf0dd43298eb7d367e850aef718c03e65
e946d863a136a09089fd275d574ff3346bad8327d4ef378c06af35872d9fe56d
eba027d59d9bb46f605599febf927a74079c645c808f5ee3bb783af909801fdb
eeab1a5ea0b843a7c77549c431653410441ece04c4d2c04bc73b294fc7364e34
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fb47f3eb7169fd3b7783b0e2e22e8199c6ff9fc5b0869508ad4121214a4fdcde