urlscan.io logo urlscan.io
SecurityTrails logo

44.224.35.18 Open in urlscan Pro
44.224.35.18  Public Scan

Go To Rescan Add Verdict Report
URL: http://44.224.35.18/
Submission: On October 20 via manual from BR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 1 countries across 3 domains to perform 10 HTTP transactions. The main IP is 44.224.35.18, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is 44.224.35.18.
This is the only time 44.224.35.18 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 44.224.35.18 16509 (AMAZON-02)
1 151.101.128.114 54113 (FASTLY)
2 2620:1ec:bdf::45 8075 (MICROSOFT...)
1 3.162.38.26 16509 (AMAZON-02)
1 20.119.174.243 8075 (MICROSOFT...)
10 5
5    44.224.35.18 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-224-35-18.us-west-2.compute.amazonaws.com
44.224.35.18
1    151.101.128.114 (United States)

ASN54113 (FASTLY, US)
cdn.evgnet.com
2    2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    3.162.38.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-38-26.cdg52.r.cloudfront.net
static.hotjar.com
1    20.119.174.243 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
r.clarity.ms
Apex Domain
Subdomains		 Transfer
3 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 998
r.clarity.ms — Cisco Umbrella Rank: 7995
26 KB
1 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 901
4 KB
1 evgnet.com
cdn.evgnet.com — Cisco Umbrella Rank: 4654
43 KB
10 3
Domain Requested by
2 www.clarity.ms 44.224.35.18
www.clarity.ms
1 r.clarity.ms www.clarity.ms
1 static.hotjar.com 44.224.35.18
1 cdn.evgnet.com 44.224.35.18
10 4

This site contains no links.

Subject Issuer Validity Valid
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-08-29 -
2024-08-29		 a year crt.sh
*.hotjar.com
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 06		 2023-02-13 -
2024-02-08		 a year crt.sh

This page contains 1 frames:

Primary Page: http://44.224.35.18/
Frame ID: 4BC07E3629D21F605CEAB1A5833271A8
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Compra e venda de carros novos e semi novos, motos e caminhões - Meu Carro Novo

Detected technologies

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

10
Requests

40 %
HTTPS

20 %
IPv6

3
Domains

4
Subdomains

5
IPs

1
Countries

173 kB
Transfer

740 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
44.224.35.18/ 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://44.224.35.18/
Protocol
HTTP/1.1
Server
44.224.35.18 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-224-35-18.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
4e202031a8e674f39d0cdfe4bf6b3e1459cd02470945ef84d2c2574f3eac8b07
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self' *.meucarronovo.com.br *.gstatic.com *.googleapis.com *.artfut.com; img-src 'unsafe-inline' 'self' data: https:; script-src 'self' *.meucarronovo.com.br 'unsafe-inline' 'unsafe-eval' *.facebook.net *.google.com *.googlesyndication.com *.google.com.br *.googletagmanager.com *.gstatic.com *.googleapis.com *.googletagservices.com *.google-analytics.com *.googleadservices.com citydsp.com cityadspix.com *.citydsp.com *.criteo.net *.criteo.com *.trovit.com *.artfut.com *.getblue.io *.enviou.com.br *.clarity.ms *.doubleclick.net *.hotjar.com *.adobedtm.com *.evergage.com *.evgnet.com action.metaffiliation.com cdn.cookielaw.org *.ampproject.org x.cnt.my retagro.com anilima.com; font-src 'self' *.meucarronovo.com.br *.gstatic.com *.googleapis.com *.hotjar.com; connect-src 'self' *.meucarronovo.com.br *.facebook.net *.facebook.com *.googlesyndication.com *.google.com.br *.google.com *.googletagservices.com *.googletagmanager.com *.googleadservices.com *.googleapis.com *.google-analytics.com *.gstatic.com *.go2cloud.org citydsp.com cityadspix.com *.citydsp.com *.criteo.com *.criteo.net *.trovit.com *.admitad.com *.artfut.com *.getblue.io *.enviou.com.br *.clarity.ms *.doubleclick.net *.hotjar.com *.hotjar.io *.adobedtm.com *.demdex.net limaaudit.azurewebsites.net *.evergage.com *.evgnet.com action.metaffiliation.com cdn.cookielaw.org *.onetrust.com votorantim.sc.omtrdc.net retagro.com anilima.com; frame-src 'self' *.meucarronovo.com.br *.google.com *.googlesyndication.com *.googletagmanager.com *.criteo.com *.criteo.net *.getblue.io *.doubleclick.net *.hotjar.com *.demdex.net
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://api.meucarronovo.com.br
Connection
keep-alive
Content-Length
2043
Content-Security-Policy
default-src 'unsafe-inline' 'self' *.meucarronovo.com.br *.gstatic.com *.googleapis.com *.artfut.com; img-src 'unsafe-inline' 'self' data: https:; script-src 'self' *.meucarronovo.com.br 'unsafe-inline' 'unsafe-eval' *.facebook.net *.google.com *.googlesyndication.com *.google.com.br *.googletagmanager.com *.gstatic.com *.googleapis.com *.googletagservices.com *.google-analytics.com *.googleadservices.com citydsp.com cityadspix.com *.citydsp.com *.criteo.net *.criteo.com *.trovit.com *.artfut.com *.getblue.io *.enviou.com.br *.clarity.ms *.doubleclick.net *.hotjar.com *.adobedtm.com *.evergage.com *.evgnet.com action.metaffiliation.com cdn.cookielaw.org *.ampproject.org x.cnt.my retagro.com anilima.com; font-src 'self' *.meucarronovo.com.br *.gstatic.com *.googleapis.com *.hotjar.com; connect-src 'self' *.meucarronovo.com.br *.facebook.net *.facebook.com *.googlesyndication.com *.google.com.br *.google.com *.googletagservices.com *.googletagmanager.com *.googleadservices.com *.googleapis.com *.google-analytics.com *.gstatic.com *.go2cloud.org citydsp.com cityadspix.com *.citydsp.com *.criteo.com *.criteo.net *.trovit.com *.admitad.com *.artfut.com *.getblue.io *.enviou.com.br *.clarity.ms *.doubleclick.net *.hotjar.com *.hotjar.io *.adobedtm.com *.demdex.net limaaudit.azurewebsites.net *.evergage.com *.evgnet.com action.metaffiliation.com cdn.cookielaw.org *.onetrust.com votorantim.sc.omtrdc.net retagro.com anilima.com; frame-src 'self' *.meucarronovo.com.br *.google.com *.googlesyndication.com *.googletagmanager.com *.criteo.com *.criteo.net *.getblue.io *.doubleclick.net *.hotjar.com *.demdex.net
Content-Type
text/html
Date
Fri, 20 Oct 2023 20:19:08 GMT
X-Frame-Options
SAMEORIGIN
accept-ranges
bytes
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
gzip
expires
0
last-modified
Wed, 13 Sep 2023 13:52:26 GMT
pragma
no-cache
vary
Accept-Encoding,User-Agent
x-envoy-upstream-service-time
2
x-xss-protection
1; mode=block
evergage.min.js
cdn.evgnet.com/beacon/bancovotorantim/mcnt_prd/scripts/ 		152 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.evgnet.com/beacon/bancovotorantim/mcnt_prd/scripts/evergage.min.js
Requested by
Host: 44.224.35.18
URL: http://44.224.35.18/
Protocol
HTTP/1.1
Server
151.101.128.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e8b3ae053b8588d246f14b30b0be0b8710e2353a6dbae36410b903e893aaab74

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://44.224.35.18/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
5mszeTwp.__es5P02N1iz0wpNzVLulFs
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Date
Fri, 20 Oct 2023 20:19:08 GMT
x-amz-request-id
SY27CZ9GVTD37140
Age
95
x-amz-server-side-encryption
AES256
X-Cache
HIT, HIT
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
43435
x-amz-id-2
phaRSUASCX9jcb1nPcO7QfP30im90sdgLCH0OGMNunBU327nlLB4a9SfmCU0WQOByKiRik4KD44=
X-Served-By
cache-iad-kjyo7100045-IAD, cache-fra-eddf8230028-FRA
x-amz-meta-evergage-sum
4c2baea28b6171a59f40636111f3d826a050fbee
Last-Modified
Fri, 06 Oct 2023 01:38:57 GMT
Server
AmazonS3
X-Timer
S1697833149.623217,VS0,VE94
ETag
"213b21b12e2c84733e950a8fccd83375"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=120
Accept-Ranges
bytes
Timing-Allow-Origin
*
x-amz-meta-evergage-beacon-ver
16
X-Cache-Hits
53829, 1
styles.73f1eabcef073c40eab9.css
44.224.35.18/ 		125 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://44.224.35.18/styles.73f1eabcef073c40eab9.css
Requested by
Host: 44.224.35.18
URL: http://44.224.35.18/
Protocol
HTTP/1.1
Server
44.224.35.18 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-224-35-18.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
cddc619b1f0afb835f5f01f8f09851f24a20b831ad344d8d61384e96a8836c87
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self' *.meucarronovo.com.br *.gstatic.com *.googleapis.com *.artfut.com; img-src 'unsafe-inline' 'self' data: https:; script-src 'self' *.meucarronovo.com.br 'unsafe-inline' 'unsafe-eval' *.facebook.net *.google.com *.googlesyndication.com *.google.com.br *.googletagmanager.com *.gstatic.com *.googleapis.com *.googletagservices.com *.google-analytics.com *.googleadservices.com citydsp.com cityadspix.com *.citydsp.com *.criteo.net *.criteo.com *.trovit.com *.artfut.com *.getblue.io *.enviou.com.br *.clarity.ms *.doubleclick.net *.hotjar.com *.adobedtm.com *.evergage.com *.evgnet.com action.metaffiliation.com cdn.cookielaw.org *.ampproject.org x.cnt.my retagro.com anilima.com; font-src 'self' *.meucarronovo.com.br *.gstatic.com *.googleapis.com *.hotjar.com; connect-src 'self' *.meucarronovo.com.br *.facebook.net *.facebook.com *.googlesyndication.com *.google.com.br *.google.com *.googletagservices.com *.googletagmanager.com *.googleadservices.com *.googleapis.com *.google-analytics.com *.gstatic.com *.go2cloud.org citydsp.com cityadspix.com *.citydsp.com *.criteo.com *.criteo.net *.trovit.com *.admitad.com *.artfut.com *.getblue.io *.enviou.com.br *.clarity.ms *.doubleclick.net *.hotjar.com *.hotjar.io *.adobedtm.com *.demdex.net limaaudit.azurewebsites.net *.evergage.com *.evgnet.com action.metaffiliation.com cdn.cookielaw.org *.onetrust.com votorantim.sc.omtrdc.net retagro.com anilima.com; frame-src 'self' *.meucarronovo.com.br *.google.com *.googlesyndication.com *.googletagmanager.com *.criteo.com *.criteo.net *.getblue.io *.doubleclick.net *.hotjar.com *.demdex.net
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://44.224.35.18/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Security-Policy
default-src 'unsafe-inline' 'self' *.meucarronovo.com.br *.gstatic.com *.googleapis.com *.artfut.com; img-src 'unsafe-inline' 'self' data: https:; script-src 'self' *.meucarronovo.com.br 'unsafe-inline' 'unsafe-eval' *.facebook.net *.google.com *.googlesyndication.com *.google.com.br *.googletagmanager.com *.gstatic.com *.googleapis.com *.googletagservices.com *.google-analytics.com *.googleadservices.com citydsp.com cityadspix.com *.citydsp.com *.criteo.net *.criteo.com *.trovit.com *.artfut.com *.getblue.io *.enviou.com.br *.clarity.ms *.doubleclick.net *.hotjar.com *.adobedtm.com *.evergage.com *.evgnet.com action.metaffiliation.com cdn.cookielaw.org *.ampproject.org x.cnt.my retagro.com anilima.com; font-src 'self' *.meucarronovo.com.br *.gstatic.com *.googleapis.com *.hotjar.com; connect-src 'self' *.meucarronovo.com.br *.facebook.net *.facebook.com *.googlesyndication.com *.google.com.br *.google.com *.googletagservices.com *.googletagmanager.com *.googleadservices.com *.googleapis.com *.google-analytics.com *.gstatic.com *.go2cloud.org citydsp.com cityadspix.com *.citydsp.com *.criteo.com *.criteo.net *.trovit.com *.admitad.com *.artfut.com *.getblue.io *.enviou.com.br *.clarity.ms *.doubleclick.net *.hotjar.com *.hotjar.io *.adobedtm.com *.demdex.net limaaudit.azurewebsites.net *.evergage.com *.evgnet.com action.metaffiliation.com cdn.cookielaw.org *.onetrust.com votorantim.sc.omtrdc.net retagro.com anilima.com; frame-src 'self' *.meucarronovo.com.br *.google.com *.googlesyndication.com *.googletagmanager.com *.criteo.com *.criteo.net *.getblue.io *.doubleclick.net *.hotjar.com *.demdex.net
content-encoding
gzip
Date
Fri, 20 Oct 2023 20:19:08 GMT
x-envoy-upstream-service-time
4
Connection
keep-alive
Content-Length
16857
x-xss-protection
1; mode=block
last-modified
Wed, 13 Sep 2023 13:52:26 GMT
etag
"1f57d-6053dde9ee620-gzip"
vary
Accept-Encoding,User-Agent
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/css
Access-Control-Allow-Origin
https://api.meucarronovo.com.br
cache-control
max-age=31536000
X-Frame-Options
SAMEORIGIN
accept-ranges
bytes
expires
Sat, 19 Oct 2024 20:19:08 GMT
runtime.d6d0b3b4fc459f8a0123.js
44.224.35.18/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://44.224.35.18/runtime.d6d0b3b4fc459f8a0123.js
Requested by
Host: 44.224.35.18
URL: http://44.224.35.18/
Protocol
HTTP/1.1
Server
44.224.35.18 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-224-35-18.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
7cb200b9d7124f66a04656809706741e0c29c2613dd820c7407ddf1553ae3234
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self' *.meucarronovo.com.br *.gstatic.com *.googleapis.com *.artfut.com; img-src 'unsafe-inline' 'self' data: https:; script-src 'self' *.meucarronovo.com.br 'unsafe-inline' 'unsafe-eval' *.facebook.net *.google.com *.googlesyndication.com *.google.com.br *.googletagmanager.com *.gstatic.com *.googleapis.com *.googletagservices.com *.google-analytics.com *.googleadservices.com citydsp.com cityadspix.com *.citydsp.com *.criteo.net *.criteo.com *.trovit.com *.artfut.com *.getblue.io *.enviou.com.br *.clarity.ms *.doubleclick.net *.hotjar.com *.adobedtm.com *.evergage.com *.evgnet.com action.metaffiliation.com cdn.cookielaw.org *.ampproject.org x.cnt.my retagro.com anilima.com; font-src 'self' *.meucarronovo.com.br *.gstatic.com *.googleapis.com *.hotjar.com; connect-src 'self' *.meucarronovo.com.br *.facebook.net *.facebook.com *.googlesyndication.com *.google.com.br *.google.com *.googletagservices.com *.googletagmanager.com *.googleadservices.com *.googleapis.com *.google-analytics.com *.gstatic.com *.go2cloud.org citydsp.com cityadspix.com *.citydsp.com *.criteo.com *.criteo.net *.trovit.com *.admitad.com *.artfut.com *.getblue.io *.enviou.com.br *.clarity.ms *.doubleclick.net *.hotjar.com *.hotjar.io *.adobedtm.com *.demdex.net limaaudit.azurewebsites.net *.evergage.com *.evgnet.com action.metaffiliation.com cdn.cookielaw.org *.onetrust.com votorantim.sc.omtrdc.net retagro.com anilima.com; frame-src 'self' *.meucarronovo.com.br *.google.com *.googlesyndication.com *.googletagmanager.com *.criteo.com *.criteo.net *.getblue.io *.doubleclick.net *.hotjar.com *.demdex.net
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://44.224.35.18/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Security-Policy
default-src 'unsafe-inline' 'self' *.meucarronovo.com.br *.gstatic.com *.googleapis.com *.artfut.com; img-src 'unsafe-inline' 'self' data: https:; script-src 'self' *.meucarronovo.com.br 'unsafe-inline' 'unsafe-eval' *.facebook.net *.google.com *.googlesyndication.com *.google.com.br *.googletagmanager.com *.gstatic.com *.googleapis.com *.googletagservices.com *.google-analytics.com *.googleadservices.com citydsp.com cityadspix.com *.citydsp.com *.criteo.net *.criteo.com *.trovit.com *.artfut.com *.getblue.io *.enviou.com.br *.clarity.ms *.doubleclick.net *.hotjar.com *.adobedtm.com *.evergage.com *.evgnet.com action.metaffiliation.com cdn.cookielaw.org *.ampproject.org x.cnt.my retagro.com anilima.com; font-src 'self' *.meucarronovo.com.br *.gstatic.com *.googleapis.com *.hotjar.com; connect-src 'self' *.meucarronovo.com.br *.facebook.net *.facebook.com *.googlesyndication.com *.google.com.br *.google.com *.googletagservices.com *.googletagmanager.com *.googleadservices.com *.googleapis.com *.google-analytics.com *.gstatic.com *.go2cloud.org citydsp.com cityadspix.com *.citydsp.com *.criteo.com *.criteo.net *.trovit.com *.admitad.com *.artfut.com *.getblue.io *.enviou.com.br *.clarity.ms *.doubleclick.net *.hotjar.com *.hotjar.io *.adobedtm.com *.demdex.net limaaudit.azurewebsites.net *.evergage.com *.evgnet.com action.metaffiliation.com cdn.cookielaw.org *.onetrust.com votorantim.sc.omtrdc.net retagro.com anilima.com; frame-src 'self' *.meucarronovo.com.br *.google.com *.googlesyndication.com *.googletagmanager.com *.criteo.com *.criteo.net *.getblue.io *.doubleclick.net *.hotjar.com *.demdex.net
content-encoding
gzip
Date
Fri, 20 Oct 2023 20:19:08 GMT
x-envoy-upstream-service-time
1
Connection
keep-alive
Content-Length
1191
x-xss-protection
1; mode=block
last-modified
Wed, 13 Sep 2023 13:52:26 GMT
etag
"8fe-6053dde9ee238-gzip"
vary
Accept-Encoding,User-Agent
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
https://api.meucarronovo.com.br
cache-control
max-age=31536000
X-Frame-Options
SAMEORIGIN
accept-ranges
bytes
expires
Sat, 19 Oct 2024 20:19:08 GMT
polyfills.efccacc7c3ede26b3cb0.js
44.224.35.18/ 		230 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://44.224.35.18/polyfills.efccacc7c3ede26b3cb0.js
Requested by
Host: 44.224.35.18
URL: http://44.224.35.18/
Protocol
HTTP/1.1
Server
44.224.35.18 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-224-35-18.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
652324ef16d150dd3d339162fc3848ee63f913d39b069af83eb0c2c9d71b54fb
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self' *.meucarronovo.com.br *.gstatic.com *.googleapis.com *.artfut.com; img-src 'unsafe-inline' 'self' data: https:; script-src 'self' *.meucarronovo.com.br 'unsafe-inline' 'unsafe-eval' *.facebook.net *.google.com *.googlesyndication.com *.google.com.br *.googletagmanager.com *.gstatic.com *.googleapis.com *.googletagservices.com *.google-analytics.com *.googleadservices.com citydsp.com cityadspix.com *.citydsp.com *.criteo.net *.criteo.com *.trovit.com *.artfut.com *.getblue.io *.enviou.com.br *.clarity.ms *.doubleclick.net *.hotjar.com *.adobedtm.com *.evergage.com *.evgnet.com action.metaffiliation.com cdn.cookielaw.org *.ampproject.org x.cnt.my retagro.com anilima.com; font-src 'self' *.meucarronovo.com.br *.gstatic.com *.googleapis.com *.hotjar.com; connect-src 'self' *.meucarronovo.com.br *.facebook.net *.facebook.com *.googlesyndication.com *.google.com.br *.google.com *.googletagservices.com *.googletagmanager.com *.googleadservices.com *.googleapis.com *.google-analytics.com *.gstatic.com *.go2cloud.org citydsp.com cityadspix.com *.citydsp.com *.criteo.com *.criteo.net *.trovit.com *.admitad.com *.artfut.com *.getblue.io *.enviou.com.br *.clarity.ms *.doubleclick.net *.hotjar.com *.hotjar.io *.adobedtm.com *.demdex.net limaaudit.azurewebsites.net *.evergage.com *.evgnet.com action.metaffiliation.com cdn.cookielaw.org *.onetrust.com votorantim.sc.omtrdc.net retagro.com anilima.com; frame-src 'self' *.meucarronovo.com.br *.google.com *.googlesyndication.com *.googletagmanager.com *.criteo.com *.criteo.net *.getblue.io *.doubleclick.net *.hotjar.com *.demdex.net
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://44.224.35.18/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Security-Policy
default-src 'unsafe-inline' 'self' *.meucarronovo.com.br *.gstatic.com *.googleapis.com *.artfut.com; img-src 'unsafe-inline' 'self' data: https:; script-src 'self' *.meucarronovo.com.br 'unsafe-inline' 'unsafe-eval' *.facebook.net *.google.com *.googlesyndication.com *.google.com.br *.googletagmanager.com *.gstatic.com *.googleapis.com *.googletagservices.com *.google-analytics.com *.googleadservices.com citydsp.com cityadspix.com *.citydsp.com *.criteo.net *.criteo.com *.trovit.com *.artfut.com *.getblue.io *.enviou.com.br *.clarity.ms *.doubleclick.net *.hotjar.com *.adobedtm.com *.evergage.com *.evgnet.com action.metaffiliation.com cdn.cookielaw.org *.ampproject.org x.cnt.my retagro.com anilima.com; font-src 'self' *.meucarronovo.com.br *.gstatic.com *.googleapis.com *.hotjar.com; connect-src 'self' *.meucarronovo.com.br *.facebook.net *.facebook.com *.googlesyndication.com *.google.com.br *.google.com *.googletagservices.com *.googletagmanager.com *.googleadservices.com *.googleapis.com *.google-analytics.com *.gstatic.com *.go2cloud.org citydsp.com cityadspix.com *.citydsp.com *.criteo.com *.criteo.net *.trovit.com *.admitad.com *.artfut.com *.getblue.io *.enviou.com.br *.clarity.ms *.doubleclick.net *.hotjar.com *.hotjar.io *.adobedtm.com *.demdex.net limaaudit.azurewebsites.net *.evergage.com *.evgnet.com action.metaffiliation.com cdn.cookielaw.org *.onetrust.com votorantim.sc.omtrdc.net retagro.com anilima.com; frame-src 'self' *.meucarronovo.com.br *.google.com *.googlesyndication.com *.googletagmanager.com *.criteo.com *.criteo.net *.getblue.io *.doubleclick.net *.hotjar.com *.demdex.net
content-encoding
gzip
Date
Fri, 20 Oct 2023 20:19:08 GMT
transfer-encoding
chunked
x-envoy-upstream-service-time
13
Connection
keep-alive
x-xss-protection
1; mode=block
last-modified
Wed, 13 Sep 2023 13:52:26 GMT
etag
"398e4-6053dde9ee238-gzip"
vary
Accept-Encoding,User-Agent
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
https://api.meucarronovo.com.br
cache-control
max-age=31536000
X-Frame-Options
SAMEORIGIN
accept-ranges
bytes
expires
Sat, 19 Oct 2024 20:19:08 GMT
main.61650511442041983139.js
44.224.35.18/ 		152 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
http://44.224.35.18/main.61650511442041983139.js
Requested by
Host: 44.224.35.18
URL: http://44.224.35.18/
Protocol
HTTP/1.1
Server
44.224.35.18 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-224-35-18.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self' *.meucarronovo.com.br *.gstatic.com *.googleapis.com *.artfut.com; img-src 'unsafe-inline' 'self' data: https:; script-src 'self' *.meucarronovo.com.br 'unsafe-inline' 'unsafe-eval' *.facebook.net *.google.com *.googlesyndication.com *.google.com.br *.googletagmanager.com *.gstatic.com *.googleapis.com *.googletagservices.com *.google-analytics.com *.googleadservices.com citydsp.com cityadspix.com *.citydsp.com *.criteo.net *.criteo.com *.trovit.com *.artfut.com *.getblue.io *.enviou.com.br *.clarity.ms *.doubleclick.net *.hotjar.com *.adobedtm.com *.evergage.com *.evgnet.com action.metaffiliation.com cdn.cookielaw.org *.ampproject.org x.cnt.my retagro.com anilima.com; font-src 'self' *.meucarronovo.com.br *.gstatic.com *.googleapis.com *.hotjar.com; connect-src 'self' *.meucarronovo.com.br *.facebook.net *.facebook.com *.googlesyndication.com *.google.com.br *.google.com *.googletagservices.com *.googletagmanager.com *.googleadservices.com *.googleapis.com *.google-analytics.com *.gstatic.com *.go2cloud.org citydsp.com cityadspix.com *.citydsp.com *.criteo.com *.criteo.net *.trovit.com *.admitad.com *.artfut.com *.getblue.io *.enviou.com.br *.clarity.ms *.doubleclick.net *.hotjar.com *.hotjar.io *.adobedtm.com *.demdex.net limaaudit.azurewebsites.net *.evergage.com *.evgnet.com action.metaffiliation.com cdn.cookielaw.org *.onetrust.com votorantim.sc.omtrdc.net retagro.com anilima.com; frame-src 'self' *.meucarronovo.com.br *.google.com *.googlesyndication.com *.googletagmanager.com *.criteo.com *.criteo.net *.getblue.io *.doubleclick.net *.hotjar.com *.demdex.net
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://44.224.35.18/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Security-Policy
default-src 'unsafe-inline' 'self' *.meucarronovo.com.br *.gstatic.com *.googleapis.com *.artfut.com; img-src 'unsafe-inline' 'self' data: https:; script-src 'self' *.meucarronovo.com.br 'unsafe-inline' 'unsafe-eval' *.facebook.net *.google.com *.googlesyndication.com *.google.com.br *.googletagmanager.com *.gstatic.com *.googleapis.com *.googletagservices.com *.google-analytics.com *.googleadservices.com citydsp.com cityadspix.com *.citydsp.com *.criteo.net *.criteo.com *.trovit.com *.artfut.com *.getblue.io *.enviou.com.br *.clarity.ms *.doubleclick.net *.hotjar.com *.adobedtm.com *.evergage.com *.evgnet.com action.metaffiliation.com cdn.cookielaw.org *.ampproject.org x.cnt.my retagro.com anilima.com; font-src 'self' *.meucarronovo.com.br *.gstatic.com *.googleapis.com *.hotjar.com; connect-src 'self' *.meucarronovo.com.br *.facebook.net *.facebook.com *.googlesyndication.com *.google.com.br *.google.com *.googletagservices.com *.googletagmanager.com *.googleadservices.com *.googleapis.com *.google-analytics.com *.gstatic.com *.go2cloud.org citydsp.com cityadspix.com *.citydsp.com *.criteo.com *.criteo.net *.trovit.com *.admitad.com *.artfut.com *.getblue.io *.enviou.com.br *.clarity.ms *.doubleclick.net *.hotjar.com *.hotjar.io *.adobedtm.com *.demdex.net limaaudit.azurewebsites.net *.evergage.com *.evgnet.com action.metaffiliation.com cdn.cookielaw.org *.onetrust.com votorantim.sc.omtrdc.net retagro.com anilima.com; frame-src 'self' *.meucarronovo.com.br *.google.com *.googlesyndication.com *.googletagmanager.com *.criteo.com *.criteo.net *.getblue.io *.doubleclick.net *.hotjar.com *.demdex.net
content-encoding
gzip
Date
Fri, 20 Oct 2023 20:19:14 GMT
transfer-encoding
chunked
x-envoy-upstream-service-time
5514
Connection
keep-alive
x-xss-protection
1; mode=block
last-modified
Wed, 13 Sep 2023 13:52:26 GMT
etag
"27828e-6053dde9ede50-gzip"
vary
Accept-Encoding,User-Agent
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
https://api.meucarronovo.com.br
cache-control
max-age=31536000
X-Frame-Options
SAMEORIGIN
accept-ranges
bytes
expires
Sat, 19 Oct 2024 20:19:08 GMT
7rdmya2x4h
www.clarity.ms/tag/ 		651 B
1014 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/7rdmya2x4h
Requested by
Host: 44.224.35.18
URL: http://44.224.35.18/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bf7ef0f0f8ee136882502d7c2789ae61093e0aa60ce01206644c5b6135913234

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://44.224.35.18/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires
-1
date
Fri, 20 Oct 2023 20:19:08 GMT
x-azure-ref
20231020T201908Z-wtv98awvat5k55ysr4y4hmunh8000000049g00000000hw88
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
651
request-context
appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0
hotjar-271128.js
static.hotjar.com/c/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-271128.js?sv=6
Requested by
Host: 44.224.35.18
URL: http://44.224.35.18/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.38.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-38-26.cdg52.r.cloudfront.net
Software
/
Resource Hash
9c2136394750957a4e8825306b0c92d67d97e78fd0dfec828528ba1a5d359533
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://44.224.35.18/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Fri, 20 Oct 2023 20:19:08 GMT
via
1.1 0553d2c6f44677bef8e52cfad5faa5ea.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG52-P6
etag
W/7f812046eb6bbf61d43546cd1ed1f40d
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
x-amz-cf-id
eyhtBPAbvmw1ftxG77vj-zrhIYppSoyLkl-FCOYe8rPYDcgNnCqd1w==
clarity.js
www.clarity.ms/s/0.7.12/ 		58 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.12/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/7rdmya2x4h
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
977a886e5d9068b3ed8dde6e511ca22ccf44cbed7fb881d0b8b74619fe462e21

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://44.224.35.18/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 20:19:09 GMT
content-encoding
br
last-modified
Thu, 12 Oct 2023 01:51:26 GMT
etag
W/"0x8DBCAC5BF4C06D9"
vary
Accept-Encoding
x-azure-ref
20231020T201909Z-wtv98awvat5k55ysr4y4hmunh8000000049g00000000hw97
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
eaaf15fb-801e-0077-1479-fefb4f000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
collect
r.clarity.ms/ 		0
291 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.12/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
http://44.224.35.18/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Access-Control-Allow-Origin
http://44.224.35.18
Date
Fri, 20 Oct 2023 20:19:09 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| clarity object| Evergage string| VE_CUSTOM_EVENT_NAME string| TO_LAUNCHER_MESSAGE_TYPE string| TO_LAUNCHER_PAYLOAD_TYPE object| eventLinkId object| evgr function| sendMessageToEvergageLauncher number| evergageBeaconParseTimeStart object| SalesforceInteractions number| evergageBeaconParseTimeEnd function| render number| evergagePageMatchTimeout function| hj object| _hjSettings object| hjSiteSettings function| hjBootstrap object| hjLazyModules object| webpackJsonp object| core object| __core-js_shared__ function| Zone function| __zone_symbol__Promise function| __zone_symbol__ZoneAwarePromise function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners

5 Cookies

Domain/Path Name / Value
44.224.35.18/ Name: _sfid_73ea
Value: {%22anonymousId%22:%2205bbba3a4bb91657%22}
44.224.35.18/ Name: _evga_5f9a
Value: {%22uuid%22:%2205bbba3a4bb91657%22}
www.clarity.ms/ Name: CLID
Value: e1a826e6a7d844fa828ed3acf0bb49e0.20231020.20241019
44.224.35.18/ Name: _clck
Value: 1cf6vqi|2|fg0|0|1388
44.224.35.18/ Name: _clsk
Value: 10cq1dd|1697833149494|1|1|r.clarity.ms/collect

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'unsafe-inline' 'self' *.meucarronovo.com.br *.gstatic.com *.googleapis.com *.artfut.com; img-src 'unsafe-inline' 'self' data: https:; script-src 'self' *.meucarronovo.com.br 'unsafe-inline' 'unsafe-eval' *.facebook.net *.google.com *.googlesyndication.com *.google.com.br *.googletagmanager.com *.gstatic.com *.googleapis.com *.googletagservices.com *.google-analytics.com *.googleadservices.com citydsp.com cityadspix.com *.citydsp.com *.criteo.net *.criteo.com *.trovit.com *.artfut.com *.getblue.io *.enviou.com.br *.clarity.ms *.doubleclick.net *.hotjar.com *.adobedtm.com *.evergage.com *.evgnet.com action.metaffiliation.com cdn.cookielaw.org *.ampproject.org x.cnt.my retagro.com anilima.com; font-src 'self' *.meucarronovo.com.br *.gstatic.com *.googleapis.com *.hotjar.com; connect-src 'self' *.meucarronovo.com.br *.facebook.net *.facebook.com *.googlesyndication.com *.google.com.br *.google.com *.googletagservices.com *.googletagmanager.com *.googleadservices.com *.googleapis.com *.google-analytics.com *.gstatic.com *.go2cloud.org citydsp.com cityadspix.com *.citydsp.com *.criteo.com *.criteo.net *.trovit.com *.admitad.com *.artfut.com *.getblue.io *.enviou.com.br *.clarity.ms *.doubleclick.net *.hotjar.com *.hotjar.io *.adobedtm.com *.demdex.net limaaudit.azurewebsites.net *.evergage.com *.evgnet.com action.metaffiliation.com cdn.cookielaw.org *.onetrust.com votorantim.sc.omtrdc.net retagro.com anilima.com; frame-src 'self' *.meucarronovo.com.br *.google.com *.googlesyndication.com *.googletagmanager.com *.criteo.com *.criteo.net *.getblue.io *.doubleclick.net *.hotjar.com *.demdex.net
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block