acessarbotaorenner.azurewebsites.net Open in urlscan Pro
20.119.8.29  Malicious Activity! Public Scan

19 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response acessarbotaorenner.azurewebsites.net/renner/	942 KB 135 KB	567ms 227ms	Document text/html	20.119.8.29 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://acessarbotaorenner.azurewebsites.net/renner/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.119.8.29 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx/1.22.1 / PHP/8.2.1 Resource Hash 108edfb0bdb9cfe6f8a0924325598e083793cb7a428e5a9176e64821168b4bed Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Content-Encoding gzip Content-Type text/html; charset=utf-8 Date Mon, 13 Feb 2023 20:32:58 GMT Server nginx/1.22.1 Transfer-Encoding chunked X-Powered-By PHP/8.2.1
GET H2	200	ionicons.esm.js Show response unpkg.com/ionicons@5.5.2/dist/ionicons/	399 B 644 B	37ms 19ms	Script application/javascript	2606:4700::6810:7aaf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/ionicons@5.5.2/dist/ionicons/ionicons.esm.js Requested by Host: acessarbotaorenner.azurewebsites.net URL: https://acessarbotaorenner.azurewebsites.net/renner/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 20193736d900f0b602a678f804676349764578ab2adcd07ffebb6d06df1afd96 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://acessarbotaorenner.azurewebsites.net/ Origin https://acessarbotaorenner.azurewebsites.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers date Mon, 13 Feb 2023 20:32:58 GMT via 1.1 fly.io x-content-type-options nosniff cf-cache-status HIT content-encoding br strict-transport-security max-age=31536000; includeSubDomains; preload age 20351778 last-modified Sat, 26 Oct 1985 08:15:00 GMT fly-request-id 01G67PVMK56PN5KM8G1JRT3F07-fra server cloudflare etag W/"18f-B+zGUTbQ1uVsG8y1uf+53Qdwne0" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 7990561ccaec9054-FRA
GET H2	200	anchor Show response www.google.com/recaptcha/api2/ Frame E005	43 KB 23 KB	59ms 35ms	Document text/html	2a00:1450:4001:831::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcNwW8UAAAAAJ8eSLfer6Z8Lm28favadVWPryjV&co=aHR0cHM6Ly93d3cucmVhbGl6ZXNvbHVjb2VzZmluYW5jZWlyYXMuY29tLmJyOjQ0Mw..&hl=pt-BR&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&badge=inline&cb=2v5tfq911hky Requested by Host: acessarbotaorenner.azurewebsites.net URL: https://acessarbotaorenner.azurewebsites.net/renner/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash cceba7049069b3c0d22b68da355f7d7e2ad263a0fd32a81e23d2acb1b6cf4752 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-lJjBGOcnwOGGyl9asng2cw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://acessarbotaorenner.azurewebsites.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-length 23054 content-security-policy script-src 'report-sample' 'nonce-lJjBGOcnwOGGyl9asng2cw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Mon, 13 Feb 2023 20:32:58 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	p-e26ac56f.js Show response unpkg.com/ionicons@5.5.2/dist/ionicons/	7 KB 4 KB	18ms 18ms	Script application/javascript	2606:4700::6810:7aaf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/ionicons@5.5.2/dist/ionicons/p-e26ac56f.js Requested by Host: acessarbotaorenner.azurewebsites.net URL: https://acessarbotaorenner.azurewebsites.net/renner/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 411ebf3f42ff97b8fdcb02ef60f534e0fd011b86878ec33abf2509b4bfe58037 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://unpkg.com/ionicons@5.5.2/dist/ionicons/ionicons.esm.js Origin https://acessarbotaorenner.azurewebsites.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers date Mon, 13 Feb 2023 20:32:58 GMT via 1.1 fly.io x-content-type-options nosniff cf-cache-status HIT content-encoding br strict-transport-security max-age=31536000; includeSubDomains; preload age 1687064 last-modified Sat, 26 Oct 1985 08:15:00 GMT fly-request-id 01FT83NYRGJE277N57NJX9DGY4 server cloudflare etag W/"1d56-gDHdPSZYuc2h8Mf9Yj/8nfSlS9o" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 7990561d5b939054-FRA
GET H/1.1	200 OK	google-play-badge-reverse.svg www.realizesolucoesfinanceiras.com.br/cartoes-renner/vectors/	11 KB 5 KB	2142ms 266ms	Image image/svg+xml	200.248.113.245 CLARO S.A.
General Check archive.org Show headers Download Go to Show image Full URL https://www.realizesolucoesfinanceiras.com.br/cartoes-renner/vectors/google-play-badge-reverse.svg Requested by Host: acessarbotaorenner.azurewebsites.net URL: https://acessarbotaorenner.azurewebsites.net/renner/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 200.248.113.245 Farroupilha, Brazil, ASN4230 (CLARO S.A., BR), Reverse DNS Software / Resource Hash e946d863a136a09089fd275d574ff3346bad8327d4ef378c06af35872d9fe56d Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://acessarbotaorenner.azurewebsites.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers Date Mon, 13 Feb 2023 20:33:00 GMT Strict-Transport-Security max-age=16070400; includeSubDomains Content-Encoding gzip Last-Modified Tue, 04 Oct 2022 12:17:43 GMT ETag W/"633c2467-2a25" Vary Accept-Encoding X-Frame-Options deny Content-Type image/svg+xml Transfer-Encoding chunked Cache-Control max-age=315360000 Connection keep-alive Server-Timing dtSInfo;desc="1" X-XSS-Protection 1; mode=block Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	celular-login.png www.realizesolucoesfinanceiras.com.br/cartoes-renner/images/	152 KB 153 KB	2143ms 266ms	Image image/png	200.248.113.245 CLARO S.A.
General Check archive.org Show headers Download Go to Show image Full URL https://www.realizesolucoesfinanceiras.com.br/cartoes-renner/images/celular-login.png Requested by Host: acessarbotaorenner.azurewebsites.net URL: https://acessarbotaorenner.azurewebsites.net/renner/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 200.248.113.245 Farroupilha, Brazil, ASN4230 (CLARO S.A., BR), Reverse DNS Software / Resource Hash 7db4ada57262fbacd47bef4e96e3cedda276b9267e6ca4d20adeeb1c24d870b6 Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://acessarbotaorenner.azurewebsites.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers Date Mon, 13 Feb 2023 20:33:00 GMT Strict-Transport-Security max-age=16070400; includeSubDomains Last-Modified Tue, 04 Oct 2022 12:17:43 GMT ETag "633c2467-25e28" X-Frame-Options deny Content-Type image/png Cache-Control max-age=315360000 Connection keep-alive Server-Timing dtSInfo;desc="1" Accept-Ranges bytes Content-Length 155176 X-XSS-Protection 1; mode=block Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	404 Not Found	whatsapp.svg acessarbotaorenner.azurewebsites.net/cartoes-renner/vectors/	0 0	103ms 102ms	Other text/html	20.119.8.29 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://acessarbotaorenner.azurewebsites.net/cartoes-renner/vectors/whatsapp.svg Requested by Host: acessarbotaorenner.azurewebsites.net URL: https://acessarbotaorenner.azurewebsites.net/renner/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.119.8.29 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx/1.22.1 / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://acessarbotaorenner.azurewebsites.net/renner/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers Date Mon, 13 Feb 2023 20:32:58 GMT Content-Encoding gzip Server nginx/1.22.1 Transfer-Encoding chunked Content-Type text/html
GET H/1.1	200 OK	google-play-badge.svg www.realizesolucoesfinanceiras.com.br/cartoes-renner/vectors/	11 KB 5 KB	2142ms 267ms	Image image/svg+xml	200.248.113.245 CLARO S.A.
General Check archive.org Show headers Download Go to Show image Full URL https://www.realizesolucoesfinanceiras.com.br/cartoes-renner/vectors/google-play-badge.svg Requested by Host: acessarbotaorenner.azurewebsites.net URL: https://acessarbotaorenner.azurewebsites.net/renner/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 200.248.113.245 Farroupilha, Brazil, ASN4230 (CLARO S.A., BR), Reverse DNS Software / Resource Hash 8827f96ace2afe4aeff4c33db4ac86193f38a62cb30d9fbba949e0b72c2a55ff Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://acessarbotaorenner.azurewebsites.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers Date Mon, 13 Feb 2023 20:33:00 GMT Strict-Transport-Security max-age=16070400; includeSubDomains Content-Encoding gzip Last-Modified Tue, 04 Oct 2022 12:17:43 GMT ETag W/"633c2467-2a22" Vary Accept-Encoding X-Frame-Options deny Content-Type image/svg+xml Transfer-Encoding chunked Cache-Control max-age=315360000 Connection keep-alive Server-Timing dtSInfo;desc="1" X-XSS-Protection 1; mode=block Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	app-store-badge.svg www.realizesolucoesfinanceiras.com.br/cartoes-renner/vectors/	14 KB 4 KB	2153ms 272ms	Image image/svg+xml	200.248.113.245 CLARO S.A.
General Check archive.org Show headers Download Go to Show image Full URL https://www.realizesolucoesfinanceiras.com.br/cartoes-renner/vectors/app-store-badge.svg Requested by Host: acessarbotaorenner.azurewebsites.net URL: https://acessarbotaorenner.azurewebsites.net/renner/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 200.248.113.245 Farroupilha, Brazil, ASN4230 (CLARO S.A., BR), Reverse DNS Software / Resource Hash 3dd08d21a5c010294a50355af3565a50d08ea4aef83e822114be29171209f109 Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://acessarbotaorenner.azurewebsites.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers Date Mon, 13 Feb 2023 20:33:00 GMT Strict-Transport-Security max-age=16070400; includeSubDomains Content-Encoding gzip Last-Modified Tue, 04 Oct 2022 12:17:43 GMT ETag W/"633c2467-37b6" Vary Accept-Encoding X-Frame-Options deny Content-Type image/svg+xml Transfer-Encoding chunked Cache-Control max-age=315360000 Connection keep-alive Server-Timing dtSInfo;desc="1" X-XSS-Protection 1; mode=block Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	143 KB 49 KB	257ms 79ms	Script text/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: acessarbotaorenner.azurewebsites.net URL: https://acessarbotaorenner.azurewebsites.net/renner/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 6d05491c9827de5983662cc34c0586f8b87f807e41727408321837dcd610f5ec Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://acessarbotaorenner.azurewebsites.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers date Mon, 13 Feb 2023 20:32:58 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 49573 x-xss-protection 0 server cafe etag 7665436126749816442 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600 timing-allow-origin * expires Mon, 13 Feb 2023 20:32:58 GMT
GET H2	403	ads Show response googleads.g.doubleclick.net/pagead/ Frame 0159	603 B 218 B	351ms 178ms	Document text/html	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7890629395260020&output=html&h=120&slotname=5794379991&adk=2795671433&adf=1774445400&pi=t.ma~as.5794379991&w=1070&lmt=1664726492&rafmt=12&format=1070x120&url=https%3A%2F%2Fr-e-v-i-s-t-a-29582.azurewebsites.net%2Frenner%2Finicio%2Flogin.php&wgl=1&adsid=ChEI8O3kmQYQmZzp_6ip-8WtARI5ADZgdjZRMLpoworSz8c7CCQAIFcC-5T6_xyizkb-UVncrLiCxXPEITGCT9OJbWM7Dx_AYaIEFlMm&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTA0LjAuNTExMi4xMDIiLFtdLGZhbHNlLG51bGwsIjY0IixbWyJDaHJvbWl1bSIsIjEwNC4wLjUxMTIuMTAyIl0sWyIgTm90IEE7QnJhbmQiLCI5OS4wLjAuMCJdLFsiT3BlcmEgR1giLCIxMDQuMC41MTEyLjEwMiJdXSxmYWxzZV0.&dt=1664726482553&bpp=5&bdt=831&idt=324&shv=r20220928&mjsv=m202209270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5677531498160&frm=20&pv=1&ga_vid=245287172.1664726482&ga_sid=1664726483&ga_hid=254348409&ga_fc=1&u_tz=-180&u_his=1&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_sd=1&dmc=8&adx=397&ady=3583&biw=1864&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069963%2C42531706%2C31070009%2C44772927%2C31062931&oid=2&pvsid=3776065030673640&tmod=1971245323&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1920%2C0%2C1920%2C1040%2C1879%2C939&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&jar=2022-10-02-04&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=IL8ANWTQef&p=https%3A//r-e-v-i-s-t-a-29582.azurewebsites.net&dtd=9523 Requested by Host: acessarbotaorenner.azurewebsites.net URL: https://acessarbotaorenner.azurewebsites.net/renner/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://acessarbotaorenner.azurewebsites.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding br content-length 46 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 13 Feb 2023 20:32:58 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.3.1/	85 KB 30 KB	181ms 7ms	Script text/javascript	2a00:1450:4001:830::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js Requested by Host: acessarbotaorenner.azurewebsites.net URL: https://acessarbotaorenner.azurewebsites.net/renner/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://acessarbotaorenner.azurewebsites.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers date Mon, 13 Feb 2023 16:19:51 GMT content-encoding gzip x-content-type-options nosniff age 15187 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 30399 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Tue, 13 Feb 2024 16:19:51 GMT
GET H/1.1	200 OK	jquery.mask.min.js Show response acessarbotaorenner.azurewebsites.net/renner/	8 KB 8 KB	215ms 117ms	Script application/javascript	20.119.8.29 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://acessarbotaorenner.azurewebsites.net/renner/jquery.mask.min.js Requested by Host: acessarbotaorenner.azurewebsites.net URL: https://acessarbotaorenner.azurewebsites.net/renner/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.119.8.29 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx/1.22.1 / Resource Hash c5fcbac15c0abed33928ea0df2b92e51d06cc351cce4097f0d1372e967769141 Request headers accept-language de-DE,de;q=0.9 Referer https://acessarbotaorenner.azurewebsites.net/renner/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers Date Mon, 13 Feb 2023 20:32:58 GMT Last-Modified Sun, 12 Feb 2023 23:59:16 GMT Server nginx/1.22.1 Accept-Ranges bytes ETag "63e97d54-1f7d" Content-Length 8061 Content-Type application/javascript
GET H/1.1	404 Not Found	bg-login.svg acessarbotaorenner.azurewebsites.net/cartoes-renner/vectors/	555 B 555 B	290ms 105ms	Image text/html	20.119.8.29 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://acessarbotaorenner.azurewebsites.net/cartoes-renner/vectors/bg-login.svg Requested by Host: acessarbotaorenner.azurewebsites.net URL: https://acessarbotaorenner.azurewebsites.net/renner/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.119.8.29 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx/1.22.1 / Resource Hash 77df749f6bbe85442500437f7e798f46b9635da344811ae3b4bf7d43048ee9bb Request headers accept-language de-DE,de;q=0.9 Referer https://acessarbotaorenner.azurewebsites.net/renner/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers Date Mon, 13 Feb 2023 20:32:58 GMT Content-Encoding gzip Server nginx/1.22.1 Transfer-Encoding chunked Content-Type text/html
GET H2	404	styles__ltr.css www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame E005	0 0	657ms 547ms	Stylesheet text/html	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcNwW8UAAAAAJ8eSLfer6Z8Lm28favadVWPryjV&co=aHR0cHM6Ly93d3cucmVhbGl6ZXNvbHVjb2VzZmluYW5jZWlyYXMuY29tLmJyOjQ0Mw..&hl=pt-BR&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&badge=inline&cb=2v5tfq911hky Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers
GET H2	404	recaptcha__pt_br.js www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame E005	0 0	277ms 168ms	Script text/html	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__pt_br.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcNwW8UAAAAAJ8eSLfer6Z8Lm28favadVWPryjV&co=aHR0cHM6Ly93d3cucmVhbGl6ZXNvbHVjb2VzZmluYW5jZWlyYXMuY29tLmJyOjQ0Mw..&hl=pt-BR&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&badge=inline&cb=2v5tfq911hky Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers
GET H2	200	p-5c60b45e.entry.js Show response unpkg.com/ionicons@5.5.2/dist/ionicons/	4 KB 2 KB	21ms 21ms	Script application/javascript	2606:4700::6810:7aaf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/ionicons@5.5.2/dist/ionicons/p-5c60b45e.entry.js Requested by Host: unpkg.com URL: https://unpkg.com/ionicons@5.5.2/dist/ionicons/p-e26ac56f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ce00b2696a4a9c7d1326fd09623e8c8f4624c9abdf5424b2cf19b9de2f981f18 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://acessarbotaorenner.azurewebsites.net/ Origin https://acessarbotaorenner.azurewebsites.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers date Mon, 13 Feb 2023 20:32:58 GMT via 1.1 fly.io x-content-type-options nosniff cf-cache-status HIT content-encoding br strict-transport-security max-age=31536000; includeSubDomains; preload age 20346979 last-modified Sat, 26 Oct 1985 08:15:00 GMT fly-request-id 01G67V9ERGAY3DEWBT2BTJPYJB-fra server cloudflare etag W/"f0c-XGC0Xo+O3L3bEnfKma9bLpz3l0o" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 7990561edd349054-FRA
GET H2	200	p-3f680f7e.js Show response unpkg.com/ionicons@5.5.2/dist/ionicons/	809 B 608 B	18ms 17ms	Script application/javascript	2606:4700::6810:7aaf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/ionicons@5.5.2/dist/ionicons/p-3f680f7e.js Requested by Host: acessarbotaorenner.azurewebsites.net URL: https://acessarbotaorenner.azurewebsites.net/renner/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2ebe32eb96d80df14656ed485b5c625752e142607e910255e2d19021008c976d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://unpkg.com/ionicons@5.5.2/dist/ionicons/p-5c60b45e.entry.js Origin https://acessarbotaorenner.azurewebsites.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers date Mon, 13 Feb 2023 20:32:58 GMT via 1.1 fly.io x-content-type-options nosniff cf-cache-status HIT content-encoding br strict-transport-security max-age=31536000; includeSubDomains; preload age 20349549 last-modified Sat, 26 Oct 1985 08:15:00 GMT fly-request-id 01G67RZSDTAGZSRCP5DJ4SWF7G-fra server cloudflare etag W/"329-ka9laISJtweBFGezhbjKpn5aTrg" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 7990561f0d669054-FRA
GET H2	200	show_ads_impl_with_ama_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302090101/	366 KB 120 KB	74ms 73ms	Script text/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7890629395260020&plah=acessarbotaorenner.azurewebsites.net&bust=31072324 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 639f9073a6e13d0516f19577c766a601591bc51fb98edc6b4411460118af6de8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://acessarbotaorenner.azurewebsites.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers date Mon, 13 Feb 2023 20:32:58 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 123019 x-xss-protection 0 server cafe etag 5106805166697869450 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Mon, 13 Feb 2023 20:32:58 GMT
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20230207/r20190131/ Frame 101B	10 KB 5 KB	7ms 6ms	Document text/html	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20230207/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://acessarbotaorenner.azurewebsites.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 82787 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4242 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 12 Feb 2023 21:33:11 GMT etag 10353107486223812946 expires Sun, 26 Feb 2023 21:33:11 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	43ms 42ms	Image image/gif	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=puberror&context=165&msg=TagError%3A%20adsbygoogle.push()%20error%3A%20All%20ins%20elements%20in%20the%20DOM%20with%20class%3Dadsbygoogle%20already%20have%20ads%20in%20them.%0Aat%20Sp%20(https%3A%2F%2Fpagead2.googlesyndication.com%2Fpagead%2Fjs%2Fadsbygoogle.js%3A218%3A208)%0Aat%20Hp%20(adsbygoogle.js%3A214%3A256)%0Aat%20Cp.e.client%20(adsbygoogle.js%3A208%3A222)%0Aat%20Rd.ia%20(adsbygoogle.js%3A47%3A224)%0Aat%20Ij%20(adsbygoogle.js%3A94%3A19)%0Aat%20Cp%20(adsbygoogle.js%3A208%3A211)%0Aat%20Dp%20(adsbygoogle.js%3A206%3A69)%0Aat%20adsbygoogle.js%3A223%3A103%0Aat%20Rd.ia%20(adsbygoogle.js%3A47%3A203)%0Aat%20Ij%20(adsbygoogle.js%3A94%3A19)&shv=r20230207&mjsv=m202302090101&eid=44759875%2C44759926%2C44759837%2C31071755%2C31072224%2C31072226%2C31072324%2C44779794&url=https%3A%2F%2Facessarbotaorenner.azurewebsites.net%2Frenner%2F Requested by Host: acessarbotaorenner.azurewebsites.net URL: https://acessarbotaorenner.azurewebsites.net/renner/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://acessarbotaorenner.azurewebsites.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers pragma no-cache date Mon, 13 Feb 2023 20:32:58 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	card-outline.svg Show response unpkg.com/ionicons@5.5.2/dist/ionicons/svg/	369 B 345 B	17ms 17ms	Fetch image/svg+xml	2606:4700::6810:7aaf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/ionicons@5.5.2/dist/ionicons/svg/card-outline.svg Requested by Host: unpkg.com URL: https://unpkg.com/ionicons@5.5.2/dist/ionicons/p-5c60b45e.entry.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6b3b312399bc7b89593ed6bf6d5fe78f6094b2dfb33f581bdf1ec690dace2c4c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://acessarbotaorenner.azurewebsites.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers date Mon, 13 Feb 2023 20:32:58 GMT via 1.1 fly.io x-content-type-options nosniff cf-cache-status HIT content-encoding br strict-transport-security max-age=31536000; includeSubDomains; preload age 1686806 last-modified Sat, 26 Oct 1985 08:15:00 GMT fly-request-id 01FT83RT3256S2CBENM65YGKBH server cloudflare etag W/"171-UP4CzjN7mEYqWuvu5AW8ZrL1MOY" vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 7990561f4dc39054-FRA
GET H2	200	person-outline.svg Show response unpkg.com/ionicons@5.5.2/dist/ionicons/svg/	503 B 433 B	24ms 21ms	Fetch image/svg+xml	2606:4700::6810:7aaf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/ionicons@5.5.2/dist/ionicons/svg/person-outline.svg Requested by Host: unpkg.com URL: https://unpkg.com/ionicons@5.5.2/dist/ionicons/p-5c60b45e.entry.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fe2b29e0705999a225505dd7f39a1e7160eff7fb04b439cb35485d338a92742f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://acessarbotaorenner.azurewebsites.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers date Mon, 13 Feb 2023 20:32:58 GMT via 1.1 fly.io x-content-type-options nosniff cf-cache-status HIT content-encoding br strict-transport-security max-age=31536000; includeSubDomains; preload age 20348414 last-modified Sat, 26 Oct 1985 08:15:00 GMT fly-request-id 01G67SXMMRC8Q5S3FF4ZCDRP7H-fra server cloudflare etag W/"1f7-b8r/bmrYGx52/cym/vw2b8Z27r8" vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 7990561f5dc99054-FRA
GET H2	200	lock-closed-outline.svg Show response unpkg.com/ionicons@5.5.2/dist/ionicons/svg/	405 B 332 B	19ms 17ms	Fetch image/svg+xml	2606:4700::6810:7aaf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/ionicons@5.5.2/dist/ionicons/svg/lock-closed-outline.svg Requested by Host: unpkg.com URL: https://unpkg.com/ionicons@5.5.2/dist/ionicons/p-5c60b45e.entry.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8dab9a0fa46a86448736002bdea06c2eb25faf514d6731626040c00bd36c504c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://acessarbotaorenner.azurewebsites.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers date Mon, 13 Feb 2023 20:32:58 GMT via 1.1 fly.io x-content-type-options nosniff cf-cache-status HIT content-encoding br strict-transport-security max-age=31536000; includeSubDomains; preload age 1686493 last-modified Sat, 26 Oct 1985 08:15:00 GMT fly-request-id 01FT83RAX72R8CBF173B03B3BB server cloudflare etag W/"195-FspUCYos/Au55UFCMPKMAsl6sSU" vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 7990561f5dcb9054-FRA
GET H2	200	calendar-outline.svg Show response unpkg.com/ionicons@5.5.2/dist/ionicons/svg/	758 B 380 B	18ms 17ms	Fetch image/svg+xml	2606:4700::6810:7aaf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/ionicons@5.5.2/dist/ionicons/svg/calendar-outline.svg Requested by Host: unpkg.com URL: https://unpkg.com/ionicons@5.5.2/dist/ionicons/p-5c60b45e.entry.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8502ecd820f69485866495504cae4d5dee939f30c5d74aeabfa97cc002fad741 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://acessarbotaorenner.azurewebsites.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers date Mon, 13 Feb 2023 20:32:58 GMT via 1.1 fly.io x-content-type-options nosniff cf-cache-status HIT content-encoding br strict-transport-security max-age=31536000; includeSubDomains; preload age 20349518 last-modified Sat, 26 Oct 1985 08:15:00 GMT fly-request-id 01G67RV8TX946NGFHT8BV7N9MC-fra server cloudflare etag W/"2f6-9r/Kr8vgyT9jP6y9Loc2Y0SN1cM" vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 7990561f5dcc9054-FRA
GET H2	200	keypad-outline.svg Show response unpkg.com/ionicons@5.5.2/dist/ionicons/svg/	1 KB 353 B	17ms 16ms	Fetch image/svg+xml	2606:4700::6810:7aaf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/ionicons@5.5.2/dist/ionicons/svg/keypad-outline.svg Requested by Host: unpkg.com URL: https://unpkg.com/ionicons@5.5.2/dist/ionicons/p-5c60b45e.entry.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e83f00db825f0f723d897317f5891d7d8f753f46ac5e2621b594d688a318f13d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://acessarbotaorenner.azurewebsites.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers date Mon, 13 Feb 2023 20:32:58 GMT via 1.1 fly.io x-content-type-options nosniff cf-cache-status HIT content-encoding br strict-transport-security max-age=31536000; includeSubDomains; preload age 828918 last-modified Sat, 26 Oct 1985 08:15:00 GMT fly-request-id 01GRDH5H4B6CGVEFXM1VBN12E2-fra server cloudflare etag W/"48a-xsylVaRctZ8a6ISyZmODYN9+fq8" vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 7990561f5dce9054-FRA
GET H2	200	key-outline.svg Show response unpkg.com/ionicons@5.5.2/dist/ionicons/svg/	727 B 564 B	18ms 18ms	Fetch image/svg+xml	2606:4700::6810:7aaf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/ionicons@5.5.2/dist/ionicons/svg/key-outline.svg Requested by Host: unpkg.com URL: https://unpkg.com/ionicons@5.5.2/dist/ionicons/p-5c60b45e.entry.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3f9457e31ebbf210bb21127718dbf6a01203d776896f7b5151ed07d1f8600d0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://acessarbotaorenner.azurewebsites.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers date Mon, 13 Feb 2023 20:32:58 GMT via 1.1 fly.io x-content-type-options nosniff cf-cache-status HIT content-encoding br strict-transport-security max-age=31536000; includeSubDomains; preload age 20334415 last-modified Sat, 26 Oct 1985 08:15:00 GMT fly-request-id 01G68782VRYCZRPVFEJYXP8KTH-fra server cloudflare etag W/"2d7-Z4V9ENurcoxNqlfy7T7PwxzgqsU" vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 7990561f5dcf9054-FRA

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Realize (Financial)

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 boolean| credentialless object| oncontentvisibilityautostatechange object| adsbygoogle function| $ function| jQuery object| $jscomp function| isValidfeline object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots object| google_image_requests string| google_user_agent_client_hint object| Ionicons function| google_sa_impl

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-20 09:38:41	Name: test_cookie Value: CheckForPermission

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://acessarbotaorenner.azurewebsites.net/cartoes-renner/vectors/whatsapp.svg#whatsapp Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://acessarbotaorenner.azurewebsites.net/cartoes-renner/vectors/bg-login.svg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__pt_br.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7890629395260020&output=html&h=120&slotname=5794379991&adk=2795671433&adf=1774445400&pi=t.ma~as.5794379991&w=1070&lmt=1664726492&rafmt=12&format=1070x120&url=https%3A%2F%2Fr-e-v-i-s-t-a-29582.azurewebsites.net%2Frenner%2Finicio%2Flogin.php&wgl=1&adsid=ChEI8O3kmQYQmZzp_6ip-8WtARI5ADZgdjZRMLpoworSz8c7CCQAIFcC-5T6_xyizkb-UVncrLiCxXPEITGCT9OJbWM7Dx_AYaIEFlMm&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTA0LjAuNTExMi4xMDIiLFtdLGZhbHNlLG51bGwsIjY0IixbWyJDaHJvbWl1bSIsIjEwNC4wLjUxMTIuMTAyIl0sWyIgTm90IEE7QnJhbmQiLCI5OS4wLjAuMCJdLFsiT3BlcmEgR1giLCIxMDQuMC41MTEyLjEwMiJdXSxmYWxzZV0.&dt=1664726482553&bpp=5&bdt=831&idt=324&shv=r20220928&mjsv=m202209270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5677531498160&frm=20&pv=1&ga_vid=245287172.1664726482&ga_sid=1664726483&ga_hid=254348409&ga_fc=1&u_tz=-180&u_his=1&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_sd=1&dmc=8&adx=397&ady=3583&biw=1864&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069963%2C42531706%2C31070009%2C44772927%2C31062931&oid=2&pvsid=3776065030673640&tmod=1971245323&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1920%2C0%2C1920%2C1040%2C1879%2C939&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&jar=2022-10-02-04&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=IL8ANWTQef&p=https%3A//r-e-v-i-s-t-a-29582.azurewebsites.net&dtd=9523 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acessarbotaorenner.azurewebsites.net
ajax.googleapis.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
unpkg.com
www.google.com
www.gstatic.com
www.realizesolucoesfinanceiras.com.br
20.119.8.29
200.248.113.245
2606:4700::6810:7aaf
2a00:1450:4001:800::2003
2a00:1450:4001:806::2002
2a00:1450:4001:812::2002
2a00:1450:4001:830::200a
2a00:1450:4001:831::2004
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
108edfb0bdb9cfe6f8a0924325598e083793cb7a428e5a9176e64821168b4bed
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
20193736d900f0b602a678f804676349764578ab2adcd07ffebb6d06df1afd96
2ebe32eb96d80df14656ed485b5c625752e142607e910255e2d19021008c976d
3dd08d21a5c010294a50355af3565a50d08ea4aef83e822114be29171209f109
411ebf3f42ff97b8fdcb02ef60f534e0fd011b86878ec33abf2509b4bfe58037
639f9073a6e13d0516f19577c766a601591bc51fb98edc6b4411460118af6de8
6b3b312399bc7b89593ed6bf6d5fe78f6094b2dfb33f581bdf1ec690dace2c4c
6d05491c9827de5983662cc34c0586f8b87f807e41727408321837dcd610f5ec
77df749f6bbe85442500437f7e798f46b9635da344811ae3b4bf7d43048ee9bb
7db4ada57262fbacd47bef4e96e3cedda276b9267e6ca4d20adeeb1c24d870b6
8502ecd820f69485866495504cae4d5dee939f30c5d74aeabfa97cc002fad741
8827f96ace2afe4aeff4c33db4ac86193f38a62cb30d9fbba949e0b72c2a55ff
8dab9a0fa46a86448736002bdea06c2eb25faf514d6731626040c00bd36c504c
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
c5fcbac15c0abed33928ea0df2b92e51d06cc351cce4097f0d1372e967769141
cceba7049069b3c0d22b68da355f7d7e2ad263a0fd32a81e23d2acb1b6cf4752
ce00b2696a4a9c7d1326fd09623e8c8f4624c9abdf5424b2cf19b9de2f981f18
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f9457e31ebbf210bb21127718dbf6a01203d776896f7b5151ed07d1f8600d0
e83f00db825f0f723d897317f5891d7d8f753f46ac5e2621b594d688a318f13d
e946d863a136a09089fd275d574ff3346bad8327d4ef378c06af35872d9fe56d
fe2b29e0705999a225505dd7f39a1e7160eff7fb04b439cb35485d338a92742f