www.gotasfluxx.online.saudemaisnoticias.shop Open in urlscan Pro
50.6.138.54 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.gotasfluxx.online.saudemaisnoticias.shop/
Submission: On July 29 via api (July 29th 2024, 8:36:50 pm UTC) from US — Scanned from DE

Summary HTTP 22 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 5 IPs in 1 countries across 5 domains to perform 22 HTTP transactions. The main IP is 50.6.138.54, located in United States and belongs to NETWORK-SOLUTIONS-HOSTING, US. The main domain is www.gotasfluxx.online.saudemaisnoticias.shop.
TLS certificate: Issued by R10 on June 7th 2024. Valid for: 3 months.

This is the only time www.gotasfluxx.online.saudemaisnoticias.shop was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 11	50.6.138.54 50.6.138.54	19871 (NETWORK-S...) (NETWORK-SOLUTIONS-HOSTING)
5	52.7.233.50 52.7.233.50	14618 (AMAZON-AES) (AMAZON-AES)
1	18.239.83.16 18.239.83.16	16509 (AMAZON-02) (AMAZON-02)
1	172.67.74.152 172.67.74.152	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	5

11 50.6.138.54 (United States) 2 redirects

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: 50-6-138-54.unifiedlayer.com

www.gotasfluxx.online.saudemaisnoticias.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gotasfluxx.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.7.233.50 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-233-50.compute-1.amazonaws.com

trackings.nemu.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.83.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-83-16.ams58.r.cloudfront.net

openfpcdn.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.74.152 (United States)

ASN13335 (CLOUDFLARENET, US)

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	gotasfluxx.online gotasfluxx.online	398 KB
5	nemu.com.br trackings.nemu.com.br	55 KB
3	saudemaisnoticias.shop 2 redirects www.gotasfluxx.online.saudemaisnoticias.shop	22 KB
1	ipify.org api.ipify.org — Cisco Umbrella Rank: 2512	154 B
1	openfpcdn.io openfpcdn.io — Cisco Umbrella Rank: 22211	16 KB
22	5

	Domain	Requested by
8	gotasfluxx.online	www.gotasfluxx.online.saudemaisnoticias.shop
5	trackings.nemu.com.br	www.gotasfluxx.online.saudemaisnoticias.shop trackings.nemu.com.br
3	www.gotasfluxx.online.saudemaisnoticias.shop	2 redirects
1	api.ipify.org	trackings.nemu.com.br
1	openfpcdn.io	trackings.nemu.com.br
22	5

This site contains links to these domains. Also see Links.

Domain
gotasfluxx.online
pt.wordpress.org

Subject Issuer	Validity	Valid
gotasflux.store.saudemaisnoticias.shop R10	`2024-06-07` - `2024-09-05`	3 months	crt.sh
backend.nemu.com.br R10	`2024-07-28` - `2024-10-26`	3 months	crt.sh
openfpcdn.io Amazon RSA 2048 M02	`2023-12-27` - `2025-01-25`	a year	crt.sh
ipify.org WE1	`2024-07-18` - `2024-10-16`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.gotasfluxx.online.saudemaisnoticias.shop/
Frame ID: 3463646845169C79A8DEA6A2DC6DDC1E
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Gotasflux

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Page Statistics

22
Requests

64 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

5
IPs

1
Countries

491 kB
Transfer

609 kB
Size

1
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://gotasfluxx.online/
Title: Gotasflux

Search URL Search Domain Scan URL

URL: https://gotasfluxx.online/fale-conosco/
Title: Fale conosco

Search URL Search Domain Scan URL

URL: https://gotasfluxx.online/politica-de-privacidade/
Title: Política de privacidade

Search URL Search Domain Scan URL

URL: https://gotasfluxx.online/politica-de-reembolso/
Title: Política de reembolso

Search URL Search Domain Scan URL

URL: https://gotasfluxx.online/vsl_fb_bm3/
Title: Refluxo e problemas estomacais FB-BM3

Search URL Search Domain Scan URL

URL: https://gotasfluxx.online/termos-de-uso/
Title: Termos de uso

Search URL Search Domain Scan URL

URL: https://gotasfluxx.online/2024/06/07/hello-world/
Title: Hello world!

Search URL Search Domain Scan URL

URL: https://gotasfluxx.online/author/admin/
Title: admin

Search URL Search Domain Scan URL

URL: https://gotasfluxx.online/category/uncategorized/
Title: Uncategorized

Search URL Search Domain Scan URL

URL: https://pt.wordpress.org/
Title: WordPress

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://www.gotasfluxx.online.saudemaisnoticias.shop/favicon.ico HTTP 302
https://gotasfluxx.online/wp-includes/images/w-logo-blue-white-bg.png

Request Chain 20

https://www.gotasfluxx.online.saudemaisnoticias.shop/favicon.ico HTTP 302
https://gotasfluxx.online/wp-includes/images/w-logo-blue-white-bg.png

22 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.gotasfluxx.online.saudemaisnoticias.shop/ 86 KB
22 KB 3154ms
2107ms Document
text/html 50.6.138.54
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gotasfluxx.online.saudemaisnoticias.shop/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.6.138.54 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 50-6-138-54.unifiedlayer.com
Software: Apache /
Resource Hash: 2b74092955fde92531fa8418a14c286952b7ae2a2e83b4639e514cc10c645b9a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 29 Jul 2024 20:36:43 GMT
link: <https://gotasfluxx.online/wp-json/>; rel="https://api.w.org/"
server: Apache
vary: Accept-Encoding

GET
H2 200 style.min.css
gotasfluxx.online/wp-includes/blocks/navigation/ 16 KB
3 KB 974ms
542ms Stylesheet
text/css 50.6.138.54
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://gotasfluxx.online/wp-includes/blocks/navigation/style.min.css?ver=6.6.1
Requested by: Host: www.gotasfluxx.online.saudemaisnoticias.shop
URL: https://www.gotasfluxx.online.saudemaisnoticias.shop/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.6.138.54 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 50-6-138-54.unifiedlayer.com
Software: Apache /
Resource Hash: 837b6cb608d918fcd1361fb556d54f0a80d0dd10172790698504b2054535589e

Request headers

Referer: https://www.gotasfluxx.online.saudemaisnoticias.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 20:36:45 GMT
content-encoding: gzip
last-modified: Tue, 23 Jul 2024 21:37:32 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 3248

GET
H2 200 style.min.css
gotasfluxx.online/wp-includes/blocks/image/ 6 KB
2 KB 973ms
541ms Stylesheet
text/css 50.6.138.54
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://gotasfluxx.online/wp-includes/blocks/image/style.min.css?ver=6.6.1
Requested by: Host: www.gotasfluxx.online.saudemaisnoticias.shop
URL: https://www.gotasfluxx.online.saudemaisnoticias.shop/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.6.138.54 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 50-6-138-54.unifiedlayer.com
Software: Apache /
Resource Hash: ca014bbaf92ea0fb073e5a3b47b27b327a270625c78a60cdc5d117e09678b25b

Request headers

Referer: https://www.gotasfluxx.online.saudemaisnoticias.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 20:36:45 GMT
content-encoding: gzip
last-modified: Tue, 16 Jul 2024 21:34:54 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 1694

GET
H2 200 script.js Show response
trackings.nemu.com.br/trackings/Gt-eD9x8mQ/ 52 KB
52 KB 829ms
141ms Script
application/javascript 52.7.233.50
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://trackings.nemu.com.br/trackings/Gt-eD9x8mQ/script.js

Requested by

Host: www.gotasfluxx.online.saudemaisnoticias.shop
URL: https://www.gotasfluxx.online.saudemaisnoticias.shop/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.7.233.50 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-7-233-50.compute-1.amazonaws.com

Software

Resource Hash

3f7da113b76fe231cd8b37f10e806b951cf63a7387c3ea162a85d60d73331414

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.gotasfluxx.online.saudemaisnoticias.shop/
Origin: https://www.gotasfluxx.online.saudemaisnoticias.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 20:36:46 GMT
content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
content-length: 52815
x-xss-protection: 0
referrer-policy: no-referrer
cross-origin-opener-policy: same-origin
etag: W/"ce4f-tMH89bnumjgD94ZTb/Doahf8N/I"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.gotasfluxx.online.saudemaisnoticias.shop
origin-agent-cluster: ?1

GET view.min.js
gotasfluxx.online/wp-includes/blocks/navigation/ 0
0

GET interactivity.min.js
gotasfluxx.online/wp-includes/js/dist/ 0
0

GET
H2 200 building-exterior.webp
gotasfluxx.online/wp-content/themes/twentytwentyfour/assets/images/ 195 KB
195 KB 575ms
143ms Image
image/webp 50.6.138.54
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gotasfluxx.online/wp-content/themes/twentytwentyfour/assets/images/building-exterior.webp
Requested by: Host: www.gotasfluxx.online.saudemaisnoticias.shop
URL: https://www.gotasfluxx.online.saudemaisnoticias.shop/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.6.138.54 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 50-6-138-54.unifiedlayer.com
Software: Apache /
Resource Hash: 7ab1e25df9f0e9825e577187a3c73ebda9c0a068d9b35d2a235b8e924b9c58e5

Request headers

Referer: https://www.gotasfluxx.online.saudemaisnoticias.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 20:36:45 GMT
last-modified: Thu, 05 Oct 2023 01:32:26 GMT
server: Apache
accept-ranges: bytes
content-length: 199724
content-type: image/webp

GET
H2 200 tourist-and-building.webp
gotasfluxx.online/wp-content/themes/twentytwentyfour/assets/images/ 65 KB
65 KB 972ms
541ms Image
image/webp 50.6.138.54
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gotasfluxx.online/wp-content/themes/twentytwentyfour/assets/images/tourist-and-building.webp
Requested by: Host: www.gotasfluxx.online.saudemaisnoticias.shop
URL: https://www.gotasfluxx.online.saudemaisnoticias.shop/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.6.138.54 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 50-6-138-54.unifiedlayer.com
Software: Apache /
Resource Hash: 0fc42e518e17733d6c766ceec3a2154896e332571f130fae27e4f20480e0980c

Request headers

Referer: https://www.gotasfluxx.online.saudemaisnoticias.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 20:36:45 GMT
last-modified: Thu, 05 Oct 2023 01:32:26 GMT
server: Apache
accept-ranges: bytes
content-length: 66482
content-type: image/webp

GET
H2 200 windows.webp
gotasfluxx.online/wp-content/themes/twentytwentyfour/assets/images/ 123 KB
123 KB 183ms
161ms Image
image/webp 50.6.138.54
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gotasfluxx.online/wp-content/themes/twentytwentyfour/assets/images/windows.webp
Requested by: Host: www.gotasfluxx.online.saudemaisnoticias.shop
URL: https://www.gotasfluxx.online.saudemaisnoticias.shop/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.6.138.54 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 50-6-138-54.unifiedlayer.com
Software: Apache /
Resource Hash: a8b72c3a34a4ac883406005c0fab343d64894c978b3dda1b6bb00eed01e9409e

Request headers

Referer: https://www.gotasfluxx.online.saudemaisnoticias.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 20:36:46 GMT
last-modified: Thu, 05 Oct 2023 01:32:26 GMT
server: Apache
accept-ranges: bytes
content-length: 126244
content-type: image/webp

GET
BLOB 200
OK 5e6976dd-b1e2-4a8d-9302-ccc8852f7921
https://www.gotasfluxx.online.saudemaisnoticias.shop/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.gotasfluxx.online.saudemaisnoticias.shop/5e6976dd-b1e2-4a8d-9302-ccc8852f7921
Requested by: Host: www.gotasfluxx.online.saudemaisnoticias.shop
URL: https://www.gotasfluxx.online.saudemaisnoticias.shop/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 1185
Content-Type: text/javascript

GET
H2 200 wp-emoji-release.min.js Show response
gotasfluxx.online/wp-includes/js/ 18 KB
5 KB 150ms
143ms Script
application/javascript 50.6.138.54
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://gotasfluxx.online/wp-includes/js/wp-emoji-release.min.js?ver=6.6.1
Requested by: Host: www.gotasfluxx.online.saudemaisnoticias.shop
URL: https://www.gotasfluxx.online.saudemaisnoticias.shop/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.6.138.54 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 50-6-138-54.unifiedlayer.com
Software: Apache /
Resource Hash: 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

Referer: https://www.gotasfluxx.online.saudemaisnoticias.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 20:36:46 GMT
content-encoding: gzip
last-modified: Tue, 13 Feb 2024 23:06:08 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 5365

GET Inter-VariableFont_slnt,wght.woff2
gotasfluxx.online/wp-content/themes/twentytwentyfour/assets/fonts/inter/ 0
0

GET cardo_normal_400.woff2
gotasfluxx.online/wp-content/themes/twentytwentyfour/assets/fonts/cardo/ 0
0

GET cardo_italic_400.woff2
gotasfluxx.online/wp-content/themes/twentytwentyfour/assets/fonts/cardo/ 0
0

GET
H2 200 v4 Show response
openfpcdn.io/fingerprintjs/ 37 KB
16 KB 218ms
49ms Script
text/javascript 18.239.83.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://openfpcdn.io/fingerprintjs/v4

Requested by

Host: trackings.nemu.com.br
URL: https://trackings.nemu.com.br/trackings/Gt-eD9x8mQ/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.83.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-83-16.ams58.r.cloudfront.net

Software

CloudFront /

Resource Hash

1b22d96fe5a097d36bd7f8ceca994b9e39dd2263f5efe9d072ecef98985756dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://trackings.nemu.com.br/
Origin: https://www.gotasfluxx.online.saudemaisnoticias.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 29 Jul 2024 18:24:20 GMT
via: 1.1 0d3372129d548b57c62777e24b79e514.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P5
age: 7947
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
server: CloudFront
etag: W/"80dfJ3mC14rzFzmWeb1DbkOOYfU"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=585533, s-maxage=10638
x-amz-cf-id: 6cyBVFp6CdM7pk-e-Z_E9meNXFKZDTmkJ0LISPSgDyfirTxgsgfTYA==

GET
H2

200

w-logo-blue-white-bg.png
gotasfluxx.online/wp-includes/images/
Redirect Chain

https://www.gotasfluxx.online.saudemaisnoticias.shop/favicon.ico
https://gotasfluxx.online/wp-includes/images/w-logo-blue-white-bg.png

4 KB
4 KB

179ms
179ms

Other
image/png

50.6.138.54
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://gotasfluxx.online/wp-includes/images/w-logo-blue-white-bg.png
Protocol: H2
Server: 50.6.138.54 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 50-6-138-54.unifiedlayer.com
Software: Apache /
Resource Hash: 6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0

Request headers

Referer: https://www.gotasfluxx.online.saudemaisnoticias.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 20:36:47 GMT
last-modified: Tue, 16 Nov 2021 08:34:02 GMT
server: Apache
accept-ranges: bytes
content-length: 4119
content-type: image/png

Redirect headers

location: https://gotasfluxx.online/wp-includes/images/w-logo-blue-white-bg.png
date: Mon, 29 Jul 2024 20:36:47 GMT
server: Apache
link: <https://gotasfluxx.online/wp-json/>; rel="https://api.w.org/"
x-redirect-by: WordPress
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2 200 / Show response
api.ipify.org/ 21 B
154 B 237ms
137ms Fetch
application/json 172.67.74.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=json
Requested by: Host: trackings.nemu.com.br
URL: https://trackings.nemu.com.br/trackings/Gt-eD9x8mQ/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ed1fe10395898f964ad99dcad3dd1227886e8962dd1b04a3a95ec3b08a8854d

Request headers

Referer: https://www.gotasfluxx.online.saudemaisnoticias.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 20:36:48 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: application/json
access-control-allow-origin: *
cf-ray: 8aafe7381acb3623-FRA
content-length: 21

GET
H2 404 sessions Show response
trackings.nemu.com.br/trackings/Gt-eD9x8mQ/ 40 B
721 B 154ms
149ms Fetch
application/json 52.7.233.50
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://trackings.nemu.com.br/trackings/Gt-eD9x8mQ/sessions?clientHash=0218f4d1ecb1674c4cf8e70710fdd41c

Requested by

Host: trackings.nemu.com.br
URL: https://trackings.nemu.com.br/trackings/Gt-eD9x8mQ/script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.7.233.50 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-7-233-50.compute-1.amazonaws.com

Software

Resource Hash

92c9a01e973dbbf5daa7288972b1eeed927cd221b710f76953f58242e86379f0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.gotasfluxx.online.saudemaisnoticias.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 29 Jul 2024 20:36:48 GMT
content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
content-length: 40
x-xss-protection: 0
referrer-policy: no-referrer
cross-origin-opener-policy: same-origin
etag: W/"28-XwTSRQDF9J3vEFoecz82N+sUV4c"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.gotasfluxx.online.saudemaisnoticias.shop
origin-agent-cluster: ?1

OPTIONS
H2 204 sessions
trackings.nemu.com.br/trackings/Gt-eD9x8mQ/ 0
0 136ms
136ms Preflight 52.7.233.50
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://trackings.nemu.com.br/trackings/Gt-eD9x8mQ/sessions?clientHash=0218f4d1ecb1674c4cf8e70710fdd41c

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.7.233.50 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-7-233-50.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.gotasfluxx.online.saudemaisnoticias.shop
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.gotasfluxx.online.saudemaisnoticias.shop
content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jul 2024 20:36:48 GMT
origin-agent-cluster: ?1
referrer-policy: no-referrer
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin, Access-Control-Request-Headers
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

POST
H2 201 sessions Show response
trackings.nemu.com.br/trackings/Gt-eD9x8mQ/ 2 KB
2 KB 258ms
255ms Fetch
application/json 52.7.233.50
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://trackings.nemu.com.br/trackings/Gt-eD9x8mQ/sessions

Requested by

Host: trackings.nemu.com.br
URL: https://trackings.nemu.com.br/trackings/Gt-eD9x8mQ/script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.7.233.50 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-7-233-50.compute-1.amazonaws.com

Software

Resource Hash

420f76fd02e21adebacaf7d0caf544151e6269ad7792466101a63fd9787836ba

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.gotasfluxx.online.saudemaisnoticias.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 29 Jul 2024 20:36:48 GMT
content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
content-length: 1570
x-xss-protection: 0
referrer-policy: no-referrer
cross-origin-opener-policy: same-origin
etag: W/"622-YSozQzrqw+yjqjG6FvlnJlaX29M"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.gotasfluxx.online.saudemaisnoticias.shop
origin-agent-cluster: ?1

OPTIONS
H2 204 sessions
trackings.nemu.com.br/trackings/Gt-eD9x8mQ/ 0
0 133ms
132ms Preflight 52.7.233.50
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://trackings.nemu.com.br/trackings/Gt-eD9x8mQ/sessions

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.7.233.50 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-7-233-50.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.gotasfluxx.online.saudemaisnoticias.shop
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.gotasfluxx.online.saudemaisnoticias.shop
content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jul 2024 20:36:48 GMT
origin-agent-cluster: ?1
referrer-policy: no-referrer
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin, Access-Control-Request-Headers
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

GET
H2

200

w-logo-blue-white-bg.png
gotasfluxx.online/wp-includes/images/
Redirect Chain

https://www.gotasfluxx.online.saudemaisnoticias.shop/favicon.ico
https://gotasfluxx.online/wp-includes/images/w-logo-blue-white-bg.png

4 KB
0

0ms
0ms

Other
image/png

50.6.138.54
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://gotasfluxx.online/wp-includes/images/w-logo-blue-white-bg.png
Protocol: H2
Server: 50.6.138.54 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 50-6-138-54.unifiedlayer.com
Software: Apache /
Resource Hash: 6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0

Request headers

Referer: https://www.gotasfluxx.online.saudemaisnoticias.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 20:36:47 GMT
last-modified: Tue, 16 Nov 2021 08:34:02 GMT
server: Apache
accept-ranges: bytes
content-length: 4119
content-type: image/png

Redirect headers

location: https://gotasfluxx.online/wp-includes/images/w-logo-blue-white-bg.png
date: Mon, 29 Jul 2024 20:36:48 GMT
server: Apache
link: <https://gotasfluxx.online/wp-json/>; rel="https://api.w.org/"
x-redirect-by: WordPress
content-length: 0
content-type: text/html; charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: gotasfluxx.online
URL: https://gotasfluxx.online/wp-includes/blocks/navigation/view.min.js?ver=6.6.1

Domain: gotasfluxx.online
URL: https://gotasfluxx.online/wp-includes/js/dist/interactivity.min.js?ver=6.6.1

Domain: gotasfluxx.online
URL: https://gotasfluxx.online/wp-content/themes/twentytwentyfour/assets/fonts/inter/Inter-VariableFont_slnt,wght.woff2

Domain: gotasfluxx.online
URL: https://gotasfluxx.online/wp-content/themes/twentytwentyfour/assets/fonts/cardo/cardo_normal_400.woff2

Domain: gotasfluxx.online
URL: https://gotasfluxx.online/wp-content/themes/twentytwentyfour/assets/fonts/cardo/cardo_italic_400.woff2

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.gotasfluxx.online.saudemaisnoticias.shop/	1969-12-31 23:59:59	Name: _nmu.Gt-eD9x8mQ Value: "3SiQw6WI29"

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://www.gotasfluxx.online.saudemaisnoticias.shop/ Message: Access to script at 'https://gotasfluxx.online/wp-includes/blocks/navigation/view.min.js?ver=6.6.1' from origin 'https://www.gotasfluxx.online.saudemaisnoticias.shop' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://gotasfluxx.online/wp-includes/blocks/navigation/view.min.js?ver=6.6.1 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.gotasfluxx.online.saudemaisnoticias.shop/ Message: Access to script at 'https://gotasfluxx.online/wp-includes/js/dist/interactivity.min.js?ver=6.6.1' from origin 'https://www.gotasfluxx.online.saudemaisnoticias.shop' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://gotasfluxx.online/wp-includes/js/dist/interactivity.min.js?ver=6.6.1 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.gotasfluxx.online.saudemaisnoticias.shop/ Message: Access to font at 'https://gotasfluxx.online/wp-content/themes/twentytwentyfour/assets/fonts/inter/Inter-VariableFont_slnt,wght.woff2' from origin 'https://www.gotasfluxx.online.saudemaisnoticias.shop' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://gotasfluxx.online/wp-content/themes/twentytwentyfour/assets/fonts/inter/Inter-VariableFont_slnt,wght.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.gotasfluxx.online.saudemaisnoticias.shop/ Message: Access to font at 'https://gotasfluxx.online/wp-content/themes/twentytwentyfour/assets/fonts/cardo/cardo_normal_400.woff2' from origin 'https://www.gotasfluxx.online.saudemaisnoticias.shop' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://gotasfluxx.online/wp-content/themes/twentytwentyfour/assets/fonts/cardo/cardo_normal_400.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.gotasfluxx.online.saudemaisnoticias.shop/ Message: Access to font at 'https://gotasfluxx.online/wp-content/themes/twentytwentyfour/assets/fonts/cardo/cardo_italic_400.woff2' from origin 'https://www.gotasfluxx.online.saudemaisnoticias.shop' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://gotasfluxx.online/wp-content/themes/twentytwentyfour/assets/fonts/cardo/cardo_italic_400.woff2 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://trackings.nemu.com.br/trackings/Gt-eD9x8mQ/sessions?clientHash=0218f4d1ecb1674c4cf8e70710fdd41c Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.ipify.org
gotasfluxx.online
openfpcdn.io
trackings.nemu.com.br
www.gotasfluxx.online.saudemaisnoticias.shop
gotasfluxx.online
172.67.74.152
18.239.83.16
50.6.138.54
52.7.233.50
0fc42e518e17733d6c766ceec3a2154896e332571f130fae27e4f20480e0980c
1b22d96fe5a097d36bd7f8ceca994b9e39dd2263f5efe9d072ecef98985756dc
2b74092955fde92531fa8418a14c286952b7ae2a2e83b4639e514cc10c645b9a
3f7da113b76fe231cd8b37f10e806b951cf63a7387c3ea162a85d60d73331414
420f76fd02e21adebacaf7d0caf544151e6269ad7792466101a63fd9787836ba
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
4ed1fe10395898f964ad99dcad3dd1227886e8962dd1b04a3a95ec3b08a8854d
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
7ab1e25df9f0e9825e577187a3c73ebda9c0a068d9b35d2a235b8e924b9c58e5
837b6cb608d918fcd1361fb556d54f0a80d0dd10172790698504b2054535589e
92c9a01e973dbbf5daa7288972b1eeed927cd221b710f76953f58242e86379f0
a8b72c3a34a4ac883406005c0fab343d64894c978b3dda1b6bb00eed01e9409e
ca014bbaf92ea0fb073e5a3b47b27b327a270625c78a60cdc5d117e09678b25b

www.gotasfluxx.online.saudemaisnoticias.shop Open in urlscan Pro 50.6.138.54 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

22 Requests

64 %HTTPS

0 %IPv6

5 Domains

5 Subdomains

5 IPs

1 Countries

491 kBTransfer

609 kBSize

1 Cookies

10 Outgoing links

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Failed requests

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

1 Cookies

11 Console Messages

Indicators

www.gotasfluxx.online.saudemaisnoticias.shop Open in urlscan Pro
50.6.138.54 Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

64 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

5
IPs

1
Countries

491 kB
Transfer

609 kB
Size

1
Cookies

22 HTTP transactions
0 data transactions