suporte-faturarenner.online Open in urlscan Pro
2a02:4780:13:1050:0:8f2:1580:2  Malicious Activity! Public Scan

16 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response suporte-faturarenner.online/	646 KB 133 KB	776ms 207ms	Document text/html	2a02:4780:13:1050:0:8f2:1580:2 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://suporte-faturarenner.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:13:1050:0:8f2:1580:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / PHP/8.0.28 Resource Hash 2bfce17f48a54a40be23f1ba4bd46ea959948f6e441ed748b70cfb27f164669e Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-encoding br content-security-policy upgrade-insecure-requests content-type text/html; charset=UTF-8 date Wed, 07 Jun 2023 23:46:05 GMT platform hostinger server LiteSpeed vary Accept-Encoding x-powered-by PHP/8.0.28
GET H/1.1	200 OK	tag.js Show response cdn.pmweb.com.br/df/	22 KB 9 KB	949ms 204ms	Script application/javascript	52.67.188.174 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.pmweb.com.br/df/tag.js?id=PM-N2FTFQ Requested by Host: suporte-faturarenner.online URL: https://suporte-faturarenner.online/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.67.188.174 São Paulo, Brazil, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-67-188-174.sa-east-1.compute.amazonaws.com Software nginx / Resource Hash 94c081e2ae2f0618d1661bb9267a2ae65addb921bef6464fb1dd7169bd5f55c6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://suporte-faturarenner.online/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Date Wed, 07 Jun 2023 23:46:07 GMT Content-Encoding gzip Strict-Transport-Security max-age=31536000; includeSubdomains; preload Last-Modified Tue, 30 May 2023 17:59:01 GMT Server nginx ETag W/"64763965-587b" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=300 Connection keep-alive Content-Length 9197 Expires Wed, 07 Jun 2023 23:51:07 GMT
GET H2	404	recaptcha__pt_br.js www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/	0 0	91ms 58ms	Script text/html	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__pt_br.js Requested by Host: suporte-faturarenner.online URL: https://suporte-faturarenner.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://suporte-faturarenner.online/ Origin https://suporte-faturarenner.online accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Wed, 07 Jun 2023 23:46:06 GMT x-content-type-options nosniff server sffe content-type text/html; charset=UTF-8 access-control-allow-origin * cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1624 x-xss-protection 0
GET H2	200	js Show response www.google-analytics.com/gtm/	120 KB 47 KB	43ms 21ms	Script application/javascript	2001:4860:4802:32::178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/gtm/js?id=GTM-W9SBWRL&cid=821526971.1665100592 Requested by Host: suporte-faturarenner.online URL: https://suporte-faturarenner.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 64cd90f65a71e170a8c44126b4d5f51a71268f50d1712e8aa771d151acca787b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://suporte-faturarenner.online/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Wed, 07 Jun 2023 23:46:06 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 47763 x-xss-protection 0 last-modified Wed, 07 Jun 2023 22:32:10 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 07 Jun 2023 23:46:06 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	140 KB 53 KB	42ms 20ms	Script application/javascript	2a00:1450:4001:831::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-N2FTFQ Requested by Host: suporte-faturarenner.online URL: https://suporte-faturarenner.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 9012e3d532efa5e0209f503e6694c19bce0539862b209f4a4e2da148f9d194bb Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://suporte-faturarenner.online/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Wed, 07 Jun 2023 23:46:06 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 53782 x-xss-protection 0 last-modified Wed, 07 Jun 2023 22:32:10 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 07 Jun 2023 23:46:06 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	51 KB 21 KB	29ms 6ms	Script text/javascript	2001:4860:4802:32::178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: suporte-faturarenner.online URL: https://suporte-faturarenner.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://suporte-faturarenner.online/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Wed, 07 Jun 2023 23:04:48 GMT last-modified Mon, 17 Apr 2023 22:36:01 GMT server Golfe2 age 2478 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20737 expires Thu, 08 Jun 2023 01:04:48 GMT
GET H2	200	js Show response www.google-analytics.com/gtm/	120 KB 47 KB	40ms 18ms	Script application/javascript	2001:4860:4802:32::178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/gtm/js?id=GTM-W9SBWRL&cid=515651834.1664596739 Requested by Host: suporte-faturarenner.online URL: https://suporte-faturarenner.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash d2652086400fd94b6937f5bf584e89830208944ef80ee40723455f6d26f0c40e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://suporte-faturarenner.online/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Wed, 07 Jun 2023 23:46:06 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 47761 x-xss-protection 0 last-modified Wed, 07 Jun 2023 22:32:10 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 07 Jun 2023 23:46:06 GMT
GET H2	404	ruxitagentjs_ICA27Vfghjqrux_10249220905100923.js suporte-faturarenner.online/	0 0	612ms 611ms	Script text/html	2a02:4780:13:1050:0:8f2:1580:2 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://suporte-faturarenner.online/ruxitagentjs_ICA27Vfghjqrux_10249220905100923.js Requested by Host: suporte-faturarenner.online URL: https://suporte-faturarenner.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:13:1050:0:8f2:1580:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers accept-language de-DE,de;q=0.9 Referer https://suporte-faturarenner.online/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Wed, 07 Jun 2023 23:46:05 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Sat, 29 Apr 2023 11:46:38 GMT server LiteSpeed etag "999-644d039e-964735a363c76eea;br" vary Accept-Encoding content-type text/html accept-ranges bytes platform hostinger content-length 912
GET H2	200	189e25234ffe70ce_complete.js Show response js-cdn.dynatrace.com/jstag/157944990f8/bf73995led/	333 KB 122 KB	53ms 19ms	Script application/javascript	52.222.236.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js-cdn.dynatrace.com/jstag/157944990f8/bf73995led/189e25234ffe70ce_complete.js Requested by Host: suporte-faturarenner.online URL: https://suporte-faturarenner.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.236.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-236-22.fra56.r.cloudfront.net Software / Resource Hash 123357b859bdf7cf216dd9bb672c46f09f08f26a7311259db557e19517ec7f62 Request headers Referer https://suporte-faturarenner.online/ Origin https://suporte-faturarenner.online accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Wed, 07 Jun 2023 22:48:38 GMT content-encoding gzip via 1.1 f2c65205154aaf89a2c7bbc8fe8fdaba.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P4 age 3448 x-cache Hit from cloudfront x-oneagent-js-injection true traffic-source UNKNOWN dynatrace-response-id JSN5S8OBIXF7 dynatrace-response-source Cluster vary Accept-Encoding content-type application/javascript;charset=utf-8 access-control-allow-origin * cache-control public, max-age=3600 timing-allow-origin * x-amz-cf-id mmKI5SSW722BS1JtSinaJXMl4I8E3XTQHm2t6_m7g7Xty8gqtvGaNQ== expires Wed, 07 Jun 2023 23:48:38 GMT
GET H2	404	3.bundle-b50fd5103304ce6835d8.js suporte-faturarenner.online/cartoes-renner/js/	0 0	408ms 408ms	Script text/html	2a02:4780:13:1050:0:8f2:1580:2 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://suporte-faturarenner.online/cartoes-renner/js/3.bundle-b50fd5103304ce6835d8.js Requested by Host: suporte-faturarenner.online URL: https://suporte-faturarenner.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:13:1050:0:8f2:1580:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://suporte-faturarenner.online/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Wed, 07 Jun 2023 23:46:05 GMT content-encoding br last-modified Sat, 29 Apr 2023 11:46:38 GMT server LiteSpeed etag "999-644d039e-964735a363c76eea;br" vary Accept-Encoding content-type text/html accept-ranges bytes platform hostinger content-length 912
GET H2	404	2.bundle-f1f55db44dc2d8d8d302.js suporte-faturarenner.online/cartoes-renner/js/	0 0	408ms 408ms	Script text/html	2a02:4780:13:1050:0:8f2:1580:2 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://suporte-faturarenner.online/cartoes-renner/js/2.bundle-f1f55db44dc2d8d8d302.js Requested by Host: suporte-faturarenner.online URL: https://suporte-faturarenner.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:13:1050:0:8f2:1580:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://suporte-faturarenner.online/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Wed, 07 Jun 2023 23:46:05 GMT content-encoding br last-modified Sat, 29 Apr 2023 11:46:38 GMT server LiteSpeed etag "999-644d039e-964735a363c76eea;br" vary Accept-Encoding content-type text/html accept-ranges bytes platform hostinger content-length 912
GET H/1.1	200 OK	bg.png s3-sa-east-1.amazonaws.com/frame-image-br/	0 516 B	670ms 242ms	Image image/png	16.12.1.48 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s3-sa-east-1.amazonaws.com/frame-image-br/bg.png?x-id=real&x-r= Requested by Host: suporte-faturarenner.online URL: https://suporte-faturarenner.online/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 16.12.1.48 São Paulo, Brazil, ASN16509 (AMAZON-02, US), Reverse DNS s3-sa-east-1.amazonaws.com Software AmazonS3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://suporte-faturarenner.online/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Date Wed, 07 Jun 2023 23:46:08 GMT Last-Modified Thu, 04 May 2017 08:21:21 GMT Server AmazonS3 x-amz-meta-s3cmd-attrs uid:502/gname:staff/uname:user/gid:20/mode:33188/mtime:1493416832/atime:1493796970/md5:d41d8cd98f00b204e9800998ecf8427e/ctime:1493416832 x-amz-request-id T04QN2DJ4NQA7SV7 ETag "d41d8cd98f00b204e9800998ecf8427e" Content-Type image/png Accept-Ranges bytes Content-Length 0 x-amz-id-2 onvZmCwRy/M47eAPbMgQeNfCjy8sXzAISuPQofST5m6LUZNnpGCkfuxP9VmPAQ1xeaRrKYl6FoI=
GET H3	404	vendors.bundle-859d26788acf215a201a.js suporte-faturarenner.online/cartoes-renner/js/	0 0	207ms 206ms	Script text/html	2a02:4780:13:1050:0:8f2:1580:2 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://suporte-faturarenner.online/cartoes-renner/js/vendors.bundle-859d26788acf215a201a.js Requested by Host: suporte-faturarenner.online URL: https://suporte-faturarenner.online/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a02:4780:13:1050:0:8f2:1580:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://suporte-faturarenner.online/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Wed, 07 Jun 2023 23:46:06 GMT content-encoding br last-modified Sat, 29 Apr 2023 11:46:38 GMT server LiteSpeed etag "999-644d039e-964735a363c76eea;br" vary Accept-Encoding content-type text/html accept-ranges bytes platform hostinger alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 912
GET H3	404	main.bundle-af99510fd5623f73dd00.js suporte-faturarenner.online/cartoes-renner/js/	0 0	207ms 207ms	Script text/html	2a02:4780:13:1050:0:8f2:1580:2 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://suporte-faturarenner.online/cartoes-renner/js/main.bundle-af99510fd5623f73dd00.js Requested by Host: suporte-faturarenner.online URL: https://suporte-faturarenner.online/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a02:4780:13:1050:0:8f2:1580:2 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://suporte-faturarenner.online/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Wed, 07 Jun 2023 23:46:06 GMT content-encoding br last-modified Sat, 29 Apr 2023 11:46:38 GMT server LiteSpeed etag "999-644d039e-964735a363c76eea;br" vary Accept-Encoding content-type text/html accept-ranges bytes platform hostinger content-length 912
GET H2	200	api.js Show response www.google.com/recaptcha/	913 B 901 B	36ms 15ms	Script text/javascript	2a00:1450:4001:80b::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js?onload=onLoadRecaptcha&render=explicit&hl=pt-BR Requested by Host: suporte-faturarenner.online URL: https://suporte-faturarenner.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 85eacdafde742d4a0adf36435a7b65dcf3ee8239297a51c8c637b811dd089dff Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://suporte-faturarenner.online/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Wed, 07 Jun 2023 23:46:06 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 581 x-xss-protection 1; mode=block expires Wed, 07 Jun 2023 23:46:06 GMT
GET H2	200	bframe Show response www.google.com/recaptcha/api2/ Frame 7771	7 KB 2 KB	20ms 18ms	Document text/html	2a00:1450:4001:80b::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/bframe?hl=pt-BR&v=a9s0j4pCVT6gaTEkLiFbtZPH&k=6LcNwW8UAAAAAJ8eSLfer6Z8Lm28favadVWPryjV Requested by Host: suporte-faturarenner.online URL: https://suporte-faturarenner.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 5f1b8b3642683b573e7c118f095529eb2e9ad84505089192e679cae2900ac8a7 Security Headers Name Value Content-Security-Policy script-src 'nonce-mlFGYcoizehteFpIJqDtiA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://suporte-faturarenner.online/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-length 1172 content-security-policy script-src 'nonce-mlFGYcoizehteFpIJqDtiA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Wed, 07 Jun 2023 23:46:07 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	recaptcha__pt_br.js Show response www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/	409 KB 410 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/recaptcha__pt_br.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js?onload=onLoadRecaptcha&render=explicit&hl=pt-BR Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a939c3ed03028457c9dad11d14a276c719fa8903668748e275abf42d7c621c58 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://suporte-faturarenner.online/ Origin https://suporte-faturarenner.online accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Sat, 03 Jun 2023 02:20:15 GMT x-content-type-options nosniff age 422752 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 419202 x-xss-protection 0 last-modified Tue, 30 May 2023 00:01:16 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Sun, 02 Jun 2024 02:20:15 GMT
GET H3	404	styles__ltr.css www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/ Frame 7771	0 0	67ms 53ms	Stylesheet text/html	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/bframe?hl=pt-BR&v=a9s0j4pCVT6gaTEkLiFbtZPH&k=6LcNwW8UAAAAAJ8eSLfer6Z8Lm28favadVWPryjV Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers
GET H3	404	recaptcha__pt_br.js www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/ Frame 7771	0 0	336ms 322ms	Script text/html	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__pt_br.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/bframe?hl=pt-BR&v=a9s0j4pCVT6gaTEkLiFbtZPH&k=6LcNwW8UAAAAAJ8eSLfer6Z8Lm28favadVWPryjV Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers
GET H/1.1	200 OK	/ Show response df.pmweb.com.br/push/	2 B 519 B	895ms 202ms	XHR text/plain	18.229.145.214 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://df.pmweb.com.br/push/?aid=PM-N2FTFQ&cid=363041686181567197&sid=125001686181567198&pvw=9840dadd-36c2-4dc3-a31b-c185f0d2d5ae&v=1.19.0&rs=1600x1200&tt=Cart%C3%B5es%20Renner&ws=1600x1200&ua=Mozilla%2F5.0%20(iPhone%3B%20CPU%20iPhone%20OS%2014_7_1%20like%20Mac%20OS%20X)%20AppleWebKit%2F605.1.15%20(KHTML%2C%20like%20Gecko)%20Version%2F14.1.2%20Mobile%2F15E148%20Safari%2F604.1&url=https%3A%2F%2Fsuporte-faturarenner.online%2F Requested by Host: js-cdn.dynatrace.com URL: https://js-cdn.dynatrace.com/jstag/157944990f8/bf73995led/189e25234ffe70ce_complete.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.229.145.214 São Paulo, Brazil, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-229-145-214.sa-east-1.compute.amazonaws.com Software nginx / Resource Hash 54d626e08c1c802b305dad30b7e54a82f102390cc92c7d4db112048935236e9c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://suporte-faturarenner.online/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Pragma no-cache Date Wed, 07 Jun 2023 23:46:08 GMT Strict-Transport-Security max-age=31536000; includeSubdomains; preload Server nginx Content-Type text/plain Access-Control-Allow-Origin https://suporte-faturarenner.online Cache-Control no-cache, no-store, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Length 2 Expires 0
POST H2	200	bf Show response bf73995led.bf.dynatrace.com/	921 B 1 KB	323ms 102ms	XHR text/plain	54.164.77.4 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://bf73995led.bf.dynatrace.com/bf?type=js3&sn=v_4_srv_-2D83_sn_I6C2QNL8DII1C5NMU1NDQV8O6IAVIHQU&svrid=-83&flavor=cors&vi=MUUJDSURHFPWPHEGJCHWLVDKTPCNGUEE-0&modifiedSince=1664998180300&rf=https%3A%2F%2Fsuporte-faturarenner.online%2F&bp=3&app=189e25234ffe70ce&crc=849529825&en=ovxxhecl&end=1 Requested by Host: js-cdn.dynatrace.com URL: https://js-cdn.dynatrace.com/jstag/157944990f8/bf73995led/189e25234ffe70ce_complete.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.164.77.4 , United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-164-77-4.compute-1.amazonaws.com Software / Resource Hash 51c71f448c3694843494bd4f716a1081b5b2782ac1fa2082385a4d6f931dbda6 Request headers Referer https://suporte-faturarenner.online/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://suporte-faturarenner.online x-oneagent-js-injection true date Wed, 07 Jun 2023 23:46:09 GMT cache-control no-cache content-length 921 content-type text/plain;charset=utf-8
POST H2	200	bf Show response bf73995led.bf.dynatrace.com/	224 B 503 B	99ms 98ms	XHR text/plain	54.164.77.4 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://bf73995led.bf.dynatrace.com/bf?type=js3&sn=v_4_srv_11_sn_I6C2QNL8DII1C5NMU1NDQV8O6IAVIHQU_app-3A189e25234ffe70ce_1_ol_0_perc_100000_mul_1_rcs-3Acss_0&svrid=11&flavor=cors&vi=MUUJDSURHFPWPHEGJCHWLVDKTPCNGUEE-0&modifiedSince=1686062180704&rf=https%3A%2F%2Fsuporte-faturarenner.online%2F&bp=3&app=189e25234ffe70ce&crc=1493661058&en=ovxxhecl&end=1 Requested by Host: js-cdn.dynatrace.com URL: https://js-cdn.dynatrace.com/jstag/157944990f8/bf73995led/189e25234ffe70ce_complete.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.164.77.4 , United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-164-77-4.compute-1.amazonaws.com Software / Resource Hash d4f44080dd6ced5712c4c7ebbfad89717c8587cbe71923b03c73f092135a7b50 Request headers Referer https://suporte-faturarenner.online/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://suporte-faturarenner.online x-oneagent-js-injection true date Wed, 07 Jun 2023 23:46:10 GMT cache-control no-cache content-length 224 content-type text/plain;charset=utf-8
POST H2	200	bf Show response bf73995led.bf.dynatrace.com/	224 B 503 B	101ms 100ms	XHR text/plain	54.164.77.4 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://bf73995led.bf.dynatrace.com/bf?type=js3&sn=v_4_srv_11_sn_I6C2QNL8DII1C5NMU1NDQV8O6IAVIHQU_app-3A189e25234ffe70ce_1_ol_0_perc_100000_mul_1_rcs-3Acss_0&svrid=11&flavor=cors&vi=MUUJDSURHFPWPHEGJCHWLVDKTPCNGUEE-0&modifiedSince=1686062180704&rf=https%3A%2F%2Fsuporte-faturarenner.online%2F&bp=3&app=189e25234ffe70ce&crc=4225948865&en=ovxxhecl&end=1 Requested by Host: js-cdn.dynatrace.com URL: https://js-cdn.dynatrace.com/jstag/157944990f8/bf73995led/189e25234ffe70ce_complete.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.164.77.4 , United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-164-77-4.compute-1.amazonaws.com Software / Resource Hash d4f44080dd6ced5712c4c7ebbfad89717c8587cbe71923b03c73f092135a7b50 Request headers Referer https://suporte-faturarenner.online/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://suporte-faturarenner.online x-oneagent-js-injection true date Wed, 07 Jun 2023 23:46:12 GMT cache-control no-cache content-length 224 content-type text/plain;charset=utf-8

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Realize (Financial)

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless object| onbeforetoggle object| onscrollend object| google_tag_data function| ga object| gaplugins object| google_tag_manager object| dataLayer object| constants object| dT_ object| dtrum object| container string| PMTagObject function| pm object| e object| google_optimize string| u object| gaGlobal object| gaData object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| runTag object| recaptcha

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.suporte-faturarenner.online/	1970-01-20 21:59:01	Name: rxVisitor Value: 1686181566857DV42AGI7S334IBLRB524MA44T22ID4TS
			.suporte-faturarenner.online/	1969-12-31 23:59:59	Name: dtLatC Value: 285
			.suporte-faturarenner.online/	1969-12-31 23:59:59	Name: dtSa Value: -
			.suporte-faturarenner.online/	1970-01-20 21:59:01	Name: _ga Value: GA1.2.344232341.1686181567
			.suporte-faturarenner.online/	1970-01-20 12:24:27	Name: _gid Value: GA1.2.385822423.1686181567
			.suporte-faturarenner.online/	1970-01-20 21:59:01	Name: _pm_id Value: 363041686181567197
			.suporte-faturarenner.online/	1970-01-20 12:23:03	Name: _pm_sid Value: 125001686181567198
			.suporte-faturarenner.online/	1969-12-31 23:59:59	Name: rxvt Value: 1686183367607|1686181566858
			.suporte-faturarenner.online/	1969-12-31 23:59:59	Name: dtCookie Value: v_4_srv_11_sn_I6C2QNL8DII1C5NMU1NDQV8O6IAVIHQU_app-3A189e25234ffe70ce_1_ol_0_perc_100000_mul_1_rcs-3Acss_0
			.suporte-faturarenner.online/	1969-12-31 23:59:59	Name: dtPC Value: 11$181566854_118h-vMUUJDSURHFPWPHEGJCHWLVDKTPCNGUEE-0e0

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__pt_br.js Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://suporte-faturarenner.online/ Message: Refused to execute script from 'https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__pt_br.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://suporte-faturarenner.online/ Message: Refused to execute script from 'https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__pt_br.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
network	error	URL: https://suporte-faturarenner.online/ruxitagentjs_ICA27Vfghjqrux_10249220905100923.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://suporte-faturarenner.online/cartoes-renner/js/3.bundle-b50fd5103304ce6835d8.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://suporte-faturarenner.online/cartoes-renner/js/2.bundle-f1f55db44dc2d8d8d302.js Message: Failed to load resource: the server responded with a status of 404 ()
rendering	error	URL: https://suporte-faturarenner.online/(Line 18827) Message: Error: <path> attribute d: Expected number, "…m-12.272-13.684l6.XMR.166 6.482z…".
rendering	error	URL: https://suporte-faturarenner.online/(Line 18836) Message: Error: <path> attribute d: Expected number, "M243.159 33.328c-XMR16.666-16.66…".
rendering	error	URL: https://suporte-faturarenner.online/(Line 18867) Message: Error: <path> attribute d: Expected number, "M36.XMR01-1.85.83…".
rendering	error	URL: https://suporte-faturarenner.online/(Line 18869) Message: Error: <path> attribute d: Expected number, "M69.628 XMR-2.866-2.612-…".
rendering	error	URL: https://suporte-faturarenner.online/(Line 18921) Message: Error: <svg> attribute viewBox: Expected number, "0 0 500 XMR-14.955-15.07…".
network	error	URL: https://suporte-faturarenner.online/cartoes-renner/js/vendors.bundle-859d26788acf215a201a.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://suporte-faturarenner.online/cartoes-renner/js/main.bundle-af99510fd5623f73dd00.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/styles__ltr.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__pt_br.js Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bf73995led.bf.dynatrace.com
cdn.pmweb.com.br
df.pmweb.com.br
js-cdn.dynatrace.com
s3-sa-east-1.amazonaws.com
suporte-faturarenner.online
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
16.12.1.48
18.229.145.214
2001:4860:4802:32::178
2a00:1450:4001:80b::2004
2a00:1450:4001:82b::2003
2a00:1450:4001:831::2008
2a02:4780:13:1050:0:8f2:1580:2
52.222.236.22
52.67.188.174
54.164.77.4
123357b859bdf7cf216dd9bb672c46f09f08f26a7311259db557e19517ec7f62
2bfce17f48a54a40be23f1ba4bd46ea959948f6e441ed748b70cfb27f164669e
51c71f448c3694843494bd4f716a1081b5b2782ac1fa2082385a4d6f931dbda6
54d626e08c1c802b305dad30b7e54a82f102390cc92c7d4db112048935236e9c
5f1b8b3642683b573e7c118f095529eb2e9ad84505089192e679cae2900ac8a7
64cd90f65a71e170a8c44126b4d5f51a71268f50d1712e8aa771d151acca787b
85eacdafde742d4a0adf36435a7b65dcf3ee8239297a51c8c637b811dd089dff
9012e3d532efa5e0209f503e6694c19bce0539862b209f4a4e2da148f9d194bb
94c081e2ae2f0618d1661bb9267a2ae65addb921bef6464fb1dd7169bd5f55c6
a939c3ed03028457c9dad11d14a276c719fa8903668748e275abf42d7c621c58
d2652086400fd94b6937f5bf584e89830208944ef80ee40723455f6d26f0c40e
d4f44080dd6ced5712c4c7ebbfad89717c8587cbe71923b03c73f092135a7b50
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44