doeagora.caminhoseguro.com Open in urlscan Pro
52.202.168.65 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://doeagora.caminhoseguro.com/
Submission: On July 10 via automatic, source certstream-suspicious (July 10th 2024, 12:21:33 am UTC) — Scanned from DE

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 4 countries across 6 domains to perform 17 HTTP transactions. The main IP is 52.202.168.65, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is doeagora.caminhoseguro.com.
TLS certificate: Issued by R11 on July 9th 2024. Valid for: 3 months.

This is the only time doeagora.caminhoseguro.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	52.202.168.65 52.202.168.65	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	20.114.189.70 20.114.189.70	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	18.66.122.8 18.66.122.8	16509 (AMAZON-02) (AMAZON-02)
1	151.101.0.193 151.101.0.193	54113 (FASTLY) (FASTLY)
1 2	13.74.129.1 13.74.129.1	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	186.226.58.36 186.226.58.36	262954 (VirtuaSer...) (VirtuaServer Informatica Ltda)
17	9

7 52.202.168.65 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-168-65.compute-1.amazonaws.com

doeagora.caminhoseguro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.114.189.70 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

t.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.122.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-8.fra60.r.cloudfront.net

rec.smartlook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.0.193 (San Francisco, United States)

ASN54113 (FASTLY, US)

pa1.narvii.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.74.129.1 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 186.226.58.36 (Rio de Janeiro, Brazil)

ASN262954 (VirtuaServer Informatica Ltda, BR)
PTR: da02.sh15.net

caminhoseguro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	caminhoseguro.com doeagora.caminhoseguro.com caminhoseguro.com	1 MB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1094 t.clarity.ms — Cisco Umbrella Rank: 9056 c.clarity.ms — Cisco Umbrella Rank: 1823	28 KB
2	smartlook.com rec.smartlook.com — Cisco Umbrella Rank: 51132	27 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 379	771 B
1	narvii.com pa1.narvii.com — Cisco Umbrella Rank: 242168	386 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 108	1 KB
17	6

	Domain	Requested by
7	doeagora.caminhoseguro.com	doeagora.caminhoseguro.com
2	c.clarity.ms	1 redirects
2	rec.smartlook.com	doeagora.caminhoseguro.com rec.smartlook.com
2	t.clarity.ms	www.clarity.ms
2	www.clarity.ms	doeagora.caminhoseguro.com www.clarity.ms
1	caminhoseguro.com
1	c.bing.com	1 redirects
1	pa1.narvii.com	doeagora.caminhoseguro.com
1	fonts.googleapis.com	doeagora.caminhoseguro.com
17	9

This site contains no links.

Subject Issuer	Validity	Valid
doeagora.caminhoseguro.com R11	`2024-07-09` - `2024-10-07`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh
web-sdk.smartlook.com Amazon RSA 2048 M02	`2024-06-13` - `2025-07-12`	a year	crt.sh
pa1.aminoapps.com R3	`2024-05-11` - `2024-08-09`	3 months	crt.sh
caminhoseguro.com ZeroSSL ECC Domain Secure Site CA	`2024-05-24` - `2024-08-22`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://doeagora.caminhoseguro.com/
Frame ID: 07FF1106889F1D7CD4637F8129B490E8
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Doe - Jesus Caminho Seguro

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Ant Design (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]*class="ant-(?:btn|col|row|layout|breadcrumb|menu|pagination|steps|select|cascader|checkbox|calendar|form|input-number|input|mention|rate|radio|slider|switch|tree-select|time-picker|transfer|upload|avatar|badge|card|carousel|collapse|list|popover|tooltip|table|tabs|tag|timeline|tree|alert|modal|message|notification|progress|popconfirm|spin|anchor|back-top|divider|drawer)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

17
Requests

94 %
HTTPS

33 %
IPv6

6
Domains

9
Subdomains

9
IPs

4
Countries

1694 kB
Transfer

1780 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=7537E28AE41F4A2598377089BF39A35F&RedC=c.clarity.ms&MXFR=25FA4F518A766FBD254E5BE98E7661C0 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7537E28AE41F4A2598377089BF39A35F&MUID=246D0755AEB068C40C7513EDAF1C69F5

17 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
doeagora.caminhoseguro.com/ 3 KB
4 KB 399ms
122ms Document
text/html 52.202.168.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://doeagora.caminhoseguro.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.202.168.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-202-168-65.compute-1.amazonaws.com
Software: Cowboy / Express
Resource Hash: 375dbcd3b7c09b0212024bacf2638f181e4db7a250afcdc6f10ecc56a46fe5e9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Cache-Control: public, max-age=0
Connection: keep-alive
Content-Length: 3390
Content-Type: text/html; charset=UTF-8
Date: Wed, 10 Jul 2024 00:21:27 GMT
Etag: W/"d3e-18d4689cec8"
Last-Modified: Fri, 26 Jan 2024 16:10:53 GMT
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1720570887&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=71O3MXhN%2FYiBSew%2Bpu5gKwZdf8Fk3BgtQe7E7l%2BwVIk%3D"}]}
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1720570887&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=71O3MXhN%2FYiBSew%2Bpu5gKwZdf8Fk3BgtQe7E7l%2BwVIk%3D
Server: Cowboy
Via: 1.1 vegur
X-Powered-By: Express

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 142ms
52ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600|Montserrat%20Mono|Oswald:300

Requested by

Host: doeagora.caminhoseguro.com
URL: https://doeagora.caminhoseguro.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

659b2172bdd6891466dfc35e8eb5e9d9b228f03db34e8ad697ad569a7627317f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://doeagora.caminhoseguro.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 10 Jul 2024 00:21:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 10 Jul 2024 00:21:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 10 Jul 2024 00:21:28 GMT

GET
H/1.1 200
OK 2.35997b8b.chunk.css
doeagora.caminhoseguro.com/static/css/ 514 KB
515 KB 122ms
121ms Stylesheet
text/css 52.202.168.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://doeagora.caminhoseguro.com/static/css/2.35997b8b.chunk.css
Requested by: Host: doeagora.caminhoseguro.com
URL: https://doeagora.caminhoseguro.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.202.168.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-202-168-65.compute-1.amazonaws.com
Software: Cowboy / Express
Resource Hash: 2096381db5efbfb7c99c80c04b1b84ea474b6c07485e89a965775930557aeeb2

Request headers

Referer: https://doeagora.caminhoseguro.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Wed, 10 Jul 2024 00:21:28 GMT
Via: 1.1 vegur
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server: Cowboy
Last-Modified: Fri, 26 Jan 2024 16:10:53 GMT
X-Powered-By: Express
Etag: W/"8090b-18d4689cec8"
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1720570888&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=FQAa3Vr8e4WAhL%2BvfD%2FBvR%2Bj5DOwz1zaWNzAa%2FaPRDc%3D"}]}
Content-Type: text/css; charset=UTF-8
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 526603
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1720570888&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=FQAa3Vr8e4WAhL%2BvfD%2FBvR%2Bj5DOwz1zaWNzAa%2FaPRDc%3D

GET
H/1.1 200
OK main.9ca8df0c.chunk.css
doeagora.caminhoseguro.com/static/css/ 6 KB
7 KB 355ms
119ms Stylesheet
text/css 52.202.168.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://doeagora.caminhoseguro.com/static/css/main.9ca8df0c.chunk.css
Requested by: Host: doeagora.caminhoseguro.com
URL: https://doeagora.caminhoseguro.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.202.168.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-202-168-65.compute-1.amazonaws.com
Software: Cowboy / Express
Resource Hash: d5ba86c61af90005caa4ca6acaa5b61abcd429023516ced243a52e19bd4deae8

Request headers

Referer: https://doeagora.caminhoseguro.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Wed, 10 Jul 2024 00:21:28 GMT
Via: 1.1 vegur
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server: Cowboy
Last-Modified: Fri, 26 Jan 2024 16:10:53 GMT
X-Powered-By: Express
Etag: W/"1801-18d4689cec8"
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1720570888&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=FQAa3Vr8e4WAhL%2BvfD%2FBvR%2Bj5DOwz1zaWNzAa%2FaPRDc%3D"}]}
Content-Type: text/css; charset=UTF-8
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6145
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1720570888&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=FQAa3Vr8e4WAhL%2BvfD%2FBvR%2Bj5DOwz1zaWNzAa%2FaPRDc%3D

GET
H/1.1 200
OK 2.2d6a69dc.chunk.js Show response
doeagora.caminhoseguro.com/static/js/ 582 KB
582 KB 356ms
121ms Script
application/javascript 52.202.168.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://doeagora.caminhoseguro.com/static/js/2.2d6a69dc.chunk.js
Requested by: Host: doeagora.caminhoseguro.com
URL: https://doeagora.caminhoseguro.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.202.168.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-202-168-65.compute-1.amazonaws.com
Software: Cowboy / Express
Resource Hash: 705d46563c0dfd17f1d7c8ae04c0d0672e4554c40c0171686f24330ded4b2d83

Request headers

Referer: https://doeagora.caminhoseguro.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Wed, 10 Jul 2024 00:21:28 GMT
Via: 1.1 vegur
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server: Cowboy
Last-Modified: Fri, 26 Jan 2024 16:10:53 GMT
X-Powered-By: Express
Etag: W/"9167f-18d4689cec8"
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1720570888&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=FQAa3Vr8e4WAhL%2BvfD%2FBvR%2Bj5DOwz1zaWNzAa%2FaPRDc%3D"}]}
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 595583
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1720570888&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=FQAa3Vr8e4WAhL%2BvfD%2FBvR%2Bj5DOwz1zaWNzAa%2FaPRDc%3D

GET
H/1.1 200
OK main.cde057cf.chunk.js Show response
doeagora.caminhoseguro.com/static/js/ 41 KB
42 KB 363ms
123ms Script
application/javascript 52.202.168.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://doeagora.caminhoseguro.com/static/js/main.cde057cf.chunk.js
Requested by: Host: doeagora.caminhoseguro.com
URL: https://doeagora.caminhoseguro.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.202.168.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-202-168-65.compute-1.amazonaws.com
Software: Cowboy / Express
Resource Hash: 0cd3232489c9238d53a0ea30289f442be0fb9beb4d5cd4c8ce99e227bb892080

Request headers

Referer: https://doeagora.caminhoseguro.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Wed, 10 Jul 2024 00:21:28 GMT
Via: 1.1 vegur
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server: Cowboy
Last-Modified: Fri, 26 Jan 2024 16:10:53 GMT
X-Powered-By: Express
Etag: W/"a5c9-18d4689cec8"
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1720570888&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=FQAa3Vr8e4WAhL%2BvfD%2FBvR%2Bj5DOwz1zaWNzAa%2FaPRDc%3D"}]}
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42441
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1720570888&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=FQAa3Vr8e4WAhL%2BvfD%2FBvR%2Bj5DOwz1zaWNzAa%2FaPRDc%3D

GET
H2 200 kqyjf5oflm Show response
www.clarity.ms/tag/ 688 B
1 KB 391ms
236ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/kqyjf5oflm
Requested by: Host: doeagora.caminhoseguro.com
URL: https://doeagora.caminhoseguro.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8004e879ade13e5dff25686a273dbc904e49ccc84e8891d57ec137daa9e40805

Request headers

Referer: https://doeagora.caminhoseguro.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: -1
date: Wed, 10 Jul 2024 00:21:28 GMT
x-azure-ref: 20240710T002128Z-17c86fbf54dk4b52b2vdk4qwf4000000028g0000000008ks
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 688
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.34/ 61 KB
26 KB 81ms
81ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.34/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/kqyjf5oflm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: fffc6ed23cfeabaaace717503bfabd907816869c8c5ff38a2127b8284e8c5988

Request headers

Referer: https://doeagora.caminhoseguro.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 00:21:28 GMT
content-encoding: br
last-modified: Thu, 23 May 2024 23:20:12 GMT
etag: W/"0x8DC7B7EE5574D78"
vary: Accept-Encoding
x-azure-ref: 20240710T002128Z-17c86fbf54dk4b52b2vdk4qwf4000000028g0000000008kx
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 486c2cca-c01e-0014-0bc7-d066b4000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

POST
H/1.1 204
No Content collect Show response
t.clarity.ms/ 0
290 B 407ms
145ms XHR
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.34/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://doeagora.caminhoseguro.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://doeagora.caminhoseguro.com
Date: Wed, 10 Jul 2024 00:21:28 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H2 200 recorder.js Show response
rec.smartlook.com/ 6 KB
2 KB 146ms
42ms Script
application/javascript 18.66.122.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rec.smartlook.com/recorder.js

Requested by

Host: doeagora.caminhoseguro.com
URL: https://doeagora.caminhoseguro.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.8 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-8.fra60.r.cloudfront.net

Software

Resource Hash

7356ec0bd2712727baa8279eedc3064955d96246142c6318541e2392c960586f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://doeagora.caminhoseguro.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: br
x-content-type-options: nosniff
date: Wed, 10 Jul 2024 00:15:11 GMT
via: 1.1 03249875678629095a5ec311a6f1a298.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 377
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 08 Jul 2024 08:28:30 GMT
etag: W/"668ba32e-17d1"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: public, max-age=600
x-amz-cf-id: 63KBRi4YDr2I-yJ5CIT00mW0nhxB2ZS470EVmPf4vJm-lPULqsp0zA==

GET
H2 200 d7996034399bd7a623ea6d57ddded2f4c2dbe0f7_hq.gif
pa1.narvii.com/6459/ 386 KB
386 KB 305ms
206ms Image
image/gif 151.101.0.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pa1.narvii.com/6459/d7996034399bd7a623ea6d57ddded2f4c2dbe0f7_hq.gif

Requested by

Host: doeagora.caminhoseguro.com
URL: https://doeagora.caminhoseguro.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.193 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

21d43bf1560e26e12f843719b81f2cbfddec49578a658c2b8aa023c4253ebdb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://doeagora.caminhoseguro.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 00:21:29 GMT
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=300
age: 0
x-cache: Miss from cloudfront, HIT, HIT
content-length: 394822
x-served-by: cache-pdx12321-PDX, cache-fra-etou8220123-FRA
last-modified: Wed, 10 May 2017 00:14:42 GMT
server: AmazonS3
etag: "413beb2c6e5161a2ce3d00219eae49fb"
content-type: image/gif
access-control-allow-origin: https://aminoapps.com
cache-control: s-max-age: 31536000, max-age: 31536000, public
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 12, 0

GET
H3 200 init.047320bfb81ad62b5d05.js Show response
rec.smartlook.com/es6/ 70 KB
24 KB 83ms
41ms Script
application/javascript 18.66.122.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rec.smartlook.com/es6/init.047320bfb81ad62b5d05.js

Requested by

Host: rec.smartlook.com
URL: https://rec.smartlook.com/recorder.js

Protocol

Security

QUIC, , AES_128_GCM

Server

18.66.122.8 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-8.fra60.r.cloudfront.net

Software

Resource Hash

ee4ab846222c45cfacf5b8dc9fa7e7802838b1de9e85d2bde534cca196177761

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://doeagora.caminhoseguro.com/
Origin: https://doeagora.caminhoseguro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 10:48:05 GMT
strict-transport-security: max-age=31536000, max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
age: 135203
x-amz-cf-pop: FRA60-P2
via: 1.1 03249875678629095a5ec311a6f1a298.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 08 Jul 2024 08:28:30 GMT
etag: W/"668ba32e-11938"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: PH9-ff_TUIa5STWP2UWTWNmqEiGLXPMrZZ_CLgO-uY9IZzyrsezRrQ==

GET
H/1.1 200
OK logo_benfeitores2.df8d99e0.png
doeagora.caminhoseguro.com/static/media/ 28 KB
29 KB 131ms
130ms Image
image/png 52.202.168.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doeagora.caminhoseguro.com/static/media/logo_benfeitores2.df8d99e0.png
Requested by: Host: doeagora.caminhoseguro.com
URL: https://doeagora.caminhoseguro.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.202.168.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-202-168-65.compute-1.amazonaws.com
Software: Cowboy / Express
Resource Hash: 1a95d9f12e2e6174cc6de2958981908531e598fcce8c1c691725edf052675636

Request headers

Referer: https://doeagora.caminhoseguro.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Wed, 10 Jul 2024 00:21:29 GMT
Via: 1.1 vegur
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server: Cowboy
Last-Modified: Fri, 26 Jan 2024 16:10:53 GMT
X-Powered-By: Express
Etag: W/"70c4-18d4689cec8"
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1720570889&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=CdkgFMnXviJEqODVeenT7GHPKF%2BLE6FremEPQE6tSig%3D"}]}
Content-Type: image/png
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 28868
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1720570889&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=CdkgFMnXviJEqODVeenT7GHPKF%2BLE6FremEPQE6tSig%3D

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fdeeecc6f0e7b5b57bfa7c29d9a3d7ab0f8e8def859afacc4ca34afe7088153b

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK sociallis-logo-hor2.989cb543.png
doeagora.caminhoseguro.com/static/media/ 47 KB
48 KB 131ms
131ms Image
image/png 52.202.168.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doeagora.caminhoseguro.com/static/media/sociallis-logo-hor2.989cb543.png
Requested by: Host: doeagora.caminhoseguro.com
URL: https://doeagora.caminhoseguro.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.202.168.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-202-168-65.compute-1.amazonaws.com
Software: Cowboy / Express
Resource Hash: 66dceed803a3058e62952b239e97c93fe3348efd59176d6ca2a1d4c927f31f0e

Request headers

Referer: https://doeagora.caminhoseguro.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Wed, 10 Jul 2024 00:21:29 GMT
Via: 1.1 vegur
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server: Cowboy
Last-Modified: Fri, 26 Jan 2024 16:10:53 GMT
X-Powered-By: Express
Etag: W/"bb70-18d4689cec8"
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1720570889&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=CdkgFMnXviJEqODVeenT7GHPKF%2BLE6FremEPQE6tSig%3D"}]}
Content-Type: image/png
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 47984
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1720570889&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=CdkgFMnXviJEqODVeenT7GHPKF%2BLE6FremEPQE6tSig%3D

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=7537E28AE41F4A2598377089BF39A35F&RedC=c.clarity.ms&MXFR=25FA4F518A766FBD254E5BE98E7661C0
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7537E28AE41F4A2598377089BF39A35F&MUID=246D0755AEB068C40C7513EDAF1C69F5

42 B
465 B

58ms
57ms

Image
image/gif

13.74.129.1
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7537E28AE41F4A2598377089BF39A35F&MUID=246D0755AEB068C40C7513EDAF1C69F5
Protocol: H2
Server: 13.74.129.1 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://doeagora.caminhoseguro.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jul 2024 00:21:29 GMT
last-modified: Tue, 25 Jun 2024 19:30:12 GMT
server: Microsoft-IIS/10.0
etag: "7473f1936c7da1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 10 Jul 2024 00:21:29 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1ED7D6FBC0314EF8A5624222E257E588 Ref B: FRA31EDGE0817 Ref C: 2024-07-10T00:21:29Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7537E28AE41F4A2598377089BF39A35F&MUID=246D0755AEB068C40C7513EDAF1C69F5
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 favicon.jpg
caminhoseguro.com/wp-content/uploads/2024/01/ 24 KB
24 KB 1145ms
454ms Other
image/jpeg 186.226.58.36
VirtuaServer Info...

General

Check archive.org

Show headers Download Go to

Full URL: https://caminhoseguro.com/wp-content/uploads/2024/01/favicon.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.226.58.36 Rio de Janeiro, Brazil, ASN262954 (VirtuaServer Informatica Ltda, BR),
Reverse DNS: da02.sh15.net
Software: Apache/2 /
Resource Hash: 59b6acc6b73ac2b49f4d5d140ce798dd904c9f5fbede5883effe65683016b80f

Request headers

Referer: https://doeagora.caminhoseguro.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 00:21:29 GMT
last-modified: Tue, 02 Jan 2024 20:05:35 GMT
server: Apache/2
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=10368000, public
accept-ranges: bytes
content-length: 24705
expires: Thu, 07 Nov 2024 00:21:29 GMT

POST
H/1.1 204
No Content collect Show response
t.clarity.ms/ 0
290 B 132ms
129ms XHR
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.34/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://doeagora.caminhoseguro.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://doeagora.caminhoseguro.com
Date: Wed, 10 Jul 2024 00:21:30 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.clarity.ms/	1970-01-21 06:41:46	Name: CLID Value: 312004bd749f4f1194ba2eb0c43a635e.20240710.20250710
.caminhoseguro.com/	1970-01-21 06:41:46	Name: _clck Value: 1b6l2we%7C2%7Cfnc%7C0%7C1652
.caminhoseguro.com/	1970-01-20 21:57:37	Name: _clsk Value: 7mz628%7C1720570889047%7C1%7C1%7Ct.clarity.ms%2Fcollect
.bing.com/	1970-01-21 07:17:46	Name: MUID Value: 246D0755AEB068C40C7513EDAF1C69F5
.c.bing.com/	1970-01-20 22:06:15	Name: MR Value: 0
.c.bing.com/	1970-01-21 07:17:46	Name: SRM_B Value: 246D0755AEB068C40C7513EDAF1C69F5
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 07:17:46	Name: MUID Value: 246D0755AEB068C40C7513EDAF1C69F5
.c.clarity.ms/	1970-01-20 22:06:15	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 21:56:11	Name: ANONCHK Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.bing.com
c.clarity.ms
caminhoseguro.com
doeagora.caminhoseguro.com
fonts.googleapis.com
pa1.narvii.com
rec.smartlook.com
t.clarity.ms
www.clarity.ms
13.74.129.1
151.101.0.193
18.66.122.8
186.226.58.36
20.114.189.70
2620:1ec:bdf::45
2620:1ec:c11::237
2a00:1450:4001:802::200a
52.202.168.65
0cd3232489c9238d53a0ea30289f442be0fb9beb4d5cd4c8ce99e227bb892080
1a95d9f12e2e6174cc6de2958981908531e598fcce8c1c691725edf052675636
2096381db5efbfb7c99c80c04b1b84ea474b6c07485e89a965775930557aeeb2
21d43bf1560e26e12f843719b81f2cbfddec49578a658c2b8aa023c4253ebdb2
375dbcd3b7c09b0212024bacf2638f181e4db7a250afcdc6f10ecc56a46fe5e9
59b6acc6b73ac2b49f4d5d140ce798dd904c9f5fbede5883effe65683016b80f
659b2172bdd6891466dfc35e8eb5e9d9b228f03db34e8ad697ad569a7627317f
66dceed803a3058e62952b239e97c93fe3348efd59176d6ca2a1d4c927f31f0e
705d46563c0dfd17f1d7c8ae04c0d0672e4554c40c0171686f24330ded4b2d83
7356ec0bd2712727baa8279eedc3064955d96246142c6318541e2392c960586f
8004e879ade13e5dff25686a273dbc904e49ccc84e8891d57ec137daa9e40805
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
d5ba86c61af90005caa4ca6acaa5b61abcd429023516ced243a52e19bd4deae8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee4ab846222c45cfacf5b8dc9fa7e7802838b1de9e85d2bde534cca196177761
fdeeecc6f0e7b5b57bfa7c29d9a3d7ab0f8e8def859afacc4ca34afe7088153b
fffc6ed23cfeabaaace717503bfabd907816869c8c5ff38a2127b8284e8c5988

doeagora.caminhoseguro.com Open in urlscan Pro 52.202.168.65 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

17 Requests

94 %HTTPS

33 %IPv6

6 Domains

9 Subdomains

9 IPs

4 Countries

1694 kBTransfer

1780 kBSize

10 Cookies

0 Outgoing links

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

10 Cookies

Indicators

doeagora.caminhoseguro.com Open in urlscan Pro
52.202.168.65 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

94 %
HTTPS

33 %
IPv6

6
Domains

9
Subdomains

9
IPs

4
Countries

1694 kB
Transfer

1780 kB
Size

10
Cookies

17 HTTP transactions
1 data transactions