phishing.datasecurity.com.br Open in urlscan Pro
54.218.27.128 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://phishing.datasecurity.com.br/
Submission: On March 05 via automatic, source certstream-suspicious (March 5th 2020, 3:45:51 pm UTC)

Summary HTTP 48 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 10 domains to perform 48 HTTP transactions. The main IP is 54.218.27.128, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is phishing.datasecurity.com.br.
TLS certificate: Issued by Let's Encrypt Authority X3 on March 5th 2020. Valid for: 3 months.

This is the only time phishing.datasecurity.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	54.218.27.128 54.218.27.128	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:816::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:4004	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:81a::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
1	52.218.80.4 52.218.80.4	16509 (AMAZON-02) (AMAZON-02)
1	54.88.54.184 54.88.54.184	14618 (AMAZON-AES) (AMAZON-AES)
1 1	13.225.87.108 13.225.87.108	16509 (AMAZON-02) (AMAZON-02)
17	13.225.87.51 13.225.87.51	16509 (AMAZON-02) (AMAZON-02)
2	99.83.219.81 99.83.219.81	16509 (AMAZON-02) (AMAZON-02)
4	13.225.87.47 13.225.87.47	16509 (AMAZON-02) (AMAZON-02)
48	10

16 54.218.27.128 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-218-27-128.us-west-2.compute.amazonaws.com

phishing.datasecurity.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:816::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:4004 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.80.4 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.88.54.184 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-54-184.compute-1.amazonaws.com

datasecurity.typeform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.87.108 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-108.fra2.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 13.225.87.51 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-51.fra2.r.cloudfront.net

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.83.219.81 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: ad8b87a22ce463223.awsglobalaccelerator.com

api-iam.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.225.87.47 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-47.fra2.r.cloudfront.net

static.intercomassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	intercomcdn.com js.intercomcdn.com	1 MB
16	datasecurity.com.br phishing.datasecurity.com.br	298 KB
4	intercomassets.com static.intercomassets.com	45 KB
3	intercom.io 1 redirects widget.intercom.io api-iam.intercom.io	5 KB
2	gstatic.com fonts.gstatic.com	27 KB
2	google-analytics.com www.google-analytics.com	18 KB
2	googleapis.com fonts.googleapis.com	1 KB
1	typeform.com datasecurity.typeform.com
1	amazonaws.com s3-eu-west-1.amazonaws.com	138 KB
1	cloudflare.com cdnjs.cloudflare.com	2 KB
48	10

	Domain	Requested by
17	js.intercomcdn.com	js.intercomcdn.com
16	phishing.datasecurity.com.br	phishing.datasecurity.com.br
4	static.intercomassets.com
2	api-iam.intercom.io	js.intercomcdn.com
2	fonts.gstatic.com	phishing.datasecurity.com.br
2	www.google-analytics.com	phishing.datasecurity.com.br
2	fonts.googleapis.com	phishing.datasecurity.com.br
1	widget.intercom.io	1 redirects
1	datasecurity.typeform.com	s3-eu-west-1.amazonaws.com
1	s3-eu-west-1.amazonaws.com	phishing.datasecurity.com.br
1	cdnjs.cloudflare.com	phishing.datasecurity.com.br
48	11

This site contains links to these domains. Also see Links.

Domain
cloudphishing.datasecurity.com.br
www.facebook.com
twitter.com
www.linkedin.com
www.datasecurity.com.br

Subject Issuer	Validity	Valid
phishing.datasecurity.com.br Let's Encrypt Authority X3	`2020-03-05` - `2020-06-03`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-12-05` - `2020-06-12`	6 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.s3-eu-west-1.amazonaws.com DigiCert Baltimore CA-2 G2	`2019-11-09` - `2020-12-10`	a year	crt.sh
*.typeform.com Amazon	`2019-12-24` - `2021-01-24`	a year	crt.sh
*.intercomcdn.com Amazon	`2019-04-27` - `2020-05-27`	a year	crt.sh
*.intercom.com Amazon	`2019-06-11` - `2020-07-11`	a year	crt.sh
intercomassets.com Amazon	`2019-09-13` - `2020-10-13`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://phishing.datasecurity.com.br/
Frame ID: 17BB052CDA8A3BD1FB9EBB90CF0FBB83
Requests: 25 HTTP requests in this frame

Frame: https://datasecurity.typeform.com/to/e2EdAu?typeform-embed=embed-widget&typeform-embed-id=qc7ly
Frame ID: 03333DB75FF01BE622B5F05EC961EC86
Requests: 1 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.f49b22fd.js
Frame ID: 3389469F7904C681E52AE5B1470A7A91
Requests: 13 HTTP requests in this frame

Frame: https://js.intercomcdn.com/fonts/proximanova-regular.a7942249.woff
Frame ID: 015928B135D1B7148CABF8BDB157EBF9
Requests: 1 HTTP requests in this frame

Frame: https://js.intercomcdn.com/images/dismiss.249568e7.png
Frame ID: 62573D28B4AE328337E9027B9D536C67
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

OpenSSL (Web Server Extensions) Expand

Overall confidence: 100%
Detected patterns

headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link [^>]+(?:\/([\d.]+)\/)?animate\.(?:min\.)?css/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

html /<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

html /<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css/i

Page Statistics

48
Requests

100 %
HTTPS

36 %
IPv6

10
Domains

11
Subdomains

10
IPs

3
Countries

1576 kB
Transfer

2819 kB
Size

0
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://cloudphishing.datasecurity.com.br:3333/login
Title: Login

Search URL Search Domain Scan URL

URL: https://www.facebook.com/data.secur.face/?fref=nf

Search URL Search Domain Scan URL

URL: https://twitter.com/datasecurity1

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/data-security

Search URL Search Domain Scan URL

URL: http://www.datasecurity.com.br/
Title: Clique aqui

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24

https://widget.intercom.io/widget/p38729y4 HTTP 302
https://js.intercomcdn.com/shim.latest.js

48 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
phishing.datasecurity.com.br/ 12 KB
4 KB 725ms
188ms Document
text/html 54.218.27.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://phishing.datasecurity.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.218.27.128 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-218-27-128.us-west-2.compute.amazonaws.com

Software

Apache/2.4.41 (Ubuntu) OpenSSL/1.1.1c /

Resource Hash

1d1baed4eb1768eaa420fa0fd92eee08ba01e14aaa99fdf520f5fb5ab8d6ea62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Host: phishing.datasecurity.com.br
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

Date: Thu, 05 Mar 2020 15:45:30 GMT
Server: Apache/2.4.41 (Ubuntu) OpenSSL/1.1.1c
X-Xss-Protection: 1; mode=block
Last-Modified: Fri, 24 Jan 2020 19:35:57 GMT
ETag: "31c8-59ce7dde295d7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: deny
Content-Length: 3860
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK bootstrap.min.css
phishing.datasecurity.com.br/vendor/bootstrap/css/ 118 KB
20 KB 193ms
192ms Stylesheet
text/css 54.218.27.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://phishing.datasecurity.com.br/vendor/bootstrap/css/bootstrap.min.css

Requested by

Host: phishing.datasecurity.com.br
URL: https://phishing.datasecurity.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.218.27.128 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-218-27-128.us-west-2.compute.amazonaws.com

Software

Apache/2.4.41 (Ubuntu) OpenSSL/1.1.1c /

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://phishing.datasecurity.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Thu, 05 Mar 2020 15:45:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 10 Sep 2018 21:01:59 GMT
Server: Apache/2.4.41 (Ubuntu) OpenSSL/1.1.1c
ETag: "1d970-5758aab138e61-gzip"
X-Frame-Options: deny
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 19744
X-Xss-Protection: 1; mode=block
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK freelancer.min.css
phishing.datasecurity.com.br/css/ 8 KB
3 KB 545ms
182ms Stylesheet
text/css 54.218.27.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://phishing.datasecurity.com.br/css/freelancer.min.css

Requested by

Host: phishing.datasecurity.com.br
URL: https://phishing.datasecurity.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.218.27.128 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-218-27-128.us-west-2.compute.amazonaws.com

Software

Apache/2.4.41 (Ubuntu) OpenSSL/1.1.1c /

Resource Hash

9d490571217101789a4fa392b73c35c645cac959a377c188b0ff85a1a4c91ba1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://phishing.datasecurity.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Thu, 05 Mar 2020 15:45:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 10 Sep 2018 21:01:59 GMT
Server: Apache/2.4.41 (Ubuntu) OpenSSL/1.1.1c
ETag: "21e1-5758aab1330a1-gzip"
X-Frame-Options: deny
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 2170
X-Xss-Protection: 1; mode=block
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK font-awesome.min.css
phishing.datasecurity.com.br/vendor/font-awesome/css/ 28 KB
7 KB 554ms
187ms Stylesheet
text/css 54.218.27.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://phishing.datasecurity.com.br/vendor/font-awesome/css/font-awesome.min.css

Requested by

Host: phishing.datasecurity.com.br
URL: https://phishing.datasecurity.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.218.27.128 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-218-27-128.us-west-2.compute.amazonaws.com

Software

Apache/2.4.41 (Ubuntu) OpenSSL/1.1.1c /

Resource Hash

008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://phishing.datasecurity.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Thu, 05 Mar 2020 15:45:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 10 Sep 2018 21:01:59 GMT
Server: Apache/2.4.41 (Ubuntu) OpenSSL/1.1.1c
ETag: "7187-5758aab139e01-gzip"
X-Frame-Options: deny
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 6666
X-Xss-Protection: 1; mode=block
Keep-Alive: timeout=5, max=98

GET
H2 200 css
fonts.googleapis.com/ 4 KB
690 B 18ms
16ms Stylesheet
text/css 2a00:1450:4001:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700

Requested by

Host: phishing.datasecurity.com.br
URL: https://phishing.datasecurity.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

00838395cd8b377d7164786319e394a09e9002e048ecb8651c1d7ba94b2d65a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://phishing.datasecurity.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 15:45:30 GMT
server: ESF
date: Thu, 05 Mar 2020 15:45:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 Mar 2020 15:45:30 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
596 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic

Requested by

Host: phishing.datasecurity.com.br
URL: https://phishing.datasecurity.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

90bedfa7bbd2bb58b7f47611a77feaf852c117ed7e344885cdb34f7df940658f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://phishing.datasecurity.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 15:45:30 GMT
server: ESF
date: Thu, 05 Mar 2020 15:45:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 Mar 2020 15:45:30 GMT

GET
H/1.1 200
OK animate.css
phishing.datasecurity.com.br/css/ 67 KB
5 KB 552ms
184ms Stylesheet
text/css 54.218.27.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://phishing.datasecurity.com.br/css/animate.css

Requested by

Host: phishing.datasecurity.com.br
URL: https://phishing.datasecurity.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.218.27.128 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-218-27-128.us-west-2.compute.amazonaws.com

Software

Apache/2.4.41 (Ubuntu) OpenSSL/1.1.1c /

Resource Hash

1536c9f5bb93729598dfbf692c112bf3a0ba8c210dcf985f93b4f86b34cbf366

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://phishing.datasecurity.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Thu, 05 Mar 2020 15:45:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 10 Sep 2018 21:01:59 GMT
Server: Apache/2.4.41 (Ubuntu) OpenSSL/1.1.1c
ETag: "10ca6-5758aab1330a1-gzip"
X-Frame-Options: deny
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 4395
X-Xss-Protection: 1; mode=block
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK owl.carousel.css
phishing.datasecurity.com.br/css/ 6 KB
2 KB 568ms
189ms Stylesheet
text/css 54.218.27.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://phishing.datasecurity.com.br/css/owl.carousel.css

Requested by

Host: phishing.datasecurity.com.br
URL: https://phishing.datasecurity.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.218.27.128 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-218-27-128.us-west-2.compute.amazonaws.com

Software

Apache/2.4.41 (Ubuntu) OpenSSL/1.1.1c /

Resource Hash

4658bdf3a5ffa33e3a4d643e0465484b0e2137890f0678d5a7f351e398ddf830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://phishing.datasecurity.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Thu, 05 Mar 2020 15:45:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 10 Sep 2018 21:01:59 GMT
Server: Apache/2.4.41 (Ubuntu) OpenSSL/1.1.1c
ETag: "1721-5758aab1330a1-gzip"
X-Frame-Options: deny
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 1119
X-Xss-Protection: 1; mode=block
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK jquery.fancybox.css
phishing.datasecurity.com.br/css/ 5 KB
2 KB 568ms
189ms Stylesheet
text/css 54.218.27.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://phishing.datasecurity.com.br/css/jquery.fancybox.css

Requested by

Host: phishing.datasecurity.com.br
URL: https://phishing.datasecurity.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.218.27.128 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-218-27-128.us-west-2.compute.amazonaws.com

Software

Apache/2.4.41 (Ubuntu) OpenSSL/1.1.1c /

Resource Hash

968a8e56e4adaf8c135199ebd7f6cc065424ca45974d4dfbeb5607e69fe72fcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://phishing.datasecurity.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Thu, 05 Mar 2020 15:45:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 10 Sep 2018 21:01:59 GMT
Server: Apache/2.4.41 (Ubuntu) OpenSSL/1.1.1c
ETag: "131f-5758aab1330a1-gzip"
X-Frame-Options: deny
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 1423
X-Xss-Protection: 1; mode=block
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK CloudPhishingLogo.png
phishing.datasecurity.com.br/ 3 KB
3 KB 201ms
189ms Image
image/png 54.218.27.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://phishing.datasecurity.com.br/CloudPhishingLogo.png

Requested by

Host: phishing.datasecurity.com.br
URL: https://phishing.datasecurity.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.218.27.128 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-218-27-128.us-west-2.compute.amazonaws.com

Software

Apache/2.4.41 (Ubuntu) OpenSSL/1.1.1c /

Resource Hash

fefa56cf8b8ff25d9d0a563e3b2cc2565c1495a3e299c6b71c6ac7f34f29a714

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://phishing.datasecurity.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 05 Mar 2020 15:45:31 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 10 Sep 2018 21:01:59 GMT
Server: Apache/2.4.41 (Ubuntu) OpenSSL/1.1.1c
ETag: "aac-5758aab132101"
X-Frame-Options: deny
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2732
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK logo.png
phishing.datasecurity.com.br/ 15 KB
15 KB 181ms
181ms Image
image/png 54.218.27.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://phishing.datasecurity.com.br/logo.png

Requested by

Host: phishing.datasecurity.com.br
URL: https://phishing.datasecurity.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.218.27.128 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-218-27-128.us-west-2.compute.amazonaws.com

Software

Apache/2.4.41 (Ubuntu) OpenSSL/1.1.1c /

Resource Hash

6a51c67c70686a200c21ea4c60c09fd834ce7588bed9bc0ed36a9adcf6d20fea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://phishing.datasecurity.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 05 Mar 2020 15:45:31 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 10 Sep 2018 21:01:59 GMT
Server: Apache/2.4.41 (Ubuntu) OpenSSL/1.1.1c
ETag: "3b89-5758aab1330a1"
X-Frame-Options: deny
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 15241
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK Processo.png
phishing.datasecurity.com.br/ 115 KB
115 KB 187ms
187ms Image
image/png 54.218.27.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://phishing.datasecurity.com.br/Processo.png

Requested by

Host: phishing.datasecurity.com.br
URL: https://phishing.datasecurity.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.218.27.128 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-218-27-128.us-west-2.compute.amazonaws.com

Software

Apache/2.4.41 (Ubuntu) OpenSSL/1.1.1c /

Resource Hash

73cbfd9c91f00599083cf27cbb87cbedccbb3f1900ae483da613534b2ad9644d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://phishing.datasecurity.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 05 Mar 2020 15:45:31 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 10 Sep 2018 21:01:59 GMT
Server: Apache/2.4.41 (Ubuntu) OpenSSL/1.1.1c
ETag: "1ca41-5758aab1330a1"
X-Frame-Options: deny
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 117313
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK jquery.min.js Show response
phishing.datasecurity.com.br/vendor/jquery/ 95 KB
33 KB 198ms
198ms Script
application/javascript 54.218.27.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://phishing.datasecurity.com.br/vendor/jquery/jquery.min.js

Requested by

Host: phishing.datasecurity.com.br
URL: https://phishing.datasecurity.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.218.27.128 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-218-27-128.us-west-2.compute.amazonaws.com

Software

Apache/2.4.41 (Ubuntu) OpenSSL/1.1.1c /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://phishing.datasecurity.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 05 Mar 2020 15:45:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 10 Sep 2018 21:01:59 GMT
Server: Apache/2.4.41 (Ubuntu) OpenSSL/1.1.1c
ETag: "17b8b-5758aab138e61-gzip"
X-Frame-Options: deny
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 33760
X-Xss-Protection: 1; mode=block
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK bootstrap.min.js Show response
phishing.datasecurity.com.br/vendor/bootstrap/js/ 36 KB
10 KB 194ms
194ms Script
application/javascript 54.218.27.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://phishing.datasecurity.com.br/vendor/bootstrap/js/bootstrap.min.js

Requested by

Host: phishing.datasecurity.com.br
URL: https://phishing.datasecurity.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.218.27.128 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-218-27-128.us-west-2.compute.amazonaws.com

Software

Apache/2.4.41 (Ubuntu) OpenSSL/1.1.1c /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://phishing.datasecurity.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 05 Mar 2020 15:45:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 10 Sep 2018 21:01:59 GMT
Server: Apache/2.4.41 (Ubuntu) OpenSSL/1.1.1c
ETag: "90b5-5758aab139e01-gzip"
X-Frame-Options: deny
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 9833
X-Xss-Protection: 1; mode=block
Keep-Alive: timeout=5, max=99

GET
H2 200 jquery.easing.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-easing/1.3/ 5 KB
2 KB 17ms
16ms Script
application/javascript 2606:4700::6811:4004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-easing/1.3/jquery.easing.min.js

Requested by

Host: phishing.datasecurity.com.br
URL: https://phishing.datasecurity.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac3f3a757bfbfc9d92bc8f5e6e6362e5d4ae41dbf3cebacdda9b8f71afc82e5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://phishing.datasecurity.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 05 Mar 2020 15:45:31 GMT
content-encoding: br
cf-cache-status: HIT
age: 11089058
cf-ray: 56f4f6eaec6596fe-FRA
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified: Thu, 17 May 2018 09:20:12 GMT
server: cloudflare
etag: W/"5afd494c-15b3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Tue, 23 Feb 2021 15:45:31 GMT
cache-control: public, max-age=30672000
timing-allow-origin: *
served-in-seconds: 0.001

GET
H/1.1 200
OK jqBootstrapValidation.js Show response
phishing.datasecurity.com.br/js/ 35 KB
7 KB 193ms
192ms Script
application/javascript 54.218.27.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://phishing.datasecurity.com.br/js/jqBootstrapValidation.js

Requested by

Host: phishing.datasecurity.com.br
URL: https://phishing.datasecurity.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.218.27.128 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-218-27-128.us-west-2.compute.amazonaws.com

Software

Apache/2.4.41 (Ubuntu) OpenSSL/1.1.1c /

Resource Hash

7259276218ed08d64420b19a266c7f89229a6667d8007d4dcc8dcf52a2de594b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://phishing.datasecurity.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 05 Mar 2020 15:45:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 10 Sep 2018 21:01:59 GMT
Server: Apache/2.4.41 (Ubuntu) OpenSSL/1.1.1c
ETag: "8d54-5758aab1330a1-gzip"
X-Frame-Options: deny
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 6782
X-Xss-Protection: 1; mode=block
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK contact_me.js Show response
phishing.datasecurity.com.br/js/ 3 KB
1 KB 187ms
186ms Script
application/javascript 54.218.27.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://phishing.datasecurity.com.br/js/contact_me.js

Requested by

Host: phishing.datasecurity.com.br
URL: https://phishing.datasecurity.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.218.27.128 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-218-27-128.us-west-2.compute.amazonaws.com

Software

Apache/2.4.41 (Ubuntu) OpenSSL/1.1.1c /

Resource Hash

fc2553830937696270d78b73412983e35aa47ad946e6374c411cc641d9dd6164

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://phishing.datasecurity.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 05 Mar 2020 15:45:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 10 Sep 2018 21:01:59 GMT
Server: Apache/2.4.41 (Ubuntu) OpenSSL/1.1.1c
ETag: "bf0-5758aab1330a1-gzip"
X-Frame-Options: deny
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 958
X-Xss-Protection: 1; mode=block
Keep-Alive: timeout=5, max=97

GET
H/1.1 200
OK freelancer.min.js Show response
phishing.datasecurity.com.br/js/ 1 KB
996 B 185ms
184ms Script
application/javascript 54.218.27.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://phishing.datasecurity.com.br/js/freelancer.min.js

Requested by

Host: phishing.datasecurity.com.br
URL: https://phishing.datasecurity.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.218.27.128 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-218-27-128.us-west-2.compute.amazonaws.com

Software

Apache/2.4.41 (Ubuntu) OpenSSL/1.1.1c /

Resource Hash

2cf0358c48063bad00e0054e90ac116cbc375e9b0218eb62873f438302bf22bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://phishing.datasecurity.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 05 Mar 2020 15:45:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 10 Sep 2018 21:01:59 GMT
Server: Apache/2.4.41 (Ubuntu) OpenSSL/1.1.1c
ETag: "40e-5758aab1330a1-gzip"
X-Frame-Options: deny
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 543
X-Xss-Protection: 1; mode=block
Keep-Alive: timeout=5, max=99

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: phishing.datasecurity.com.br
URL: https://phishing.datasecurity.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://phishing.datasecurity.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 6801
date: Thu, 05 Mar 2020 13:52:10 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18174
expires: Thu, 05 Mar 2020 15:52:10 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
13 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2

Requested by

Host: phishing.datasecurity.com.br
URL: https://phishing.datasecurity.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Montserrat:400,700
Origin: https://phishing.datasecurity.com.br
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 19 Feb 2020 10:32:51 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:47:06 GMT
server: sffe
age: 1314760
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13612
x-xss-protection: 0
expires: Thu, 18 Feb 2021 10:32:51 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
phishing.datasecurity.com.br/vendor/font-awesome/fonts/ 70 KB
71 KB 364ms
184ms Font
text/plain 54.218.27.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://phishing.datasecurity.com.br/vendor/font-awesome/fonts/fontawesome-webfont.woff2?v=4.6.3

Requested by

Host: phishing.datasecurity.com.br
URL: https://phishing.datasecurity.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.218.27.128 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-218-27-128.us-west-2.compute.amazonaws.com

Software

Apache/2.4.41 (Ubuntu) OpenSSL/1.1.1c /

Resource Hash

7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://phishing.datasecurity.com.br/vendor/font-awesome/css/font-awesome.min.css
Origin: https://phishing.datasecurity.com.br
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 05 Mar 2020 15:45:31 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 10 Sep 2018 21:01:59 GMT
Server: Apache/2.4.41 (Ubuntu) OpenSSL/1.1.1c
ETag: "118d8-5758aab139e01"
X-Frame-Options: deny
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 71896
X-Xss-Protection: 1; mode=block

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ 14 KB
14 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: phishing.datasecurity.com.br
URL: https://phishing.datasecurity.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic
Origin: https://phishing.datasecurity.com.br
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 05 Mar 2020 00:02:28 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:55 GMT
server: sffe
age: 56583
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 14044
x-xss-protection: 0
expires: Fri, 05 Mar 2021 00:02:28 GMT

GET
H/1.1 200
OK widget.js Show response
s3-eu-west-1.amazonaws.com/share.typeform.com/ 138 KB
138 KB 159ms
47ms Script
application/x-javascript 52.218.80.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-eu-west-1.amazonaws.com/share.typeform.com/widget.js
Requested by: Host: phishing.datasecurity.com.br
URL: https://phishing.datasecurity.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.80.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: e82af4bd0d4dcd3f9715b26354c2039839687cb3f6273fb8725b04794a65746a

Request headers

Referer: https://phishing.datasecurity.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 05 Mar 2020 15:45:32 GMT
Last-Modified: Tue, 25 Feb 2020 15:51:56 GMT
Server: AmazonS3
x-amz-request-id: 78AC0BE2D6C1702B
ETag: "8defbb986f8b26b7638bd35ebff83d94"
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 141224
x-amz-id-2: 7ZndmOh/uT4HaTgUFLYI7N9R4HFC4Xu6D9VNglZytoRhu8KJ2IvcR0mGaU0Ramrs81dVqUBiDwg=

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
152 B 14ms
14ms Image
image/gif 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1671323542&t=pageview&_s=1&dl=https%3A%2F%2Fphishing.datasecurity.com.br%2F&ul=en-us&de=UTF-8&dt=CloudPhishing%20Data%20Security&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=204280913&gjid=1559085414&cid=1640135907.1583423131&tid=UA-100503688-1&_gid=1227771572.1583423131&_r=1&z=1453125117

Requested by

Host: phishing.datasecurity.com.br
URL: https://phishing.datasecurity.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://phishing.datasecurity.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 05 Mar 2020 15:45:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 e2EdAu
datasecurity.typeform.com/to/ Frame 0333 0
0 588ms
364ms Document
text/html 54.88.54.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://datasecurity.typeform.com/to/e2EdAu?typeform-embed=embed-widget&typeform-embed-id=qc7ly

Requested by

Host: s3-eu-west-1.amazonaws.com
URL: https://s3-eu-west-1.amazonaws.com/share.typeform.com/widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.88.54.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-88-54-184.compute-1.amazonaws.com

Software

istio-envoy / 1.340.0-2.84.1

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

:method: GET
:authority: datasecurity.typeform.com
:scheme: https
:path: /to/e2EdAu?typeform-embed=embed-widget&typeform-embed-id=qc7ly
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://phishing.datasecurity.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://phishing.datasecurity.com.br/

Response headers

status: 200
date: Thu, 05 Mar 2020 15:45:32 GMT
content-type: text/html; charset=utf-8
accept-ranges: bytes
age: 0
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy-report-only: report-uri https://endpoint2.collection.us2.sumologic.com/receiver/v1/http/ZaVnC4dhaV13syWPqbJn9XwMGe4caaop-n9urcHvJLaMJIs-ysikqC26ja3rzeMNHUqlhJ6Jj32snr_AmKUAt2hrNPOgIYRfr_GPi-UndDkRUPtIQ-yZfA== ; block-all-mixed-content ; default-src https: 'report-sample' 'strict-dynamic' 'nonce-cc7479fe352174ba786de4229212cc76' 'sha256-/QQJRnVWYRnPwltDan/axtTHZOH7qBrBuWdpwE2MyS0=' 'sha256-EDFjOL5ho+Ni9a9UiBRBXu0E7+Kws1ZvZEXsbNa2qkA=' 'sha256-cyef5YBIadWdDnvOuPBA1wetTQttbR/pBrSYB7djp0E=' 'sha256-yVSu9LmeE+X34/uWP41s6EAjtz/QAUn6vFMQIFTRTkQ=' 'sha256-yabaDBDvaz41/BFsggizLBHdboL59iPv0RfRTJuz5y4=' 'sha256-unoMtbjSzNEcnsh46Kllof1VSqwlItojUjVMRl4wxp0=' 'sha256-+ONSfIo0qbF4NFsxWsign83KMOkOnZ+YE3sLi8hivOU=' ; script-src 'report-sample' 'nonce-cc7479fe352174ba786de4229212cc76' 'sha256-/QQJRnVWYRnPwltDan/axtTHZOH7qBrBuWdpwE2MyS0=' 'sha256-EDFjOL5ho+Ni9a9UiBRBXu0E7+Kws1ZvZEXsbNa2qkA=' 'sha256-cyef5YBIadWdDnvOuPBA1wetTQttbR/pBrSYB7djp0E=' 'sha256-yVSu9LmeE+X34/uWP41s6EAjtz/QAUn6vFMQIFTRTkQ=' 'strict-dynamic' https://renderer-assets.typeform.com https://www.googletagmanager.com https://www.google-analytics.com https://js.hs-scripts.com https://*.segment.com https://*.facebook.com https://*.googleadservices.com https://*.analytics.net https://*.doubleclick.net 'unsafe-inline' ; style-src 'report-sample' https://fonts.googleapis.com 'unsafe-inline' ; font-src 'report-sample' https://fonts.googleapis.com https://fonts.gstatic.com data: ; connect-src https://app.launchdarkly.com https://api.segment.io https://events.launchdarkly.com https://www.google-analytics.com https://*.typeform.com https://bam.nr-data.net https://www.facebook.com https://stats.g.doubleclick.net https://*.vimeo.com ; img-src 'report-sample' 'self' https://*.typeform.com https://*.facebook.com https://*.google-analytics.com https://*.googletagmanager.com https://*.google.com https://*.doubleclick.net https://*.pinterest.com https://*.mailchimp.com https://*.linkedin.com https://*.bing.com https://*.gstatic.com ;
pragma: no-cache
server: istio-envoy
vary: Accept-Encoding
x-cache: MISS
x-cache-lookup: HIT
x-envoy-upstream-service-time: 253
x-powered-by: 1.340.0-2.84.1
x-varnish: 6479053
access-control-allow-methods: GET, OPTIONS, POST, PUT, PATCH, DELETE
access-control-allow-headers: X-Typeform-Key, Content-Type, Authorization, Typeform-Version
access-control-expose-headers: Location, X-Request-Id
strict-transport-security: max-age=63072000; includeSubDomains
x-newp: Yes

GET
H2

200

shim.latest.js Show response
js.intercomcdn.com/
Redirect Chain

https://widget.intercom.io/widget/p38729y4
https://js.intercomcdn.com/shim.latest.js

7 KB
3 KB

66ms
23ms

Script
application/javascript

13.225.87.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/shim.latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.87.51 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-51.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3d4f24716ec937fbe826b083b87962e4f87f6769427ad137d67ef0901a3f385a

Request headers

Referer: https://phishing.datasecurity.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 05 Mar 2020 15:44:45 GMT
content-encoding: gzip
age: 53
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 2830
last-modified: Wed, 04 Mar 2020 16:33:03 GMT
server: AmazonS3
etag: "70c0d92427f6c9aad453e59e846346a2"
content-type: application/javascript; charset=UTF-8
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
cache-control: max-age=300, s-maxage=300, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: T9xPeozZ1jIcukQ8Q5migDsucwJI75tLKb82Lsh_TyXVIqPPFLj7MA==

Redirect headers

date: Tue, 18 Feb 2020 03:23:29 GMT
via: 1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
server: AmazonS3
age: 1426923
location: https://js.intercomcdn.com/shim.latest.js
x-cache: Hit from cloudfront
status: 302
x-amz-cf-pop: FRA2-C2
content-length: 0
x-amz-cf-id: jqAHBY8UxrNuWBxR4KMh4N0L7WA6Nw-HpEhGkmrNBoPtnnw9tBMfNA==

GET
H2 200 frame-modern.f49b22fd.js Show response
js.intercomcdn.com/ Frame 3389 196 KB
55 KB 23ms
23ms Script
application/javascript 13.225.87.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/frame-modern.f49b22fd.js
Requested by: Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/shim.latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.87.51 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-51.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ab1f02fccfcbea65cedc16519c6fe72501f9c24d9400db433d30408a4aec9a43

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 05 Mar 2020 14:55:53 GMT
content-encoding: gzip
age: 2991
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 55619
last-modified: Wed, 04 Mar 2020 16:23:41 GMT
server: AmazonS3
etag: "f6296016a6d91d387ac7275b8935a878"
content-type: application/javascript; charset=UTF-8
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: obM8vy-ily4ELB8mvLQ372B0T0YgLbwvMqD8Zmi2kDqizSPoCFoBiQ==

GET
H2 200 vendor-modern.b44097f3.js Show response
js.intercomcdn.com/ Frame 3389 153 KB
46 KB 51ms
51ms Script
application/javascript 13.225.87.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/vendor-modern.b44097f3.js
Requested by: Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/shim.latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.87.51 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-51.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e4c74fc1c6e1746857c589a7dce4c123715c942eec464fb9ce4d894d3e601876

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 05 Mar 2020 14:38:59 GMT
content-encoding: gzip
age: 4016
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 46566
last-modified: Wed, 04 Mar 2020 16:23:41 GMT
server: AmazonS3
etag: "badc3f3a05921b12bad394d1096f9168"
content-type: application/javascript; charset=UTF-8
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: LWT2YgdnLjMRyifCurmJZJ-yldgVI1o0iQblzLNuUJxG6981jHwq4g==

GET
H2 200 vendors~app-modern.cbcf51d6.js Show response
js.intercomcdn.com/ Frame 3389 264 KB
82 KB 22ms
22ms Script
application/javascript 13.225.87.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/vendors~app-modern.cbcf51d6.js
Requested by: Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.f49b22fd.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.87.51 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-51.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bddc8274f21faf42728bffe6a29e60f62340c2ef7109d0c597bb97b5a2ed6bb9

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 05 Mar 2020 15:01:09 GMT
content-encoding: gzip
age: 2665
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 83198
last-modified: Wed, 04 Mar 2020 16:23:41 GMT
server: AmazonS3
etag: "3cb267cc1afb2cb8e5d00ec53cf1ea70"
content-type: application/javascript; charset=UTF-8
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: GhdkIwYTrZ_6R9JnRPr4G24q4sP3ihiFSZirIXAJEKPO8Xc0n9jMcQ==

GET
H2 200 app-modern.a19adab9.js Show response
js.intercomcdn.com/ Frame 3389 65 KB
19 KB 30ms
30ms Script
application/javascript 13.225.87.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/app-modern.a19adab9.js
Requested by: Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.f49b22fd.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.87.51 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-51.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a6fe863c8daf58dae1a31048a1ccabae2f4171be732475a1b57f40284384e156

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 05 Mar 2020 14:29:13 GMT
content-encoding: gzip
age: 4589
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 19057
last-modified: Wed, 04 Mar 2020 16:23:41 GMT
server: AmazonS3
etag: "d94f62cee712bbc1ecde963e220e4bd8"
content-type: application/javascript; charset=UTF-8
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: iKm3QPWfugzRWvnzF0tKwLXpTY5sy6apUkslf4XV7iv560YtXrVtMQ==

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame 3389 3 KB
2 KB 1410ms
1188ms XHR
application/json 99.83.219.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.f49b22fd.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.83.219.81 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ad8b87a22ce463223.awsglobalaccelerator.com

Software

nginx /

Resource Hash

1eb241776f2da1a5c59ba28c7f2802970f2324e2510e1e3ee26d2521df260837

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://phishing.datasecurity.com.br
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 05 Mar 2020 15:45:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
strict-transport-security: max-age=31556952; includeSubDomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 000lndrspruce9932i50
x-runtime: 1.074471
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"1eb241776f2da1a5c59ba28c7f280297"
x-ratelimit-remaining: 19999
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://phishing.datasecurity.com.br
x-intercom-version: 386b667e99f12570f7cc0d49d8643d7fb20c02f4
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-ratelimit-reset: 1583423160
x-ratelimit-limit: 20000
access-control-allow-headers: Content-Type

GET
H2 200 locale-pt-json-modern.f8dbd100.js Show response
js.intercomcdn.com/ Frame 3389 8 KB
4 KB 22ms
22ms Script
application/javascript 13.225.87.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/locale-pt-json-modern.f8dbd100.js
Requested by: Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.f49b22fd.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.87.51 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-51.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 995dc04d8afc06ba59d40ff26ccaaa69db34586337f7fb58de5e993d2addd66b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 05 Mar 2020 14:13:44 GMT
content-encoding: gzip
age: 5511
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 3180
last-modified: Wed, 04 Mar 2020 16:23:41 GMT
server: AmazonS3
etag: "431e8406006e79e309703341729bcdc9"
content-type: application/javascript; charset=UTF-8
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: kasvmNibzCeMjr65NeP8zUY2Iw-FBBnOuauQ_8KpVYYhTojo33jVMw==

POST
H2 200 conversations Show response
api-iam.intercom.io/messenger/web/ Frame 3389 8 KB
2 KB 331ms
330ms XHR
application/json 99.83.219.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/conversations

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.f49b22fd.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.83.219.81 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ad8b87a22ce463223.awsglobalaccelerator.com

Software

nginx /

Resource Hash

ca9d79e3988f408238891ff6337633a4a695695e7e54741d9381862ecf4a82c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://phishing.datasecurity.com.br
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 05 Mar 2020 15:45:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 000pcu1hod3acc5afi7g
x-runtime: 0.211784
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"ca9d79e3988f408238891ff6337633a4"
strict-transport-security: max-age=31556952; includeSubDomains; preload
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://phishing.datasecurity.com.br
x-intercom-version: 2568b77a824674324f535491ab9461e5487b42f1
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type

GET
H2 200 vendors~banner~message~messenger-modern.bd42e243.js Show response
js.intercomcdn.com/ Frame 3389 75 KB
22 KB 23ms
22ms Script
application/javascript 13.225.87.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/vendors~banner~message~messenger-modern.bd42e243.js
Requested by: Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.f49b22fd.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.87.51 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-51.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3557d8c4dc97c6a40140e7f90924110f99ae6d93bccaec75dce287ee633a13ec

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 05 Mar 2020 15:39:24 GMT
content-encoding: gzip
age: 710
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 22134
last-modified: Wed, 04 Mar 2020 16:23:41 GMT
server: AmazonS3
etag: "a62cdf4d7855904345b69be82cf7b3b6"
content-type: application/javascript; charset=UTF-8
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: a5TjT1AG3kiXvd5yQZF3xzDBxq2FtZLDHsg3xVmF6Dec4zDkM29QEQ==

GET
H2 200 vendors~message-modern.28915019.js Show response
js.intercomcdn.com/ Frame 3389 30 KB
9 KB 23ms
23ms Script
application/javascript 13.225.87.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/vendors~message-modern.28915019.js
Requested by: Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.f49b22fd.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.87.51 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-51.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 085abf38c9b6283cd5c6a0ab14e477bb63cc0d59b96ee1380b1cc90d4038957f

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 05 Mar 2020 14:02:38 GMT
content-encoding: gzip
age: 6329
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 9020
last-modified: Wed, 04 Mar 2020 16:23:41 GMT
server: AmazonS3
etag: "4ac0e42bc60af3b1789a4669e76de1c7"
content-type: application/javascript; charset=UTF-8
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: v-bP3felAiXwzJOaP3mglno6vctnmvYMST46lpDorhhoZlJSegvnkw==

GET
H2 200 banner~message~messenger-modern.7d5e7611.js Show response
js.intercomcdn.com/ Frame 3389 153 KB
37 KB 25ms
24ms Script
application/javascript 13.225.87.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/banner~message~messenger-modern.7d5e7611.js
Requested by: Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.f49b22fd.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.87.51 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-51.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 97db97b6aecb056219b4f270e0a37587cf59403e2a7a69282d6c80f07367b044

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 05 Mar 2020 15:04:32 GMT
content-encoding: gzip
age: 2686
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 37540
last-modified: Wed, 04 Mar 2020 16:23:41 GMT
server: AmazonS3
etag: "3c849d8edaebeaa21a38164e81b87278"
content-type: application/javascript; charset=UTF-8
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: CTXKmBthnaXwspT46QZqP3FULBevQeSYuE4BRjD_vYQl6KNcA2Xj_g==

GET
H2 200 message~messenger-modern.07d0a6ab.js Show response
js.intercomcdn.com/ Frame 3389 196 KB
50 KB 27ms
27ms Script
application/javascript 13.225.87.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/message~messenger-modern.07d0a6ab.js
Requested by: Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.f49b22fd.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.87.51 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-51.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 938c6dee96d2957d56d0f19461c83c1b1c9766dbca176dcc4cf061625deca02d

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 05 Mar 2020 15:08:36 GMT
content-encoding: gzip
age: 2260
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 50584
last-modified: Wed, 04 Mar 2020 16:23:41 GMT
server: AmazonS3
etag: "89ac44aadec2c51cbdc486bf6cd0f560"
content-type: application/javascript; charset=UTF-8
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: d0GYj1kTKML7UVIG-OZUBVs-ZteOa5LiQSZlG1W9lXul_zBRI7CMZA==

GET
H2 200 message-modern.0674b5cf.js Show response
js.intercomcdn.com/ Frame 3389 90 KB
24 KB 31ms
31ms Script
application/javascript 13.225.87.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/message-modern.0674b5cf.js
Requested by: Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.f49b22fd.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.87.51 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-51.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6e7b2766f83d5e92280a0ce9912e1b797c4fb5749eca629d9df8520cf09a003f

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 05 Mar 2020 15:04:32 GMT
content-encoding: gzip
age: 2689
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 24055
last-modified: Wed, 04 Mar 2020 16:23:41 GMT
server: AmazonS3
etag: "e7b20f6bd5ed5a68e1b638f867c73bf5"
content-type: application/javascript; charset=UTF-8
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: ag5pNlMc35S2WMAY4NKGzkO4mOuTfOhA8fvh3TPWBt4UuyRX-CNItQ==

GET
H2 206 notification.20576730.mp3
js.intercomcdn.com/audio/ Frame 3389 22 KB
23 KB 27ms
27ms Media
audio/mpeg 13.225.87.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/audio/notification.20576730.mp3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.87.51 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-51.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0e6563a609efbf837985e4c598f5f41ef3f32634e60f2abe5e124594f2ea05d0

Request headers

Sec-Fetch-Dest: audio
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 05 Mar 2020 13:50:08 GMT
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
age: 6927
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 206
Content-Length: 22813
Content-Range: bytes 0-22812/22813
last-modified: Wed, 04 Mar 2020 16:23:41 GMT
server: AmazonS3
etag: "205767301bc13a45332af776d517aada"
content-type: audio/mpeg
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: H-5JcJ6EoZStC_GTgxybszu6cgTEpQ1ZuQv5ZyPcUUB0sxvkYf3MpA==

GET
H2 200 proximanova-regular.a7942249.woff
js.intercomcdn.com/fonts/ Frame 0159 28 KB
29 KB 469ms
427ms Font
font/woff 13.225.87.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/fonts/proximanova-regular.a7942249.woff
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.87.51 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-51.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ad1e595d26035487333f48604244ddab94b13bec3e2f4545f13d8dd8a3ecba20

Request headers

Referer: https://phishing.datasecurity.com.br/
Origin: https://phishing.datasecurity.com.br
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 05 Mar 2020 15:45:36 GMT
via: 1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
status: 200
access-control-max-age: 3000
content-length: 28960
last-modified: Wed, 04 Mar 2020 16:23:41 GMT
server: AmazonS3
etag: "a7942249ca925ef356c0f2b1dab17ef3"
vary: Origin
access-control-allow-methods: GET
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: rjThKtQfL4tRM3_UUlV63EHfkUMHA-k5Ed5d24b1hUG3EamuzLhhQw==

GET
H2 200 dismiss.249568e7.png
js.intercomcdn.com/images/ Frame 6257 124 B
516 B 22ms
21ms Image
image/png 13.225.87.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js.intercomcdn.com/images/dismiss.249568e7.png
Requested by: Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/banner~message~messenger-modern.7d5e7611.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.87.51 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-51.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3878bc01fed86222528eaaad9dd98fac94e82c88e7d8bf6e5e3750db93f6caa3

Request headers

Referer: https://phishing.datasecurity.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 05 Mar 2020 14:39:57 GMT
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
etag: "249568e72cec7bca9d1887e46abe4f74"
last-modified: Wed, 04 Mar 2020 16:23:41 GMT
server: AmazonS3
age: 3938
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 124
x-amz-cf-id: n67UbLbptJHkIAvN0yoIahn-frlvRkxyXZvapGh7JkrpWqj3jkAVZA==

GET
H2 200 emoji-spritemap-16.af4e0d5e.png
js.intercomcdn.com/images/ Frame 6257 582 KB
583 KB 25ms
24ms Image
image/png 13.225.87.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js.intercomcdn.com/images/emoji-spritemap-16.af4e0d5e.png
Requested by: Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/banner~message~messenger-modern.7d5e7611.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.87.51 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-51.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 17546307ec150a5bda6994a028c928e0755a319643ba2aacaf9d9a048bc8b8dc

Request headers

Referer: https://phishing.datasecurity.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 05 Mar 2020 14:07:47 GMT
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
etag: "af4e0d5e7381c974f2b33ce9f8b94704"
last-modified: Mon, 02 Mar 2020 14:23:10 GMT
server: AmazonS3
age: 5868
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 595751
x-amz-cf-id: HRzrUoc3SYHCx518FAz5sOIx6bR7Pg7vD2WM9ZV61CLuTxlbSLlJmg==

GET
H2 200 proximanova-regular.a7942249.woff
js.intercomcdn.com/fonts/ Frame 6257 28 KB
29 KB 415ms
414ms Font
font/woff 13.225.87.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/fonts/proximanova-regular.a7942249.woff
Requested by: Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/banner~message~messenger-modern.7d5e7611.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.87.51 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-51.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ad1e595d26035487333f48604244ddab94b13bec3e2f4545f13d8dd8a3ecba20

Request headers

Referer: https://phishing.datasecurity.com.br/
Origin: https://phishing.datasecurity.com.br
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 05 Mar 2020 15:45:36 GMT
via: 1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
access-control-max-age: 3000
content-length: 28960
last-modified: Wed, 04 Mar 2020 16:23:41 GMT
server: AmazonS3
etag: "a7942249ca925ef356c0f2b1dab17ef3"
vary: Origin
access-control-allow-methods: GET
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: ctM0mzXVBjSDFbJDb3bWROKmxgy88G6SLDYRiDPE9LMC5zgnNLazag==

GET
H2 200 proximanova-semibold.46e3f047.woff
js.intercomcdn.com/fonts/ Frame 6257 28 KB
29 KB 415ms
414ms Font
font/woff 13.225.87.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/fonts/proximanova-semibold.46e3f047.woff
Requested by: Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/banner~message~messenger-modern.7d5e7611.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.87.51 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-51.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9a4f797cc141bbd16a3341cf3f4f482f0ecd00e14c206cbd2f77c5ca7bc9e704

Request headers

Referer: https://phishing.datasecurity.com.br/
Origin: https://phishing.datasecurity.com.br
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 05 Mar 2020 15:45:36 GMT
via: 1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
status: 200
access-control-max-age: 3000
content-length: 28732
last-modified: Wed, 04 Mar 2020 16:23:41 GMT
server: AmazonS3
etag: "46e3f047b6d568624167376a87e01ebd"
vary: Origin
access-control-allow-methods: GET
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: eASrOyfgW4yfDHC3gEiXNhRDiQxpUhOhYWnBo6f-0-tbOjrNyRZ68w==

GET
H2 200 11118254_827396450677577_5131052570979058954_n-1512414419.jpg
static.intercomassets.com/avatars/1658354/square_128/ Frame 6257 4 KB
4 KB 90ms
22ms Image
image/jpeg 13.225.87.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.intercomassets.com/avatars/1658354/square_128/11118254_827396450677577_5131052570979058954_n-1512414419.jpg?1512414419
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.87.47 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-47.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2cc4ab6635e27fca979967f1691cf4e4e413ed7c7da59a1740a1c1f40926c87f

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 05 Mar 2020 10:20:20 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052111.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2017 19:07:01 GMT
server: AmazonS3
age: 19515
etag: "3dba41354e5e0e08c94820f4be75ab73"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 3942
x-amz-cf-id: wFjg5jHkB-hkdFxWUO3DDSztzS9FpTg1P2UH3GocrwPFNxrK8-oVIA==

GET
H2 200 Capturar-1495841453.JPG
static.intercomassets.com/avatars/1248637/square_128/ Frame 6257 11 KB
12 KB 105ms
37ms Image
image/jpeg 13.225.87.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.intercomassets.com/avatars/1248637/square_128/Capturar-1495841453.JPG?1495841453
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.87.47 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-47.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 88314d2ba3ac2b31bc8662a31d25ca5e918674f7183bcab642df31ee9411acec

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 05 Mar 2020 10:20:20 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052111.cloudfront.net (CloudFront)
last-modified: Fri, 26 May 2017 23:30:54 GMT
server: AmazonS3
age: 19515
etag: "8de3daed6cbec18b25f84fe177a9991a"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 11583
x-amz-cf-id: dxR9GQiADTEPDCIPltdp9jfCH7otyfIF_8oVfazt4zIifR6zZFKDWw==
expires: Sat, 27 May 2017 23:07:39 GMT

GET
H2 200 14034931_1134553869921445_8904240791340712843_n-1495835206.jpg
static.intercomassets.com/avatars/1238280/square_128/ Frame 6257 3 KB
3 KB 106ms
38ms Image
image/jpeg 13.225.87.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.intercomassets.com/avatars/1238280/square_128/14034931_1134553869921445_8904240791340712843_n-1495835206.jpg?1495835206
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.87.47 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-47.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7195e609259beecf63308aea2e73cc75a892d7348e2fa49f349a9ecf64d84aa9

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 05 Mar 2020 10:20:19 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052111.cloudfront.net (CloudFront)
last-modified: Fri, 26 May 2017 21:46:47 GMT
server: AmazonS3
age: 19516
etag: "bfbca2ecb718208a0a828264611e39a3"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 2846
x-amz-cf-id: HIHyvTB2QTDuwZin1e1PF_yithifO4pgohfEUMr6e08gV2KYa6KPGg==
expires: Sat, 27 May 2017 21:42:30 GMT

GET
H2 200 custom_avatar-1537648749.png
static.intercomassets.com/avatars/1248485/square_128/ Frame 6257 25 KB
26 KB 111ms
44ms Image
image/png 13.225.87.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.intercomassets.com/avatars/1248485/square_128/custom_avatar-1537648749.png?1537648749
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.87.47 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-47.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 81d704a1eb50eded63945467f4d27d5ee9fe4e3706ae62c713366961f8a4637b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 05 Mar 2020 10:20:19 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052111.cloudfront.net (CloudFront)
last-modified: Sat, 22 Sep 2018 20:39:11 GMT
server: AmazonS3
age: 19516
etag: "aed6fd0d47867bb8c352156cb1d79858"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 25764
x-amz-cf-id: HLPuVvF8WtNyuNZBczO_UeRVwm6WYv3THM1XncSjIItHLpSsCTxRBw==

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-iam.intercom.io
cdnjs.cloudflare.com
datasecurity.typeform.com
fonts.googleapis.com
fonts.gstatic.com
js.intercomcdn.com
phishing.datasecurity.com.br
s3-eu-west-1.amazonaws.com
static.intercomassets.com
widget.intercom.io
www.google-analytics.com
13.225.87.108
13.225.87.47
13.225.87.51
2606:4700::6811:4004
2a00:1450:4001:816::200a
2a00:1450:4001:81a::200e
2a00:1450:4001:81c::2003
52.218.80.4
54.218.27.128
54.88.54.184
99.83.219.81
00838395cd8b377d7164786319e394a09e9002e048ecb8651c1d7ba94b2d65a0
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
085abf38c9b6283cd5c6a0ab14e477bb63cc0d59b96ee1380b1cc90d4038957f
0e6563a609efbf837985e4c598f5f41ef3f32634e60f2abe5e124594f2ea05d0
1536c9f5bb93729598dfbf692c112bf3a0ba8c210dcf985f93b4f86b34cbf366
17546307ec150a5bda6994a028c928e0755a319643ba2aacaf9d9a048bc8b8dc
1d1baed4eb1768eaa420fa0fd92eee08ba01e14aaa99fdf520f5fb5ab8d6ea62
1eb241776f2da1a5c59ba28c7f2802970f2324e2510e1e3ee26d2521df260837
2cc4ab6635e27fca979967f1691cf4e4e413ed7c7da59a1740a1c1f40926c87f
2cf0358c48063bad00e0054e90ac116cbc375e9b0218eb62873f438302bf22bc
3557d8c4dc97c6a40140e7f90924110f99ae6d93bccaec75dce287ee633a13ec
3878bc01fed86222528eaaad9dd98fac94e82c88e7d8bf6e5e3750db93f6caa3
3d4f24716ec937fbe826b083b87962e4f87f6769427ad137d67ef0901a3f385a
4658bdf3a5ffa33e3a4d643e0465484b0e2137890f0678d5a7f351e398ddf830
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6a51c67c70686a200c21ea4c60c09fd834ce7588bed9bc0ed36a9adcf6d20fea
6e7b2766f83d5e92280a0ce9912e1b797c4fb5749eca629d9df8520cf09a003f
7195e609259beecf63308aea2e73cc75a892d7348e2fa49f349a9ecf64d84aa9
7259276218ed08d64420b19a266c7f89229a6667d8007d4dcc8dcf52a2de594b
73cbfd9c91f00599083cf27cbb87cbedccbb3f1900ae483da613534b2ad9644d
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
81d704a1eb50eded63945467f4d27d5ee9fe4e3706ae62c713366961f8a4637b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88314d2ba3ac2b31bc8662a31d25ca5e918674f7183bcab642df31ee9411acec
90bedfa7bbd2bb58b7f47611a77feaf852c117ed7e344885cdb34f7df940658f
938c6dee96d2957d56d0f19461c83c1b1c9766dbca176dcc4cf061625deca02d
968a8e56e4adaf8c135199ebd7f6cc065424ca45974d4dfbeb5607e69fe72fcd
97db97b6aecb056219b4f270e0a37587cf59403e2a7a69282d6c80f07367b044
995dc04d8afc06ba59d40ff26ccaaa69db34586337f7fb58de5e993d2addd66b
9a4f797cc141bbd16a3341cf3f4f482f0ecd00e14c206cbd2f77c5ca7bc9e704
9d490571217101789a4fa392b73c35c645cac959a377c188b0ff85a1a4c91ba1
a6fe863c8daf58dae1a31048a1ccabae2f4171be732475a1b57f40284384e156
ab1f02fccfcbea65cedc16519c6fe72501f9c24d9400db433d30408a4aec9a43
ac3f3a757bfbfc9d92bc8f5e6e6362e5d4ae41dbf3cebacdda9b8f71afc82e5b
ad1e595d26035487333f48604244ddab94b13bec3e2f4545f13d8dd8a3ecba20
bddc8274f21faf42728bffe6a29e60f62340c2ef7109d0c597bb97b5a2ed6bb9
ca9d79e3988f408238891ff6337633a4a695695e7e54741d9381862ecf4a82c9
e4c74fc1c6e1746857c589a7dce4c123715c942eec464fb9ce4d894d3e601876
e82af4bd0d4dcd3f9715b26354c2039839687cb3f6273fb8725b04794a65746a
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fc2553830937696270d78b73412983e35aa47ad946e6374c411cc641d9dd6164
fefa56cf8b8ff25d9d0a563e3b2cc2565c1495a3e299c6b71c6ac7f34f29a714

phishing.datasecurity.com.br Open in urlscan Pro 54.218.27.128 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

48 Requests

100 %HTTPS

36 %IPv6

10 Domains

11 Subdomains

10 IPs

3 Countries

1576 kBTransfer

2819 kBSize

0 Cookies

5 Outgoing links

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

phishing.datasecurity.com.br Open in urlscan Pro
54.218.27.128 Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

100 %
HTTPS

36 %
IPv6

10
Domains

11
Subdomains

10
IPs

3
Countries

1576 kB
Transfer

2819 kB
Size

0
Cookies

48 HTTP transactions
0 data transactions