urlscan.io logo urlscan.io
SecurityTrails logo

login.jamalbuster.com Open in urlscan Pro
77.73.134.36  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://my.dealersocket.com/emailtrack/track/track?siteId=19&sentId=51150&entityId=607895&emailType=doc&redirectLink=http://...
Effective URL: https://login.jamalbuster.com/mn
Submission: On March 17 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 9 domains to perform 28 HTTP transactions. The main IP is 77.73.134.36, located in Kazakhstan and belongs to PARTNER-AS, RU. The main domain is login.jamalbuster.com.
TLS certificate: Issued by R3 on March 13th 2023. Valid for: 3 months.
This is the only time login.jamalbuster.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

IP Address AS Autonomous System
3 3 192.41.46.10 13951 (DATABANK-SLC)
11 162.241.203.51 19871 (NETWORK-S...)
1 2a00:1450:400... 15169 (GOOGLE)
1 162.241.27.245 46606 (UNIFIEDLA...)
1 77.73.134.36 204603 (PARTNER-AS)
1 8 2606:4700::68... 13335 (CLOUDFLAR...)
6 104.16.168.131 13335 (CLOUDFLAR...)
1 1 13.225.78.99 16509 (AMAZON-02)
1 108.138.17.39 16509 (AMAZON-02)
28 8
3    192.41.46.10 (Salt Lake City, United States)

ASN13951 (DATABANK-SLC, US)
PTR: 192-41-46-10.c7dc.com
my.dealersocket.com
11    162.241.203.51 (United States)

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: 162-241-203-51.unifiedlayer.com
5w.ae2gl.aaproducoes.com.br
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    162.241.27.245 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 162-241-27-245.unifiedlayer.com
herontechnocast.com
1    77.73.134.36 (Kazakhstan)

ASN204603 (PARTNER-AS, RU)
login.jamalbuster.com
8    2606:4700::6812:6b9 (United States)

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
6    104.16.168.131 (None, )

ASN13335 (CLOUDFLARENET, US)
js.hcaptcha.com
newassets.hcaptcha.com
hcaptcha.com
1    13.225.78.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-99.fra2.r.cloudfront.net
findicons.com
1    108.138.17.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-39.fra56.r.cloudfront.net
images.freeimages.com
Apex Domain
Subdomains		 Transfer
11 aaproducoes.com.br
5w.ae2gl.aaproducoes.com.br
158 KB
8 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 5237
124 KB
6 hcaptcha.com
js.hcaptcha.com — Cisco Umbrella Rank: 14046
newassets.hcaptcha.com — Cisco Umbrella Rank: 11013
hcaptcha.com — Cisco Umbrella Rank: 7799
242 KB
3 dealersocket.com
my.dealersocket.com — Cisco Umbrella Rank: 87711
2 KB
1 freeimages.com
images.freeimages.com — Cisco Umbrella Rank: 138339
606 B
1 findicons.com
findicons.com — Cisco Umbrella Rank: 365138
306 B
1 jamalbuster.com
login.jamalbuster.com
19 KB
1 herontechnocast.com
herontechnocast.com
119 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 34
2 KB
28 9
Domain Requested by
11 5w.ae2gl.aaproducoes.com.br 5w.ae2gl.aaproducoes.com.br
8 challenges.cloudflare.com 1 redirects login.jamalbuster.com
challenges.cloudflare.com
5w.ae2gl.aaproducoes.com.br
4 newassets.hcaptcha.com js.hcaptcha.com
newassets.hcaptcha.com
3 my.dealersocket.com 3 redirects
1 hcaptcha.com newassets.hcaptcha.com
1 images.freeimages.com login.jamalbuster.com
1 findicons.com 1 redirects
1 js.hcaptcha.com login.jamalbuster.com
1 login.jamalbuster.com
1 herontechnocast.com 5w.ae2gl.aaproducoes.com.br
1 fonts.googleapis.com 5w.ae2gl.aaproducoes.com.br
28 11

This site contains no links.

Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
*.herontechnocast.com
R3		 2023-02-18 -
2023-05-19		 3 months crt.sh
jamalbuster.com
R3		 2023-03-13 -
2023-06-11		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-15 -
2023-05-15		 a year crt.sh
challenges.cloudflare.com
Cloudflare Inc ECC CA-3		 2022-09-18 -
2023-09-17		 a year crt.sh

This page contains 4 frames:

Primary Page: https://login.jamalbuster.com/mn
Frame ID: E06560D460B293288D42D7637FA45165
Requests: 17 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/7d69057/static/hcaptcha.html
Frame ID: 52AE2B8A8624FA1AEDA8A4A8120C8CAA
Requests: 2 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/7d69057/static/hcaptcha.html
Frame ID: 7BD925876F3F70D69BB22434D4C09221
Requests: 4 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/hjjsd/0x4AAAAAAADLmRBOfh4TeETa/auto/normal
Frame ID: BB7C00D9A23AB09D29F192F909167860
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Just a moment...

Page URL History Show full URLs

  1. https://my.dealersocket.com/emailtrack/track/track?siteId=19&sentId=51150&entityId=607895&emailType=doc&... HTTP 307
    https://my.dealersocket.com/VersionManager/EmailTrack/Route?page=%2Femailtrack%2Ftrack%2Ftrack%3FsiteId%... HTTP 302
    https://my.dealersocket.com/emailtrack/track/track?NoRedirect=1&siteId=19&sentId=51150&entityId=607895&e... HTTP 302
    http://5w.ae2gl.aaproducoes.com.br// Page URL
  2. https://login.jamalbuster.com/mn Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

28
Requests

54 %
HTTPS

22 %
IPv6

9
Domains

11
Subdomains

8
IPs

4
Countries

545 kB
Transfer

1660 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://my.dealersocket.com/emailtrack/track/track?siteId=19&sentId=51150&entityId=607895&emailType=doc&redirectLink=http://5w.ae2gl.aaproducoes.com.br://%23aHR0cHM6Ly9oZXJvbnRlY2hub2Nhc3QuY29tL2Jlc3RndXkvQ2xhcmlvcy9iZXRoLmZpdHpnZXJhbGRAY2xhcmlvcy5jb20= HTTP 307
    https://my.dealersocket.com/VersionManager/EmailTrack/Route?page=%2Femailtrack%2Ftrack%2Ftrack%3FsiteId%3D19%26sentId%3D51150%26entityId%3D607895%26emailType%3Ddoc%26redirectLink%3Dhttp%3A%2F%2F5w.ae2gl.aaproducoes.com.br%3A%2F%2F%2523aHR0cHM6Ly9oZXJvbnRlY2hub2Nhc3QuY29tL2Jlc3RndXkvQ2xhcmlvcy9iZXRoLmZpdHpnZXJhbGRAY2xhcmlvcy5jb20%3D HTTP 302
    https://my.dealersocket.com/emailtrack/track/track?NoRedirect=1&siteId=19&sentId=51150&entityId=607895&emailType=doc&redirectLink=http:%2f%2f5w.ae2gl.aaproducoes.com.br:%2f%2f%23aHR0cHM6Ly9oZXJvbnRlY2hub2Nhc3QuY29tL2Jlc3RndXkvQ2xhcmlvcy9iZXRoLmZpdHpnZXJhbGRAY2xhcmlvcy5jb20%3d HTTP 302
    http://5w.ae2gl.aaproducoes.com.br// Page URL
  2. https://login.jamalbuster.com/mn Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://my.dealersocket.com/emailtrack/track/track?siteId=19&sentId=51150&entityId=607895&emailType=doc&redirectLink=http://5w.ae2gl.aaproducoes.com.br://%23aHR0cHM6Ly9oZXJvbnRlY2hub2Nhc3QuY29tL2Jlc3RndXkvQ2xhcmlvcy9iZXRoLmZpdHpnZXJhbGRAY2xhcmlvcy5jb20= HTTP 307
  • https://my.dealersocket.com/VersionManager/EmailTrack/Route?page=%2Femailtrack%2Ftrack%2Ftrack%3FsiteId%3D19%26sentId%3D51150%26entityId%3D607895%26emailType%3Ddoc%26redirectLink%3Dhttp%3A%2F%2F5w.ae2gl.aaproducoes.com.br%3A%2F%2F%2523aHR0cHM6Ly9oZXJvbnRlY2hub2Nhc3QuY29tL2Jlc3RndXkvQ2xhcmlvcy9iZXRoLmZpdHpnZXJhbGRAY2xhcmlvcy5jb20%3D HTTP 302
  • https://my.dealersocket.com/emailtrack/track/track?NoRedirect=1&siteId=19&sentId=51150&entityId=607895&emailType=doc&redirectLink=http:%2f%2f5w.ae2gl.aaproducoes.com.br:%2f%2f%23aHR0cHM6Ly9oZXJvbnRlY2hub2Nhc3QuY29tL2Jlc3RndXkvQ2xhcmlvcy9iZXRoLmZpdHpnZXJhbGRAY2xhcmlvcy5jb20%3d HTTP 302
  • http://5w.ae2gl.aaproducoes.com.br//
Request Chain 13
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/g/db880165/api.js?onload=onloadTurnstileCallback
Request Chain 15
  • https://findicons.com/files/icons/2796/metro_uinvert_dock/64/microsoft_new_logo_alt.png HTTP 301
  • https://images.freeimages.com/fic/images/icons/2796/metro_uinvert_dock/64/microsoft_new_logo_alt.png?ref=findicons

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
5w.ae2gl.aaproducoes.com.br//
Redirect Chain
  • https://my.dealersocket.com/emailtrack/track/track?siteId=19&sentId=51150&entityId=607895&emailType=doc&redirectLink=http://5w.ae2gl.aaproducoes.com.br://%23aHR0cHM6Ly9oZXJvbnRlY2hub2Nhc3QuY29tL2Jl...
  • https://my.dealersocket.com/VersionManager/EmailTrack/Route?page=%2Femailtrack%2Ftrack%2Ftrack%3FsiteId%3D19%26sentId%3D51150%26entityId%3D607895%26emailType%3Ddoc%26redirectLink%3Dhttp%3A%2F%2F5w....
  • https://my.dealersocket.com/emailtrack/track/track?NoRedirect=1&siteId=19&sentId=51150&entityId=607895&emailType=doc&redirectLink=http:%2f%2f5w.ae2gl.aaproducoes.com.br:%2f%2f%23aHR0cHM6Ly9oZXJvbnR...
  • http://5w.ae2gl.aaproducoes.com.br//
463 KB
158 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://5w.ae2gl.aaproducoes.com.br//
Protocol
HTTP/1.1
Server
162.241.203.51 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-203-51.unifiedlayer.com
Software
Apache /
Resource Hash
5dd45ab5ca1c184cf7145a7d2bcffd8b2eb6412624d381c4959f02c3b68ea290

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
Upgrade, Keep-Alive
Content-Encoding
gzip
Content-Type
text/html
Date
Fri, 17 Mar 2023 20:57:07 GMT
Keep-Alive
timeout=5, max=75
Last-Modified
Fri, 17 Mar 2023 17:39:44 GMT
Server
Apache
Transfer-Encoding
chunked
Upgrade
h2,h2c
Vary
Accept-Encoding

Redirect headers

Cache-Control
private
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Fri, 17 Mar 2023 20:55:45 GMT
Location
http://5w.ae2gl.aaproducoes.com.br://#aHR0cHM6Ly9oZXJvbnRlY2hub2Nhc3QuY29tL2Jlc3RndXkvQ2xhcmlvcy9iZXRoLmZpdHpnZXJhbGRAY2xhcmlvcy5jb20=
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-AspNetMvc-Version
5.2
X-Box
SLCWEB07
X-Server
WEB.us.slc.prod.dealersocket.net
p3p
CP="ADMa DEVa OUR NOR DSP NON COR"
css
fonts.googleapis.com/ 		25 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Serif:400,400i,700,700ii%7CRoboto:300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic
Requested by
Host: 5w.ae2gl.aaproducoes.com.br
URL: http://5w.ae2gl.aaproducoes.com.br//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
95b99b82dcc45a6649aeb55cfbb1cc647340a439fb9c483d0b11eec13b35b039
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://5w.ae2gl.aaproducoes.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 17 Mar 2023 20:57:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 17 Mar 2023 20:42:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 Mar 2023 20:57:08 GMT
font-awesome.min.css
5w.ae2gl.aaproducoes.com.br//css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://5w.ae2gl.aaproducoes.com.br//css/font-awesome.min.css
Requested by
Host: 5w.ae2gl.aaproducoes.com.br
URL: http://5w.ae2gl.aaproducoes.com.br//
Protocol
HTTP/1.1
Server
162.241.203.51 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-203-51.unifiedlayer.com
Software
Apache /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://5w.ae2gl.aaproducoes.com.br//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Fri, 17 Mar 2023 20:57:08 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Oct 2022 20:52:20 GMT
Server
Apache
Vary
Accept-Encoding
Upgrade
h2,h2c
Content-Type
text/html
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=75
Content-Length
836
bootstrap.min.css
5w.ae2gl.aaproducoes.com.br//css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://5w.ae2gl.aaproducoes.com.br//css/bootstrap.min.css
Requested by
Host: 5w.ae2gl.aaproducoes.com.br
URL: http://5w.ae2gl.aaproducoes.com.br//
Protocol
HTTP/1.1
Server
162.241.203.51 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-203-51.unifiedlayer.com
Software
Apache /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://5w.ae2gl.aaproducoes.com.br//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Fri, 17 Mar 2023 20:57:08 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Oct 2022 20:52:20 GMT
Server
Apache
Vary
Accept-Encoding
Upgrade
h2,h2c
Content-Type
text/html
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=75
Content-Length
836
ion.rangeSlider.css
5w.ae2gl.aaproducoes.com.br//css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://5w.ae2gl.aaproducoes.com.br//css/ion.rangeSlider.css
Requested by
Host: 5w.ae2gl.aaproducoes.com.br
URL: http://5w.ae2gl.aaproducoes.com.br//
Protocol
HTTP/1.1
Server
162.241.203.51 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-203-51.unifiedlayer.com
Software
Apache /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://5w.ae2gl.aaproducoes.com.br//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Fri, 17 Mar 2023 20:57:08 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Oct 2022 20:52:20 GMT
Server
Apache
Vary
Accept-Encoding
Upgrade
h2,h2c
Content-Type
text/html
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=75
Content-Length
836
ion.rangeSlider.skinFlat.css
5w.ae2gl.aaproducoes.com.br//css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://5w.ae2gl.aaproducoes.com.br//css/ion.rangeSlider.skinFlat.css
Requested by
Host: 5w.ae2gl.aaproducoes.com.br
URL: http://5w.ae2gl.aaproducoes.com.br//
Protocol
HTTP/1.1
Server
162.241.203.51 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-203-51.unifiedlayer.com
Software
Apache /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://5w.ae2gl.aaproducoes.com.br//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Fri, 17 Mar 2023 20:57:08 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Oct 2022 20:52:20 GMT
Server
Apache
Vary
Accept-Encoding
Upgrade
h2,h2c
Content-Type
text/html
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=75
Content-Length
836
jquery.bxslider.css
5w.ae2gl.aaproducoes.com.br//css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://5w.ae2gl.aaproducoes.com.br//css/jquery.bxslider.css
Requested by
Host: 5w.ae2gl.aaproducoes.com.br
URL: http://5w.ae2gl.aaproducoes.com.br//
Protocol
HTTP/1.1
Server
162.241.203.51 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-203-51.unifiedlayer.com
Software
Apache /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://5w.ae2gl.aaproducoes.com.br//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Fri, 17 Mar 2023 20:57:08 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Oct 2022 20:52:20 GMT
Server
Apache
Vary
Accept-Encoding
Upgrade
h2,h2c
Content-Type
text/html
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=75
Content-Length
836
jquery.fancybox.css
5w.ae2gl.aaproducoes.com.br//css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://5w.ae2gl.aaproducoes.com.br//css/jquery.fancybox.css
Requested by
Host: 5w.ae2gl.aaproducoes.com.br
URL: http://5w.ae2gl.aaproducoes.com.br//
Protocol
HTTP/1.1
Server
162.241.203.51 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-203-51.unifiedlayer.com
Software
Apache /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://5w.ae2gl.aaproducoes.com.br//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Fri, 17 Mar 2023 20:57:08 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Oct 2022 20:52:20 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
text/html
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=74
Content-Length
836
flexslider.css
5w.ae2gl.aaproducoes.com.br//css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://5w.ae2gl.aaproducoes.com.br//css/flexslider.css
Requested by
Host: 5w.ae2gl.aaproducoes.com.br
URL: http://5w.ae2gl.aaproducoes.com.br//
Protocol
HTTP/1.1
Server
162.241.203.51 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-203-51.unifiedlayer.com
Software
Apache /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://5w.ae2gl.aaproducoes.com.br//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Fri, 17 Mar 2023 20:57:08 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Oct 2022 20:52:20 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
text/html
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=74
Content-Length
836
swiper.css
5w.ae2gl.aaproducoes.com.br//css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://5w.ae2gl.aaproducoes.com.br//css/swiper.css
Requested by
Host: 5w.ae2gl.aaproducoes.com.br
URL: http://5w.ae2gl.aaproducoes.com.br//
Protocol
HTTP/1.1
Server
162.241.203.51 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-203-51.unifiedlayer.com
Software
Apache /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://5w.ae2gl.aaproducoes.com.br//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Fri, 17 Mar 2023 20:57:08 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Oct 2022 20:52:20 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
text/html
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=74
Content-Length
836
style.css
5w.ae2gl.aaproducoes.com.br//css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://5w.ae2gl.aaproducoes.com.br//css/style.css
Requested by
Host: 5w.ae2gl.aaproducoes.com.br
URL: http://5w.ae2gl.aaproducoes.com.br//
Protocol
HTTP/1.1
Server
162.241.203.51 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-203-51.unifiedlayer.com
Software
Apache /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://5w.ae2gl.aaproducoes.com.br//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Fri, 17 Mar 2023 20:57:08 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Oct 2022 20:52:20 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
text/html
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=74
Content-Length
836
media.css
5w.ae2gl.aaproducoes.com.br//css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://5w.ae2gl.aaproducoes.com.br//css/media.css
Requested by
Host: 5w.ae2gl.aaproducoes.com.br
URL: http://5w.ae2gl.aaproducoes.com.br//
Protocol
HTTP/1.1
Server
162.241.203.51 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-203-51.unifiedlayer.com
Software
Apache /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://5w.ae2gl.aaproducoes.com.br//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Fri, 17 Mar 2023 20:57:08 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Oct 2022 20:52:20 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
text/html
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=74
Content-Length
836
beth.fitzgerald@clarios.com
herontechnocast.com/bestguy/Clarios/ 		0
119 B 		Document
General
Check archive.org
Download Go to
Full URL
https://herontechnocast.com/bestguy/Clarios/beth.fitzgerald@clarios.com
Requested by
Host: 5w.ae2gl.aaproducoes.com.br
URL: http://5w.ae2gl.aaproducoes.com.br//
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.27.245 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-241-27-245.unifiedlayer.com
Software
Apache /
Resource Hash

Request headers

Referer
http://5w.ae2gl.aaproducoes.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 17 Mar 2023 20:57:10 GMT
refresh
0;url=https://login.jamalbuster.com/mn#beth.fitzgerald@clarios.com
server
Apache
Primary Request mn
login.jamalbuster.com/ 		18 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.jamalbuster.com/mn
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.73.134.36 , Kazakhstan, ASN204603 (PARTNER-AS, RU),
Reverse DNS
Software
/
Resource Hash
826df2267364dccb21898d5afe1af9d535e8bcc5230e801995c4cd63cf4f7827

Request headers

Referer
https://herontechnocast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Type
text/html
Transfer-Encoding
chunked
api.js
challenges.cloudflare.com/turnstile/v0/g/db880165/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback
  • https://challenges.cloudflare.com/turnstile/v0/g/db880165/api.js?onload=onloadTurnstileCallback
14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/db880165/api.js?onload=onloadTurnstileCallback
Requested by
Host: login.jamalbuster.com
URL: https://login.jamalbuster.com/mn
Protocol
H2
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d395cc53363e6e22c75f73de0d4de7355ed844b65b8f0d149664ec06facd2d8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.jamalbuster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 20:57:10 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
7a982591889c9244-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Fri, 17 Mar 2023 20:57:10 GMT
server
cloudflare
vary
accept-encoding
access-control-allow-origin
*
location
/turnstile/v0/g/db880165/api.js?onload=onloadTurnstileCallback
cache-control
max-age=300, public
cf-ray
7a98259158499244-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
api.js
js.hcaptcha.com/1/ 		284 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hcaptcha.com/1/api.js
Requested by
Host: login.jamalbuster.com
URL: https://login.jamalbuster.com/mn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa567ea63c532d43e2f5e3e3962ff8b5fa0366f3c62ee0585fa6fe4be4c70f60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.jamalbuster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 20:57:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 ed91e9c9d6be32c45c1d670b7d4a6616.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-content-type-options
nosniff
age
0
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 10 Mar 2023 07:14:15 GMT
server
cloudflare
etag
W/"5de21c14bce7448f20c94eda336232ba"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=120
cf-ray
7a9825914c963679-FRA
x-amz-cf-id
jAl-dEecqAnMcQN5PlKXy6pJLAQVHxQ05ZjJW7Mldix9z45pdLUfsg==
microsoft_new_logo_alt.png
images.freeimages.com/fic/images/icons/2796/metro_uinvert_dock/64/
Redirect Chain
  • https://findicons.com/files/icons/2796/metro_uinvert_dock/64/microsoft_new_logo_alt.png
  • https://images.freeimages.com/fic/images/icons/2796/metro_uinvert_dock/64/microsoft_new_logo_alt.png?ref=findicons
254 B
606 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.freeimages.com/fic/images/icons/2796/metro_uinvert_dock/64/microsoft_new_logo_alt.png?ref=findicons
Requested by
Host: login.jamalbuster.com
URL: https://login.jamalbuster.com/mn
Protocol
H2
Server
108.138.17.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-39.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2267d1822dbefc10c25e17d1fa4a6d9331e5a126e2483c5aff542d6107ebca36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.jamalbuster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 16 Jan 2023 15:49:06 GMT
via
1.1 56317bf75183e752b06c880e8a1e502a.cloudfront.net (CloudFront)
last-modified
Tue, 20 Dec 2022 05:17:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
age
5202485
etag
"57ab754695eb0a2c74201ecd6948c12f"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
254
x-amz-cf-id
lzPQFSqZVzYler9PBEAIxs5BDltdNZFDk0rzc_W1JlwE1HoG5JSlKQ==

Redirect headers

date
Tue, 07 Mar 2023 12:37:27 GMT
via
1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA2-C2
age
893983
x-cache
Hit from cloudfront
location
https://images.freeimages.com/fic/images/icons/2796/metro_uinvert_dock/64/microsoft_new_logo_alt.png?ref=findicons
content-length
0
x-amz-cf-id
ErnDwJcjunUS09tzfFBAfKP5HJyamZ3Pw6Zd1NzSKCAxsSWWbWr7fA==
hcaptcha.html
newassets.hcaptcha.com/captcha/v1/7d69057/static/ Frame 52AE 		2 KB
961 B 		Document
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/7d69057/static/hcaptcha.html
Requested by
Host: js.hcaptcha.com
URL: https://js.hcaptcha.com/1/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f05242270132a89b0ce4c828959b3607c765029c84e4244d15b82b363d94f49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://login.jamalbuster.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
age
340244
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=1209600
cf-cache-status
HIT
cf-ray
7a982591dd5b3679-FRA
content-encoding
br
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Fri, 17 Mar 2023 20:57:10 GMT
last-modified
Fri, 10 Mar 2023 07:14:14 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 c9499008aa7e1acd11e9fbc171281d82.cloudfront.net (CloudFront)
x-amz-cf-id
3VxIuwjnqoLCcXD_H5tMtqepoUvCmk2L5zrqb33254CnCWxZJXqSyQ==
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-content-type-options
nosniff
hcaptcha.html
newassets.hcaptcha.com/captcha/v1/7d69057/static/ Frame 7BD9 		2 KB
815 B 		Document
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/7d69057/static/hcaptcha.html
Requested by
Host: js.hcaptcha.com
URL: https://js.hcaptcha.com/1/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f05242270132a89b0ce4c828959b3607c765029c84e4244d15b82b363d94f49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://login.jamalbuster.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
age
340244
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=1209600
cf-cache-status
HIT
cf-ray
7a982591dd603679-FRA
content-encoding
br
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Fri, 17 Mar 2023 20:57:10 GMT
last-modified
Fri, 10 Mar 2023 07:14:14 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 c9499008aa7e1acd11e9fbc171281d82.cloudfront.net (CloudFront)
x-amz-cf-id
3VxIuwjnqoLCcXD_H5tMtqepoUvCmk2L5zrqb33254CnCWxZJXqSyQ==
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-content-type-options
nosniff
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/hjjsd/0x4AAAAAAADLmRBOfh4TeETa/auto/ Frame BB7C 		21 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/hjjsd/0x4AAAAAAADLmRBOfh4TeETa/auto/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47807adcfda24f7f27f0df1cd18673a42e819af0666e653e40db51f7bfa5180a

Request headers

Referer
https://login.jamalbuster.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=0, must-revalidate
cf-ray
7a982591cabe3619-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Fri, 17 Mar 2023 20:57:10 GMT
document-policy
js-profiling
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
v1
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/ Frame BB7C 		151 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7a982591cabe3619
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/hjjsd/0x4AAAAAAADLmRBOfh4TeETa/auto/normal
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a685dfa8e3de172dad03843f2674bf8175b2dce301827c8206e7df6c6f2f5f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/hjjsd/0x4AAAAAAADLmRBOfh4TeETa/auto/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 20:57:10 GMT
cache-control
max-age=0, must-revalidate
content-encoding
br
server
cloudflare
cf-ray
7a9825928c1b3619-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
application/javascript; charset=UTF-8
hcaptcha.js
newassets.hcaptcha.com/captcha/v1/7d69057/ Frame 52AE 		284 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/7d69057/hcaptcha.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/7d69057/static/hcaptcha.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa567ea63c532d43e2f5e3e3962ff8b5fa0366f3c62ee0585fa6fe4be4c70f60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newassets.hcaptcha.com/captcha/v1/7d69057/static/hcaptcha.html
Origin
https://newassets.hcaptcha.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 20:57:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 ed91e9c9d6be32c45c1d670b7d4a6616.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-content-type-options
nosniff
age
341901
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 10 Mar 2023 07:14:15 GMT
server
cloudflare
etag
W/"5de21c14bce7448f20c94eda336232ba"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
cf-ray
7a9825929e6e3679-FRA
x-amz-cf-id
jAl-dEecqAnMcQN5PlKXy6pJLAQVHxQ05ZjJW7Mldix9z45pdLUfsg==
hcaptcha.js
newassets.hcaptcha.com/captcha/v1/7d69057/ Frame 7BD9 		284 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/7d69057/hcaptcha.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/7d69057/static/hcaptcha.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa567ea63c532d43e2f5e3e3962ff8b5fa0366f3c62ee0585fa6fe4be4c70f60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newassets.hcaptcha.com/captcha/v1/7d69057/static/hcaptcha.html
Origin
https://newassets.hcaptcha.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 20:57:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 ed91e9c9d6be32c45c1d670b7d4a6616.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-content-type-options
nosniff
age
341901
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 10 Mar 2023 07:14:15 GMT
server
cloudflare
etag
W/"5de21c14bce7448f20c94eda336232ba"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
cf-ray
7a9825929e713679-FRA
x-amz-cf-id
jAl-dEecqAnMcQN5PlKXy6pJLAQVHxQ05ZjJW7Mldix9z45pdLUfsg==
truncated
/ Frame 7BD9 		798 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
checksiteconfig
hcaptcha.com/ Frame 7BD9 		554 B
799 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hcaptcha.com/checksiteconfig?v=7d69057&host=login.jamalbuster.com&sitekey=234adb2f-52ba-4697-82fa-abecbb14b173&sc=1&swa=1
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/7d69057/hcaptcha.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3194f75779ec9346d860489a923880683160a16c6a38476f6df6417c00797b2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://newassets.hcaptcha.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Mar 2023 20:57:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
br
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://newassets.hcaptcha.com
access-control-allow-credentials
true
cf-ray
7a982593b8263679-FRA
access-control-allow-headers
Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
cf-chl-bypass
2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
7bcbc919a74e89d
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/854984771:1679084844:ro1ndKn14y7ukZQIP7Jj0QvMWTdN6H6kHDOYkX_zHrU/7a982591cabe3619/ Frame BB7C 		108 KB
54 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/854984771:1679084844:ro1ndKn14y7ukZQIP7Jj0QvMWTdN6H6kHDOYkX_zHrU/7a982591cabe3619/7bcbc919a74e89d
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7a982591cabe3619
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35c53fc28f1351ec1df712370cd08bd9c4dc5c5a70cc72e5c51896f2bde5c1df

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/hjjsd/0x4AAAAAAADLmRBOfh4TeETa/auto/normal
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
CF-Challenge
7bcbc919a74e89d
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 17 Mar 2023 20:57:11 GMT
content-encoding
br
cf_chl_gen
Z4boQY5bVd2P5QGfdAReOPcfWVuo5Uuad4FxOi7No8DJtjVQitJn39PzzposSCCEP9/np9WTp4sAvPWZlyzOl0u1LwjWSquMumIXzWizscHnjEc/7zPCaRaxQc2ida8EdiCRXcGGjm3peohLCf4F7yUNC/9qFpnJsStC4xcBbqX9fKUucFZnSLy5Q9rsV7YzlN8UBs+zgTJFkNvLSidcAD4XYMQlwqjvpqnFwbGH2xjbWQ6N0L45h7YAXGYlTEQ6f2dHPQQ0UOyOsns+G2rLulGGoDHdGS7oZ/QfoFuIoQXybBIZ2PrTyoiF0EO9jvuPJcpF+hcIWS+E5O0FIZ1JNfxte7x3v9g9B8inGg3cW0cAX9MEC5xUi8nhuTlzVw75k3jYcUc0QTu5g3RajbwxvcSnZuIra/qsSVbpc+1TZzc=$Lw0kcLKo1mzfAeZ4LDuHzA==
server
cloudflare
cf-ray
7a9825943f163619-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8
ceTVoL-R2DSii0v
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7a982591cabe3619/1679086631089/ Frame BB7C 		61 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7a982591cabe3619/1679086631089/ceTVoL-R2DSii0v
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cf7d05023f0700848c65665f70bd76ba87bda35838b2fa6cf4fffae8f91f21b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/hjjsd/0x4AAAAAAADLmRBOfh4TeETa/auto/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 20:57:11 GMT
server
cloudflare
cf-ray
7a982594e8623619-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
image/png
T4gi6BFCU76dBnW
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7a982591cabe3619/1679086631093/0f1b99e734e980b83e41cd7511ce79018a67ba4d684d7e5e3505de8aa9cb7e0b/ Frame BB7C 		1 B
646 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7a982591cabe3619/1679086631093/0f1b99e734e980b83e41cd7511ce79018a67ba4d684d7e5e3505de8aa9cb7e0b/T4gi6BFCU76dBnW
Requested by
Host: 5w.ae2gl.aaproducoes.com.br
URL: http://5w.ae2gl.aaproducoes.com.br//
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/hjjsd/0x4AAAAAAADLmRBOfh4TeETa/auto/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 20:57:11 GMT
www-authenticate
PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gDxuZ5zTpgLg-Qc11Ec55AYpnuk1oTX5eNQXeiqnLfgsAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAtK0fk8UgMasGK5V3T5wY7a3bUfa1Tk6cfuSReEDBgmTTk9fqUKZ-Ggt5F9FJ1uwqd0HYxixLl_RWXjBIvYJnQjOCdgocx_dtJX0HUsbnXCfqiYpIeSJFIKo1OEB2qE6Mo-yf5bNei97DT30-L3tp35JZNiva27hJ33lDc2DpBThSZJkQZOEUC0eIGteS9GpzKKOgBXDnY5uLmewDUWxRf75KVl_4xp4DYxyd6UHynCTcPH5J0UDGeGdnEK-l2On9Kao1M5xzKjKwaqHnc1XEcYw_43MSrFs8wlezfFYJE7k6y2acgGfGHmI9KKCy8EuyXzknUdo8saMec8jSdaf0rQIDAQAB, max-age=20
server
cloudflare
cf-ray
7a9825977ccf3619-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8
7bcbc919a74e89d
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/854984771:1679084844:ro1ndKn14y7ukZQIP7Jj0QvMWTdN6H6kHDOYkX_zHrU/7a982591cabe3619/ Frame BB7C 		868 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/854984771:1679084844:ro1ndKn14y7ukZQIP7Jj0QvMWTdN6H6kHDOYkX_zHrU/7a982591cabe3619/7bcbc919a74e89d
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7a982591cabe3619
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5448f8cff2b1c4d5122e726402ab1e22075c84faaa52300e3d108c4bcbda1789

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/hjjsd/0x4AAAAAAADLmRBOfh4TeETa/auto/normal
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
CF-Challenge
7bcbc919a74e89d
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 17 Mar 2023 20:57:12 GMT
content-encoding
br
server
cloudflare
cf_chl_out
uITGsXc9ecdrW+w7/oFmeTIbNsFDRsPfvKMeVF3tB7lT8JscsH2LV0YBtcZEzuEFWcY7lArVK7sN77ypuktK/nzvYUm90qRXa/9daAxq1n4=$E60TZ0Z4zUKAV1sd0YP0xQ==
content-type
text/html; charset=UTF-8
cf_chl_out_s
GGmIX6fYkRlgAwNfRYKRcOJ+TlCrci51FHQg0PkBpztRDBT2wEghkLVB9Rg+HUMgZ9+UWcXAmn1zXWs7+LH+xpo2CrmutexFOjQ+FUq1H/Y+sU39wsafg9EdoikKJlgO3Y3aX2+RtuITK3hgz6yD6FILXdotFdMHqwaC9q4ycyk9m0a200wEHTEplHVAHNy+swKQRw018gwQU2hbFr4OrjLYJ15sod2O9vh0lZY4zNI9JuLGoZdCLIkFWwGjy1PhSe6tsV/bGck4CEnm9MB7uscf1810389UDVayru50Gja08BxFe8+yFgXFf/4Niz4R/vRcLhSDyu2EZPqUOMVbwm1iLIPjE2UiqezvwDJrz72vTxF1nKYsV+GiDjKd6Lr4PR2sjlvSNcRotTg5ZT8os/F7l39Vcn3om1fS/5V8b08cawZC/mXnZ9APEx4xVzW3rSva7RrRxvk5Bmun09L4a00zkdvMY7wf4ovdodh8cAtn3JsLI2YLrkLAz1qODxvdeUx0rX9KpDheY5ESjPsln7enN81t+hyje4Iqu8ie7MNmJiuyjTTsjmJJcegAaHmu$1bz/twfdhCZf0fXFZEjH2w==
cf-ray
7a982599c87d3619-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 boolean| credentialless function| verifyCallback_CF function| verifyCallback_hCaptcha function| validateElement function| refreshCallBack function| switchToSecondCaptcha function| onloadTurnstileCallback function| incrementLoader object| Raven object| hcaptcha object| grecaptcha object| turnstile number| ticker

3 Cookies

Domain/Path Name / Value
.dealersocket.com/ Name: RP_rp
Value: GEN
.dealersocket.com/ Name: RP_dc
Value: 4
.jamalbuster.com/ Name: EVILGINX2
Value: 3259653f3f9bf71c15325b4bdad439f617bb2eeffddc55177f2e9b245703933c

12 Console Messages

Source Level URL
Text
network error URL: http://5w.ae2gl.aaproducoes.com.br//css/font-awesome.min.css
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://5w.ae2gl.aaproducoes.com.br//css/bootstrap.min.css
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://5w.ae2gl.aaproducoes.com.br//css/jquery.bxslider.css
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://5w.ae2gl.aaproducoes.com.br//css/ion.rangeSlider.css
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://5w.ae2gl.aaproducoes.com.br//css/jquery.fancybox.css
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://5w.ae2gl.aaproducoes.com.br//css/ion.rangeSlider.skinFlat.css
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://5w.ae2gl.aaproducoes.com.br//css/swiper.css
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://5w.ae2gl.aaproducoes.com.br//css/flexslider.css
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://5w.ae2gl.aaproducoes.com.br//css/media.css
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://5w.ae2gl.aaproducoes.com.br//css/style.css
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7a982591cabe3619/1679086631093/0f1b99e734e980b83e41cd7511ce79018a67ba4d684d7e5e3505de8aa9cb7e0b/T4gi6BFCU76dBnW
Message:
Failed to load resource: the server responded with a status of 401 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5w.ae2gl.aaproducoes.com.br
challenges.cloudflare.com
findicons.com
fonts.googleapis.com
hcaptcha.com
herontechnocast.com
images.freeimages.com
js.hcaptcha.com
login.jamalbuster.com
my.dealersocket.com
newassets.hcaptcha.com
104.16.168.131
108.138.17.39
13.225.78.99
162.241.203.51
162.241.27.245
192.41.46.10
2606:4700::6812:6b9
2a00:1450:4001:828::200a
77.73.134.36
2267d1822dbefc10c25e17d1fa4a6d9331e5a126e2483c5aff542d6107ebca36
3194f75779ec9346d860489a923880683160a16c6a38476f6df6417c00797b2b
35c53fc28f1351ec1df712370cd08bd9c4dc5c5a70cc72e5c51896f2bde5c1df
47807adcfda24f7f27f0df1cd18673a42e819af0666e653e40db51f7bfa5180a
5448f8cff2b1c4d5122e726402ab1e22075c84faaa52300e3d108c4bcbda1789
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7
5dd45ab5ca1c184cf7145a7d2bcffd8b2eb6412624d381c4959f02c3b68ea290
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
7cf7d05023f0700848c65665f70bd76ba87bda35838b2fa6cf4fffae8f91f21b
826df2267364dccb21898d5afe1af9d535e8bcc5230e801995c4cd63cf4f7827
95b99b82dcc45a6649aeb55cfbb1cc647340a439fb9c483d0b11eec13b35b039
9a685dfa8e3de172dad03843f2674bf8175b2dce301827c8206e7df6c6f2f5f2
9f05242270132a89b0ce4c828959b3607c765029c84e4244d15b82b363d94f49
d395cc53363e6e22c75f73de0d4de7355ed844b65b8f0d149664ec06facd2d8e
fa567ea63c532d43e2f5e3e3962ff8b5fa0366f3c62ee0585fa6fe4be4c70f60