urlscan.io logo urlscan.io
SecurityTrails logo

analuizaborba.com.br Open in urlscan Pro
2606:4700:3037::6815:1a0a  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://analuizaborba.com.br/wp-setting/index.php?blx=%24bmVpbC5hY2tlcm1hbjFAYmVsbC5jYQ%3D%3D
Effective URL: https://analuizaborba.com.br/wp-setting/S211eery1865c9y.php?blx=$bmVpbC5hY2tlcm1hbjFAYmVsbC5jYQ==&4629a2ca3b7b71590edc68a5057...
Submission: On February 04 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 15 HTTP transactions. The main IP is 2606:4700:3037::6815:1a0a, located in United States and belongs to CLOUDFLARENET, US. The main domain is analuizaborba.com.br.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 29th 2022. Valid for: a year.
This is the only time analuizaborba.com.br was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: BCE-Bell (Telecommunication)

Domain & IP information

IP Address AS Autonomous System
11 2606:4700:303... 13335 (CLOUDFLAR...)
4 68.142.108.128 22822 (LLNW)
15 2
Apex Domain
Subdomains		 Transfer
11 analuizaborba.com.br
analuizaborba.com.br
200 KB
4 llnwd.net
pfobellweb.hs.llnwd.net — Cisco Umbrella Rank: 839644
121 KB
15 2
Domain Requested by
11 analuizaborba.com.br analuizaborba.com.br
4 pfobellweb.hs.llnwd.net analuizaborba.com.br
15 2

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-01-29 -
2023-01-29		 a year crt.sh
*.hs.llnwd.net
Sectigo RSA Organization Validation Secure Server CA		 2021-04-07 -
2022-05-08		 a year crt.sh

This page contains 1 frames:

Primary Page: https://analuizaborba.com.br/wp-setting/S211eery1865c9y.php?blx=$bmVpbC5hY2tlcm1hbjFAYmVsbC5jYQ==&4629a2ca3b7b71590edc68a5057ef38b4b1c172f9d08f8a44bde0cabb8a6743916976132908339ea131c7d9904dbec14867b58e8dccef58d922fc504f551a54c632a2a21590677805aef262cd9dfe3f3e077bd24dd6fb3f15b0e
Frame ID: 82B5827303FF16EBF3F4E8B118D5E6B3
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Log in to MyBell

Page URL History Show full URLs

  1. https://analuizaborba.com.br/wp-setting/index.php?blx=%24bmVpbC5hY2tlcm1hbjFAYmVsbC5jYQ%3D%3D Page URL
  2. https://analuizaborba.com.br/wp-setting/S211eery1865c9y.php?blx=$bmVpbC5hY2tlcm1hbjFAYmVsbC5jYQ==&4629a2c... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

15
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

320 kB
Transfer

1271 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://analuizaborba.com.br/wp-setting/index.php?blx=%24bmVpbC5hY2tlcm1hbjFAYmVsbC5jYQ%3D%3D Page URL
  2. https://analuizaborba.com.br/wp-setting/S211eery1865c9y.php?blx=$bmVpbC5hY2tlcm1hbjFAYmVsbC5jYQ==&4629a2ca3b7b71590edc68a5057ef38b4b1c172f9d08f8a44bde0cabb8a6743916976132908339ea131c7d9904dbec14867b58e8dccef58d922fc504f551a54c632a2a21590677805aef262cd9dfe3f3e077bd24dd6fb3f15b0e Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
index.php
analuizaborba.com.br/wp-setting/ 		519 B
914 B 		Document
General
Check archive.org
Download Go to
Full URL
https://analuizaborba.com.br/wp-setting/index.php?blx=%24bmVpbC5hY2tlcm1hbjFAYmVsbC5jYQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:1a0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.26
Resource Hash
58bbb342449d9aa457cbca095e49eb46b01c09e456267c4dbe0e762fb33fd0fe

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

date
Fri, 04 Feb 2022 20:11:18 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.4.26
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nVp1cwgjHH8bv3f9edFH9BPa1VAYy%2Bt70ZuwR1uXBtmAuaLgAS%2B7zQjY3sciTZ19q8Z3PeDiCHhseJUyzWIaGCZ7ZuEYYgukUIPri%2F7NGsWX8A7RET8C3dzx2HOyg9DqMV8wlDcwBnlzmBk2Us2zw%2Bi2Ow%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6d868c1eba034bb8-YUL
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Primary Request S211eery1865c9y.php
analuizaborba.com.br/wp-setting/ 		18 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://analuizaborba.com.br/wp-setting/S211eery1865c9y.php?blx=$bmVpbC5hY2tlcm1hbjFAYmVsbC5jYQ==&4629a2ca3b7b71590edc68a5057ef38b4b1c172f9d08f8a44bde0cabb8a6743916976132908339ea131c7d9904dbec14867b58e8dccef58d922fc504f551a54c632a2a21590677805aef262cd9dfe3f3e077bd24dd6fb3f15b0e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:1a0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.26
Resource Hash
29a555b218d67f7d28eacf4f5f2b6d072cda91e5d1bcfa0ea8b72200d9ad018b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

date
Fri, 04 Feb 2022 20:11:18 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.4.26
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B20lBi1M4wPZX73hkQTafZYB7%2FPpBJ%2B9QlPySu8U%2B6gf2hvJvwklk59hvb3W%2Bf6hvexk0qRVoVd48zK0fQGo7Ele5PQLiuh8Y6MfFTFXzI0P0GLBkfkLsQhqXJqBBpz9leRBDnm9FZVKizBiRKRANTKghQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6d868c1fcb9a4bb8-YUL
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
bell.css
analuizaborba.com.br/wp-setting/Uyfi9a99a9ui88/ 		808 KB
111 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://analuizaborba.com.br/wp-setting/Uyfi9a99a9ui88/bell.css
Requested by
Host: analuizaborba.com.br
URL: https://analuizaborba.com.br/wp-setting/S211eery1865c9y.php?blx=$bmVpbC5hY2tlcm1hbjFAYmVsbC5jYQ==&4629a2ca3b7b71590edc68a5057ef38b4b1c172f9d08f8a44bde0cabb8a6743916976132908339ea131c7d9904dbec14867b58e8dccef58d922fc504f551a54c632a2a21590677805aef262cd9dfe3f3e077bd24dd6fb3f15b0e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:1a0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e27750bd8f7add80437b9f5a75626739f8342e30fd35dd6ff302d96330b59964

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://analuizaborba.com.br/wp-setting/S211eery1865c9y.php?blx=$bmVpbC5hY2tlcm1hbjFAYmVsbC5jYQ==&4629a2ca3b7b71590edc68a5057ef38b4b1c172f9d08f8a44bde0cabb8a6743916976132908339ea131c7d9904dbec14867b58e8dccef58d922fc504f551a54c632a2a21590677805aef262cd9dfe3f3e077bd24dd6fb3f15b0e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 20:11:18 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1663
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 03 Nov 2020 02:11:26 GMT
server
cloudflare
etag
W/"ca133-5fa0bc4e-568e08d538c2afda;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JB9uydNZSzxDguu9ANMmTjGTTZ2sGkpk62HolbjC6mC%2BPHSwlgY2JXbl%2BtLq5TuzageOc7%2BVzOsRV%2Bz1Ja1KmzVdvHwTjizn3Tl%2BUeIBB2Hows2cDJZzSUdJBCZGEG0Mu980isxJVgdfV7x7sxq1NQrBXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
6d868c204c834bb8-YUL
expires
Fri, 11 Feb 2022 19:43:35 GMT
bell(1).css
analuizaborba.com.br/wp-setting/Uyfi9a99a9ui88/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://analuizaborba.com.br/wp-setting/Uyfi9a99a9ui88/bell(1).css
Requested by
Host: analuizaborba.com.br
URL: https://analuizaborba.com.br/wp-setting/S211eery1865c9y.php?blx=$bmVpbC5hY2tlcm1hbjFAYmVsbC5jYQ==&4629a2ca3b7b71590edc68a5057ef38b4b1c172f9d08f8a44bde0cabb8a6743916976132908339ea131c7d9904dbec14867b58e8dccef58d922fc504f551a54c632a2a21590677805aef262cd9dfe3f3e077bd24dd6fb3f15b0e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:1a0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b00754524869bd430ae18a373883452a633e41736b58188d3109fc6b5f36238f

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://analuizaborba.com.br/wp-setting/S211eery1865c9y.php?blx=$bmVpbC5hY2tlcm1hbjFAYmVsbC5jYQ==&4629a2ca3b7b71590edc68a5057ef38b4b1c172f9d08f8a44bde0cabb8a6743916976132908339ea131c7d9904dbec14867b58e8dccef58d922fc504f551a54c632a2a21590677805aef262cd9dfe3f3e077bd24dd6fb3f15b0e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 20:11:18 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1662
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 03 Nov 2020 02:11:26 GMT
server
cloudflare
etag
W/"1118-5fa0bc4e-af4ac243886ec93b;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FelODM1x1qniKFbpEnMFYQy6EVfdAi2Ue7YAX4U1olRE0FntwYr5SIJhZZLLAynlVu6rebUBmLxBoDOm2uSsJR3P%2B7WCMbQdvVQvk%2FhBpUy%2FMvrqbwHcHkCuP8ZJ1ici8KS5MsYbiCin4dKFvAIpnoWkEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
6d868c204c854bb8-YUL
expires
Fri, 11 Feb 2022 19:43:36 GMT
registrationFlow-login.css
analuizaborba.com.br/wp-setting/Uyfi9a99a9ui88/ 		32 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://analuizaborba.com.br/wp-setting/Uyfi9a99a9ui88/registrationFlow-login.css
Requested by
Host: analuizaborba.com.br
URL: https://analuizaborba.com.br/wp-setting/S211eery1865c9y.php?blx=$bmVpbC5hY2tlcm1hbjFAYmVsbC5jYQ==&4629a2ca3b7b71590edc68a5057ef38b4b1c172f9d08f8a44bde0cabb8a6743916976132908339ea131c7d9904dbec14867b58e8dccef58d922fc504f551a54c632a2a21590677805aef262cd9dfe3f3e077bd24dd6fb3f15b0e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:1a0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
721a7bb35cd1aa6b81bbb4e1d197e84003142a72abf045dfe47b29948edc1a79

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://analuizaborba.com.br/wp-setting/S211eery1865c9y.php?blx=$bmVpbC5hY2tlcm1hbjFAYmVsbC5jYQ==&4629a2ca3b7b71590edc68a5057ef38b4b1c172f9d08f8a44bde0cabb8a6743916976132908339ea131c7d9904dbec14867b58e8dccef58d922fc504f551a54c632a2a21590677805aef262cd9dfe3f3e077bd24dd6fb3f15b0e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 20:11:18 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2309
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 03 Nov 2020 02:11:26 GMT
server
cloudflare
etag
W/"80ab-5fa0bc4e-62d096f8f223002;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hf4drnDpZdFAXlX5%2BNFQBaJLv7pDDQjFp3wMSLtsIqT7kixWI8NFhBkIUcH1iUHqTNMglOL%2FvX3cTfDD6A9LTvcxfi4SAoU0jeRhKAonY07eeuuRXEbhpsLVldhwPWj%2F7%2BYKaiBeuhsD4phpiFIfYedwDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
6d868c204c864bb8-YUL
expires
Fri, 11 Feb 2022 19:32:49 GMT
login-tracker-icon.min.css
analuizaborba.com.br/wp-setting/Uyfi9a99a9ui88/ 		1 KB
744 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://analuizaborba.com.br/wp-setting/Uyfi9a99a9ui88/login-tracker-icon.min.css
Requested by
Host: analuizaborba.com.br
URL: https://analuizaborba.com.br/wp-setting/S211eery1865c9y.php?blx=$bmVpbC5hY2tlcm1hbjFAYmVsbC5jYQ==&4629a2ca3b7b71590edc68a5057ef38b4b1c172f9d08f8a44bde0cabb8a6743916976132908339ea131c7d9904dbec14867b58e8dccef58d922fc504f551a54c632a2a21590677805aef262cd9dfe3f3e077bd24dd6fb3f15b0e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:1a0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55b8eb223e37f7bfab42aa9d5144ee52a14df40dd279260bcf7d5b0a68d140a2

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://analuizaborba.com.br/wp-setting/S211eery1865c9y.php?blx=$bmVpbC5hY2tlcm1hbjFAYmVsbC5jYQ==&4629a2ca3b7b71590edc68a5057ef38b4b1c172f9d08f8a44bde0cabb8a6743916976132908339ea131c7d9904dbec14867b58e8dccef58d922fc504f551a54c632a2a21590677805aef262cd9dfe3f3e077bd24dd6fb3f15b0e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 20:11:18 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2309
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 03 Nov 2020 02:11:26 GMT
server
cloudflare
etag
W/"516-5fa0bc4e-1d4db1a276ae7169;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qYnp836oO1jP5hWCdo8ZFAUZiHRdPWK0oVnZWsrXwZ5GF9v2XNcF%2B66NzgYQctsAPrNslm1%2FBhDPTHdSG%2B6WQKUlMtne8nw2Gl6%2Fqnb0Jfe8bDzlDxiQF0tIJiZ%2FZyZKNwAMbLLzu6AkO%2FBntT%2BkQh%2BFOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
6d868c204c874bb8-YUL
expires
Fri, 11 Feb 2022 19:32:49 GMT
login-tracker.min.css
analuizaborba.com.br/wp-setting/Uyfi9a99a9ui88/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://analuizaborba.com.br/wp-setting/Uyfi9a99a9ui88/login-tracker.min.css
Requested by
Host: analuizaborba.com.br
URL: https://analuizaborba.com.br/wp-setting/S211eery1865c9y.php?blx=$bmVpbC5hY2tlcm1hbjFAYmVsbC5jYQ==&4629a2ca3b7b71590edc68a5057ef38b4b1c172f9d08f8a44bde0cabb8a6743916976132908339ea131c7d9904dbec14867b58e8dccef58d922fc504f551a54c632a2a21590677805aef262cd9dfe3f3e077bd24dd6fb3f15b0e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:1a0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41d5494dc24c7bf70ec0a23e9e96a3cbeb166d4f842c674d93605178ef05acef

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://analuizaborba.com.br/wp-setting/S211eery1865c9y.php?blx=$bmVpbC5hY2tlcm1hbjFAYmVsbC5jYQ==&4629a2ca3b7b71590edc68a5057ef38b4b1c172f9d08f8a44bde0cabb8a6743916976132908339ea131c7d9904dbec14867b58e8dccef58d922fc504f551a54c632a2a21590677805aef262cd9dfe3f3e077bd24dd6fb3f15b0e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 20:11:18 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1662
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 03 Nov 2020 02:11:26 GMT
server
cloudflare
etag
W/"2e93-5fa0bc4e-d89d43c734e7e5b;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OKr5UhAuKBcCx3NppAYxnEIlSbwEG7R6gnKNbJydrlK9v95ZeB6mdIYi5J5XcpSf%2Bj5uUHUUQaMEEp17q16%2FGrU3kD6w1T3yriIE3s6Real6Tesl0b1v0%2FKoIS5TyA9PtmCPjWq1taBamAzHUyqYO9dLBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
6d868c205c894bb8-YUL
expires
Fri, 11 Feb 2022 19:43:36 GMT
bell(2).css
analuizaborba.com.br/wp-setting/Uyfi9a99a9ui88/ 		244 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://analuizaborba.com.br/wp-setting/Uyfi9a99a9ui88/bell(2).css
Requested by
Host: analuizaborba.com.br
URL: https://analuizaborba.com.br/wp-setting/S211eery1865c9y.php?blx=$bmVpbC5hY2tlcm1hbjFAYmVsbC5jYQ==&4629a2ca3b7b71590edc68a5057ef38b4b1c172f9d08f8a44bde0cabb8a6743916976132908339ea131c7d9904dbec14867b58e8dccef58d922fc504f551a54c632a2a21590677805aef262cd9dfe3f3e077bd24dd6fb3f15b0e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:1a0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c70a0312594726ce839d13a6cca394df912b64b0d1fe1c2fe1858f0597c4245

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://analuizaborba.com.br/wp-setting/S211eery1865c9y.php?blx=$bmVpbC5hY2tlcm1hbjFAYmVsbC5jYQ==&4629a2ca3b7b71590edc68a5057ef38b4b1c172f9d08f8a44bde0cabb8a6743916976132908339ea131c7d9904dbec14867b58e8dccef58d922fc504f551a54c632a2a21590677805aef262cd9dfe3f3e077bd24dd6fb3f15b0e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 20:11:18 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1662
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 03 Nov 2020 02:11:26 GMT
server
cloudflare
etag
W/"3d195-5fa0bc4e-4fdce53ccd9ea7e;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cuWVA5gNN603rZSe2mwE%2FpfgkvobRl%2BFe07TVqmsvRwas2DTgNO6s%2Ftu62jFRivY6XA5t%2FF%2FCLy%2BZRRmvFSeUp6bmSKXzP%2FgpS%2Ff%2Bjnl5Ahf4RM1nGlYrN4SXprr7wdbd8PGis%2BabEiWkUJWM2U4dL9O2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
6d868c205c8c4bb8-YUL
expires
Fri, 11 Feb 2022 19:43:36 GMT
fonts.css
analuizaborba.com.br/wp-setting/Uyfi9a99a9ui88/ 		2 KB
891 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://analuizaborba.com.br/wp-setting/Uyfi9a99a9ui88/fonts.css
Requested by
Host: analuizaborba.com.br
URL: https://analuizaborba.com.br/wp-setting/S211eery1865c9y.php?blx=$bmVpbC5hY2tlcm1hbjFAYmVsbC5jYQ==&4629a2ca3b7b71590edc68a5057ef38b4b1c172f9d08f8a44bde0cabb8a6743916976132908339ea131c7d9904dbec14867b58e8dccef58d922fc504f551a54c632a2a21590677805aef262cd9dfe3f3e077bd24dd6fb3f15b0e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:1a0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
053bfcc5e83a414860621f457b4af3dc94a85dc56b7514d7188be47cfa8eca36

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://analuizaborba.com.br/wp-setting/S211eery1865c9y.php?blx=$bmVpbC5hY2tlcm1hbjFAYmVsbC5jYQ==&4629a2ca3b7b71590edc68a5057ef38b4b1c172f9d08f8a44bde0cabb8a6743916976132908339ea131c7d9904dbec14867b58e8dccef58d922fc504f551a54c632a2a21590677805aef262cd9dfe3f3e077bd24dd6fb3f15b0e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 20:11:18 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2308
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 03 Nov 2020 02:11:26 GMT
server
cloudflare
etag
W/"93c-5fa0bc4e-504a9627842b98a5;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L2yeiUJ6Okm3STYUtuIJyI2rEuyz1%2Bk69t9O%2BkfjOcKM5liYuwbmulMStePRTCT28wQ5XFFYyVbfwiCrAmgxaP60or2%2FugIM92L45%2FZ0SokO0RJFnpo%2FSTrpq%2F6QWNwkQYfA%2FmbuNNPAmV3uq%2BN0wloDpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
6d868c205c904bb8-YUL
expires
Fri, 11 Feb 2022 19:32:50 GMT
bell_custom_deprecatedbrowser_new.css
analuizaborba.com.br/wp-setting/Uyfi9a99a9ui88/ 		1 KB
796 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://analuizaborba.com.br/wp-setting/Uyfi9a99a9ui88/bell_custom_deprecatedbrowser_new.css
Requested by
Host: analuizaborba.com.br
URL: https://analuizaborba.com.br/wp-setting/S211eery1865c9y.php?blx=$bmVpbC5hY2tlcm1hbjFAYmVsbC5jYQ==&4629a2ca3b7b71590edc68a5057ef38b4b1c172f9d08f8a44bde0cabb8a6743916976132908339ea131c7d9904dbec14867b58e8dccef58d922fc504f551a54c632a2a21590677805aef262cd9dfe3f3e077bd24dd6fb3f15b0e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:1a0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5dd4f75a33a397e43c440b1d6ffcfda71f004d0a31cc0894b665ac2f0ff2ad6d

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://analuizaborba.com.br/wp-setting/S211eery1865c9y.php?blx=$bmVpbC5hY2tlcm1hbjFAYmVsbC5jYQ==&4629a2ca3b7b71590edc68a5057ef38b4b1c172f9d08f8a44bde0cabb8a6743916976132908339ea131c7d9904dbec14867b58e8dccef58d922fc504f551a54c632a2a21590677805aef262cd9dfe3f3e077bd24dd6fb3f15b0e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 20:11:18 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2309
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 03 Nov 2020 02:11:26 GMT
server
cloudflare
etag
W/"4be-5fa0bc4e-52b6dcd8c84c2214;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XYYv5ciMlMFWaYDgMqI6eLWjDtiBhrSCL%2BGHp7iBKpgX8jb5nZE%2FB30We7yBg0kVC5XwzrFC%2Bn%2BCUkyoy8W4cg06kepkYrdL9ebxJjY08CgUV9t3O1bEMvzdftbysNrEXbJ9k0SrO5iLdyZ5SvZti8ys3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
6d868c205c924bb8-YUL
expires
Fri, 11 Feb 2022 19:32:49 GMT
upds.jpg
analuizaborba.com.br/Styles/images/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analuizaborba.com.br/Styles/images/upds.jpg
Requested by
Host: analuizaborba.com.br
URL: https://analuizaborba.com.br/wp-setting/S211eery1865c9y.php?blx=$bmVpbC5hY2tlcm1hbjFAYmVsbC5jYQ==&4629a2ca3b7b71590edc68a5057ef38b4b1c172f9d08f8a44bde0cabb8a6743916976132908339ea131c7d9904dbec14867b58e8dccef58d922fc504f551a54c632a2a21590677805aef262cd9dfe3f3e077bd24dd6fb3f15b0e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:1a0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.26
Resource Hash
e21b18ff24dc8add2824db9cf7531061af9c468f33c9aeb632eb6fe8c608e351

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://analuizaborba.com.br/wp-setting/S211eery1865c9y.php?blx=$bmVpbC5hY2tlcm1hbjFAYmVsbC5jYQ==&4629a2ca3b7b71590edc68a5057ef38b4b1c172f9d08f8a44bde0cabb8a6743916976132908339ea131c7d9904dbec14867b58e8dccef58d922fc504f551a54c632a2a21590677805aef262cd9dfe3f3e077bd24dd6fb3f15b0e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 20:11:19 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.4.26
x-litespeed-cache
miss
x-litespeed-cache-control
public,max-age=3600
x-litespeed-tag
80d_HTTP.404,80d_404,80d_URL.e8a1f972bfff5ee8e669e8fce659d15a,80d_
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8GEmsSQBtunRnpIK4KHDdoTgzNkq8k5fSeyFgcrObYBZNkrkdSAsWxY8Lzy7mEN3i8jQRqnGskJ7RrT2ce6d0E18DI4opmQSSZdTrtnMCXK528K%2BsvBpZjspbtGdKWuvL8twornYcECAJ3XymEzVyoYYfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
max-age=14400, must-revalidate
x-turbo-charged-by
LiteSpeed
cf-ray
6d868c213f9a715a-YUL
link
<https://analuizaborba.com.br/wp-json/>; rel="https://api.w.org/"
expires
Wed, 11 Jan 1984 05:00:00 GMT
bellslim_regular-webfont.woff2
pfobellweb.hs.llnwd.net/styles/RSX/framework/css/fonts/ 		19 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://pfobellweb.hs.llnwd.net/styles/RSX/framework/css/fonts/bellslim_regular-webfont.woff2?ver=00000000
Requested by
Host: analuizaborba.com.br
URL: https://analuizaborba.com.br/wp-setting/Uyfi9a99a9ui88/bell.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
68.142.108.128 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-68-142-108-128.iad.llnw.net
Software
/
Resource Hash
3e4d8f00673f6a80b26a8565f9931374e1e9171553b078261a67772af7511629
Security Headers
Name Value
Content-Security-Policy frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net https://*.medallia.ca https://*.kampyle.com https://*.decibelinsight.net https://*.decibelinsight.com 'unsafe-inline' 'unsafe-eval'; object-src 'none'
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://analuizaborba.com.br/
Origin
https://analuizaborba.com.br
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 04 Feb 2022 20:11:18 GMT
Strict-Transport-Security
max-age=16070400
X-Content-Type-Options
nosniff
Age
47605
Connection
keep-alive
Content-Length
19412
X-XSS-Protection
1
Last-Modified
Sun, 19 Jan 2020 06:54:18 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Content-Security-Policy
frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net https://*.medallia.ca https://*.kampyle.com https://*.decibelinsight.net https://*.decibelinsight.com 'unsafe-inline' 'unsafe-eval'; object-src 'none'
Accept-Ranges
bytes
X-LLID
bfc6f0192f568f521a49861e01d07472
Expires
Sat, 05 Feb 2022 06:57:53 GMT
bellslim_medium-webfont.woff2
pfobellweb.hs.llnwd.net/styles/RSX/framework/css/fonts/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://pfobellweb.hs.llnwd.net/styles/RSX/framework/css/fonts/bellslim_medium-webfont.woff2?ver=00000000
Requested by
Host: analuizaborba.com.br
URL: https://analuizaborba.com.br/wp-setting/Uyfi9a99a9ui88/bell.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
68.142.108.128 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-68-142-108-128.iad.llnw.net
Software
/
Resource Hash
e36f3860d6fe12df58872c55cf1fb78b7a3fe86d9a27591bfda5d8ceb34a31f3
Security Headers
Name Value
Content-Security-Policy frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.virginplus.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.luckymobile.ca
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://analuizaborba.com.br/
Origin
https://analuizaborba.com.br
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 04 Feb 2022 20:11:18 GMT
Strict-Transport-Security
max-age=16070400
X-Content-Type-Options
nosniff
Age
47708
Connection
keep-alive
Content-Length
19880
X-XSS-Protection
1
Last-Modified
Sun, 19 Jan 2020 06:54:19 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Content-Security-Policy
frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.virginplus.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.luckymobile.ca
Accept-Ranges
bytes
X-LLID
2c3fb8b5b1244e9afa61e4acaed9b062
Expires
Sat, 05 Feb 2022 06:56:10 GMT
bell-icon.woff
pfobellweb.hs.llnwd.net/Styles/BRF2/Master/core/fonts/ 		58 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://pfobellweb.hs.llnwd.net/Styles/BRF2/Master/core/fonts/bell-icon.woff?ver=201910200707
Requested by
Host: analuizaborba.com.br
URL: https://analuizaborba.com.br/wp-setting/Uyfi9a99a9ui88/bell(2).css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
68.142.108.128 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-68-142-108-128.iad.llnw.net
Software
/
Resource Hash
494b73af9d809465ca2d26ee422c0793bcc3d68ee047b3b20fb4deddc880d0cf
Security Headers
Name Value
Content-Security-Policy frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net 'unsafe-inline' 'unsafe-eval'; object-src 'none'
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://analuizaborba.com.br/
Origin
https://analuizaborba.com.br
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 04 Feb 2022 20:11:18 GMT
Strict-Transport-Security
max-age=16070400
X-Content-Type-Options
nosniff
Age
43571
Connection
keep-alive
Content-Length
59112
X-XSS-Protection
1
Last-Modified
Sun, 29 Aug 2021 08:01:52 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Content-Security-Policy
frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net 'unsafe-inline' 'unsafe-eval'; object-src 'none'
Accept-Ranges
bytes
X-LLID
7bd28ea34928a48113731dca761eca10
Expires
Sat, 05 Feb 2022 08:05:07 GMT
bellslim_semibold-webfont.woff2
pfobellweb.hs.llnwd.net/styles/RSX/framework/css/fonts/ 		19 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://pfobellweb.hs.llnwd.net/styles/RSX/framework/css/fonts/bellslim_semibold-webfont.woff2?ver=00000000
Requested by
Host: analuizaborba.com.br
URL: https://analuizaborba.com.br/wp-setting/Uyfi9a99a9ui88/bell.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
68.142.108.128 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-68-142-108-128.iad.llnw.net
Software
/
Resource Hash
41407c31a0d44bb952744a390decccd0a4ba5918e4ff89c860f2495d5ee7a7fe
Security Headers
Name Value
Content-Security-Policy frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net 'unsafe-inline' 'unsafe-eval'; object-src 'none'
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://analuizaborba.com.br/
Origin
https://analuizaborba.com.br
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 04 Feb 2022 20:11:18 GMT
Strict-Transport-Security
max-age=16070400
X-Content-Type-Options
nosniff
Age
47207
Connection
keep-alive
Content-Length
19348
X-XSS-Protection
1
Last-Modified
Sun, 19 Jan 2020 06:54:18 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Content-Security-Policy
frame-ancestors oneview.bell.ca bell.ca *.bell.ca *.bellmts.ca *.virginmobile.ca *.vm.ca *.vmobile.ca *.vmcanada.com *.thesource.ca *.luckymobile.ca *.virginplus.ca; script-src https://*.luckymobile.ca https://www.googletagmanager.com https://sc-static.net https://assets.adobedtm.com https://*.google-analytics.com https://*.postescanada-canadapost.ca https://*.digital.nuance.com https://*.inq.com https://connect.facebook.net https://static.ads-twitter.com https://*.twitter.com https://ssl.geoplugin.net https://s.pinimg.com https://*.google.com https://*.gstatic.com https://*.vmobile.ca https://*.googleadservices.com https://*.stackadapt.com https://*.doubleclick.net https://*.virginplus.ca https://*.bell.ca https://*.tiktok.com https://*.know-where.com https://*.korem.com https://*.googleapis.com https://*.coveo.com https://siteimproveanalytics.com https://*.licdn.com https://vldbellsup.hs.llnwd.net https://vfobellsup.hs.llnwd.net https://prdbellsup.hs.llnwd.net https://pfobellsup.hs.llnwd.net https://cdnjs.cloudflare.com https://vldbellweb.hs.llnwd.net https://vfobellweb.hs.llnwd.net https://prdbellweb.hs.llnwd.net https://pfobellweb.hs.llnwd.net 'unsafe-inline' 'unsafe-eval'; object-src 'none'
Accept-Ranges
bytes
X-LLID
9b9368413381217bfd6f17dbc981a43f
Expires
Sat, 05 Feb 2022 07:04:31 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: BCE-Bell (Telecommunication)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Domain/Path Name / Value
analuizaborba.com.br/wp-setting Name: drake
Value: dexter
analuizaborba.com.br/ Name: PHPSESSID
Value: 3bcddb0ca516bbf625e8470bed17e896

1 Console Messages

Source Level URL
Text
network error URL: https://analuizaborba.com.br/Styles/images/upds.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()