urlscan.io logo urlscan.io
SecurityTrails logo

planodoelon.online Open in urlscan Pro
2a02:4780:38:6762:8d53:43bb:4b8a:5530  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://planodoelon.online/
Effective URL: https://planodoelon.online/
Submission Tags: scythethephish
Submission: On May 17 via api from RO — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 6 HTTP transactions. The main IP is 2a02:4780:38:6762:8d53:43bb:4b8a:5530, located in Singapore, Singapore and belongs to AS-HOSTINGER, CY. The main domain is planodoelon.online.
TLS certificate: Issued by R3 on May 15th 2024. Valid for: 3 months.
This is the only time planodoelon.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    2a02:4780:38:6762:8d53:43bb:4b8a:5530 (Singapore, Singapore)

ASN47583 (AS-HOSTINGER, CY)
planodoelon.online
1    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    54.237.67.240 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-237-67-240.compute-1.amazonaws.com
trackings.nemu.com.br
1    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 183
71 KB
2 planodoelon.online
planodoelon.online
2 MB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 101
274 B
1 nemu.com.br
trackings.nemu.com.br
39 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
89 KB
6 5
Domain Requested by
2 connect.facebook.net planodoelon.online
connect.facebook.net
2 planodoelon.online 1 redirects
1 www.facebook.com planodoelon.online
1 trackings.nemu.com.br planodoelon.online
1 www.googletagmanager.com planodoelon.online
6 5

This site contains links to these domains. Also see Links.

Domain
pay.expressa-entrega.online
Subject Issuer Validity Valid
planodoelon.online
R3		 2024-05-15 -
2024-08-13		 3 months crt.sh
*.google-analytics.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-02-25 -
2024-05-25		 3 months crt.sh
backend.nemu.com.br
R3		 2024-05-02 -
2024-07-31		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://planodoelon.online/
Frame ID: D011C96FB1D57074D5B1AAF67307FEFC
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

PLANO STARLINK

Page URL History Show full URLs

  1. http://planodoelon.online/ HTTP 307
    https://planodoelon.online/ HTTP 307
    http://planodoelon.online/ HTTP 301
    https://planodoelon.online/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

6
Requests

100 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

6
IPs

3
Countries

2082 kB
Transfer

3485 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://planodoelon.online/ HTTP 307
    https://planodoelon.online/ HTTP 307
    http://planodoelon.online/ HTTP 301
    https://planodoelon.online/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
planodoelon.online/
Redirect Chain
  • http://planodoelon.online/
  • https://planodoelon.online/
  • http://planodoelon.online/
  • https://planodoelon.online/
2 MB
2 MB 		Document
General
Check archive.org
Download Go to
Full URL
https://planodoelon.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:38:6762:8d53:43bb:4b8a:5530 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
hcdn /
Resource Hash
74ee00f4ef544f7568d63ba77a2cb1f1cc50be22cab9fd9bc553fbea439efe0d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-encoding
br
content-length
1729635
content-security-policy
upgrade-insecure-requests
content-type
text/html
date
Fri, 17 May 2024 19:29:09 GMT
etag
"25c6fb-66462042-7d8b476ed18a6888;br"
last-modified
Thu, 16 May 2024 15:03:30 GMT
platform
hostinger
server
hcdn
x-hcdn-cache-status
DYNAMIC
x-hcdn-request-id
2a215675d3a0d2066736c35f7dc3a017-nme-edge5
x-hcdn-upstream-rt
1.177

Redirect headers

Age
3088
Connection
keep-alive
Content-Length
795
Content-Type
text/html
Date
Fri, 17 May 2024 19:29:08 GMT
Server
hcdn
alt-svc
h3=":443"; ma=86400
content-security-policy
upgrade-insecure-requests
location
https://planodoelon.online/
platform
hostinger
x-hcdn-cache-status
HIT
x-hcdn-request-id
260c39692af66984da954c3c99df416f-nme-edge5
js
www.googletagmanager.com/gtag/ 		257 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-10783261026
Requested by
Host: planodoelon.online
URL: https://planodoelon.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
17c3a850b431243bb30efbbb4af697a03e30a7d4998a73729166763a22569ede
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://planodoelon.online/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 19:29:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
90739
x-xss-protection
0
last-modified
Fri, 17 May 2024 19:03:49 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 17 May 2024 19:29:10 GMT
fbevents.js
connect.facebook.net/en_US/ 		218 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: planodoelon.online
URL: https://planodoelon.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://planodoelon.online/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 17 May 2024 19:29:10 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57845
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=40, rtx=0, c=12, mss=1294, tbw=2782, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma
public
x-fb-debug
NplJzAsalid8SQMPe2yndW4C8ZC+PsFTNUMK1S1N1ZFpM/rM5AqRI92aFsnFXoe83iZfer3iHlVy17RdCY/92A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
script.js
trackings.nemu.com.br/trackings/W-0K2KJVFD/ 		38 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trackings.nemu.com.br/trackings/W-0K2KJVFD/script.js
Requested by
Host: planodoelon.online
URL: https://planodoelon.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.237.67.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-67-240.compute-1.amazonaws.com
Software
/
Resource Hash
0f21be73e4e526d77e2841fa9baefdd93c0e6b0079ad4b5c1cdfcbb01d78fd31
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://planodoelon.online/
Origin
https://planodoelon.online
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 19:29:10 GMT
content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
content-length
39165
x-xss-protection
0
referrer-policy
no-referrer
cross-origin-opener-policy
same-origin
etag
W/"98fd-356fLN8jmndYQCdFiHdQ/xJTiVY"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Origin
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://planodoelon.online
origin-agent-cluster
?1
8311703128844870
connect.facebook.net/signals/config/ 		56 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/8311703128844870?v=2.9.156&r=stable&domain=planodoelon.online&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c3ab9dabd5b6f8655b366854590df02a5ffc5239924d8d32231c78c6b7201e01
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://planodoelon.online/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 17 May 2024 19:29:10 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=47, rtx=0, c=64, mss=1294, tbw=63362, tp=-1, tpl=-1, uplat=217, ullat=0
pragma
public
x-fb-debug
xx9QWWl/zn4WoERz6Xk+el3s7HckOJuKg4i2plAMCknGto+mS+DurglH3v0ehaNihWHOHghnh6jbulQNgmbFUQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=8311703128844870&ev=PageView&dl=https%3A%2F%2Fplanodoelon.online%2F&rl=&if=false&ts=1715974150859&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4126&fbp=fb.1.1715974150859.276119534&ler=empty&cdl=API_unavailable&it=1715974150575&coo=false&rqm=GET
Requested by
Host: planodoelon.online
URL: https://planodoelon.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://planodoelon.online/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1294, tbw=2774, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 17 May 2024 19:29:10 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
truncated
/ 		42 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
be55d2dd20e0145d3907803eb10178af6fa3a6d06c1e243b6f375bdc8771c807

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		59 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3888577d1892671d2d926c30bc1fa6ce518d5309b26ab357521e8b81b066cdb6

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		53 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8f07ca9d724dc2bad6cbca21444a25ceda425ba2d016bf738a004fc7a9ba100f

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ba00f0bc83ac4d9a64a46b4dd7423a857f9cb13e681d3cff876ef326d4b5111d

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		84 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
312fe26dd70b731b7e20d8e2641929bec07a1968eb167e78edc8c4331ca8409c

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		41 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
251e833bfacc4717c8b7ae8317b666617b1a55792f5c9502e15471987fa0c049

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		27 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f35149e1fbbc5c8e23934e59bee6f0d43c09a5aed9805c907c45a37e7932d72e

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
34208e63c50cc27f5c13b0c29629cf0561fa788f564a07f82cf877dc28e46b82

Request headers

Referer
Origin
https://planodoelon.online
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
font/woff2
truncated
/ 		126 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4a4dbc62fa335e411b94a532be091c58c0c0c4fa731339f11722577d3cf6443b

Request headers

Referer
Origin
https://planodoelon.online
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
font/woff2
truncated
/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8f493bc8eacfa4d5dac70996bf00a6a4c55e508bc0555ead3951b32524c06f08

Request headers

Referer
Origin
https://planodoelon.online
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
font/woff2

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| fbq function| _fbq function| onLoad function| gtag object| dataLayer object| google_tag_manager object| google_tag_data function| _extends function| _createForOfIteratorHelperLoose function| _unsupportedIterableToArray function| _arrayLikeToArray function| _regeneratorRuntime function| asyncGeneratorStep function| _asyncToGenerator function| Logger object| utmNames function| api function| _api function| extractHostname function| extractOrigin function| parseUTMSrc function| getClientId function| generateUnix function| getFacebookParams function| createSession function| _createSession function| getLastSessionHistory function| _getLastSessionHistory function| createSessionHistory function| _createSessionHistory function| isJsonString function| getCookieByName function| setCookie function| removeCookie function| hasCookiesEnabled function| getHotmartSourceName function| isHotmartUtmsParsable function| containsHotmartSourceInUrl function| containsUTMsInQueryParams function| parseHotmartUTMs function| parseUtms function| extractUTMsFromQueryParams function| parseUTMsToQueryParams function| loadUTMsInQueryParams function| formatUtms function| redirectWithUTMs function| handleByType function| _onLoad

2 Cookies

Domain/Path Name / Value
.planodoelon.online/ Name: _gcl_au
Value: 1.1.2092544439.1715974151
.planodoelon.online/ Name: _fbp
Value: fb.1.1715974150859.276119534

6 Console Messages

Source Level URL
Text
other warning URL: https://connect.facebook.net/signals/config/8311703128844870?v=2.9.156&r=stable&domain=planodoelon.online&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 97)
Message:
Unrecognized feature: 'attribution-reporting'.
security error URL: https://trackings.nemu.com.br/trackings/W-0K2KJVFD/script.js(Line 37)
Message:
Refused to connect to 'https://api.ipify.org/?format=json' because it violates the following Content Security Policy directive: "default-src 'none'". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
javascript error URL: https://trackings.nemu.com.br/trackings/W-0K2KJVFD/script.js(Line 37)
Message:
Refused to connect to 'https://api.ipify.org/?format=json' because it violates the document's Content Security Policy.
security error URL: https://trackings.nemu.com.br/trackings/W-0K2KJVFD/script.js(Line 37)
Message:
Refused to connect to 'https://trackings.nemu.com.br/trackings/W-0K2KJVFD/sessions' because it violates the following Content Security Policy directive: "default-src 'none'". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
javascript error URL: https://trackings.nemu.com.br/trackings/W-0K2KJVFD/script.js(Line 37)
Message:
Refused to connect to 'https://trackings.nemu.com.br/trackings/W-0K2KJVFD/sessions' because it violates the document's Content Security Policy.
recommendation verbose URL: https://planodoelon.online/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests