admin.mensagemespirita.com.br Open in urlscan Pro
172.67.146.136 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://admin.mensagemespirita.com.br/
Submission: On June 19 via api (June 19th 2024, 9:43:34 am UTC) from US — Scanned from DE

Summary HTTP 15 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 15 HTTP transactions. The main IP is 172.67.146.136, located in United States and belongs to CLOUDFLARENET, US. The main domain is admin.mensagemespirita.com.br.
TLS certificate: Issued by WE1 on June 9th 2024. Valid for: 3 months.

This is the only time admin.mensagemespirita.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	172.67.146.136 172.67.146.136	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	172.67.219.134 172.67.219.134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3030::ac43:9288	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	142.250.184.228 142.250.184.228	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
15	5

4 172.67.146.136 (United States)

ASN13335 (CLOUDFLARENET, US)

admin.mensagemespirita.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.67.219.134 (United States)

ASN13335 (CLOUDFLARENET, US)

images2.hlq.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images1.hlq.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images4.hlq.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images3.hlq.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::ac43:9288 (United States)

ASN13335 (CLOUDFLARENET, US)

www.mensagemespirita.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.228 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	hlq.com.br images2.hlq.com.br images1.hlq.com.br images4.hlq.com.br images3.hlq.com.br	31 KB
5	mensagemespirita.com.br admin.mensagemespirita.com.br www.mensagemespirita.com.br	15 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 469	73 KB
1	gstatic.com www.gstatic.com	19 KB
1	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 5	19 B
15	5

	Domain	Requested by
4	admin.mensagemespirita.com.br	admin.mensagemespirita.com.br
3	images1.hlq.com.br	admin.mensagemespirita.com.br
2	ajax.googleapis.com	www.google.com
2	images2.hlq.com.br	admin.mensagemespirita.com.br
1	images3.hlq.com.br	admin.mensagemespirita.com.br
1	images4.hlq.com.br	admin.mensagemespirita.com.br
1	www.gstatic.com	admin.mensagemespirita.com.br
1	www.google.com	1 redirects
1	www.mensagemespirita.com.br	admin.mensagemespirita.com.br
15	9

This site contains links to these domains. Also see Links.

Domain
www.mensagemespirita.com.br
www.hlq.com.br

Subject Issuer	Validity	Valid
mensagemespirita.com.br WE1	`2024-06-09` - `2024-09-07`	3 months	crt.sh
hlq.com.br GTS CA 1P5	`2024-05-24` - `2024-08-22`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://admin.mensagemespirita.com.br/
Frame ID: BEE334530BA5B71BD3233D4C3345E3C8
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

15
Requests

93 %
HTTPS

50 %
IPv6

5
Domains

9
Subdomains

5
IPs

2
Countries

138 kB
Transfer

439 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://www.mensagemespirita.com.br/
Title: Ir para o Site

Search URL Search Domain Scan URL

URL: http://www.hlq.com.br/
Title: HLQ - Sistemas Web - Apps para Redes Sociais

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://www.google.com/jsapi HTTP 301
https://www.gstatic.com/charts/loader.js

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
admin.mensagemespirita.com.br/ 5 KB
2 KB 644ms
457ms Document
text/html 172.67.146.136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://admin.mensagemespirita.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.146.136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 062b20722608fdbaaef7c5f69f50e2fe6201a5c5c8eabb09e4e313a7d6f6dde5

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=3600, must-revalidate, post-check=0, pre-check=0
cf-cache-status: MISS
cf-ray: 89629330a8dc2c59-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 19 Jun 2024 09:43:28 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
last-modified: Wed, 19 Jun 2024 09:43:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JwvaODaem36iFFCahzEZ5%2F14e6L%2BoJq8E8IuhyTO1tC%2FxC88XXaHh7JeP%2Fo9OnRk3DfTCG17zKNFEOwQBvn4DvaiGofo8i1W8nIMqu3RXCBFDRzqN6xdUzuLoQOcEfSbvF0s4jqjQl%2F066LgPHNznw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent

GET
H3 200 login_layout.css
admin.mensagemespirita.com.br/css/ 3 KB
2 KB 450ms
448ms Stylesheet
text/css 172.67.146.136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://admin.mensagemespirita.com.br/css/login_layout.css
Requested by: Host: admin.mensagemespirita.com.br
URL: https://admin.mensagemespirita.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.146.136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31eaa126dbc4eef4718c9e43660aa2b02373301e34235abf63af043d85d6d3f5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://admin.mensagemespirita.com.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 09:43:29 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Sat, 08 Oct 2016 03:26:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JClppcA6klMDo05FEJxWoNh2Gf52dbMIV7liAFkfBvMd15vogEJfaIYuB5%2FnX7TFwAMCwEpjoC39bN8eqavGc9AOBhn2afSZm3RwurML2r8xT%2BWfceiMd0l6rRu1fgNFY583YpbzCQUEs4MABCCROw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 89629333dd632c59-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1198
expires: Wed, 26 Jun 2024 09:43:28 GMT

GET
H3 200 validationEngine.jquery.css
images2.hlq.com.br/scripts/form_validator/css_old/ 2 KB
1 KB 990ms
441ms Stylesheet
text/css 172.67.219.134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://images2.hlq.com.br/scripts/form_validator/css_old/validationEngine.jquery.css
Requested by: Host: admin.mensagemespirita.com.br
URL: https://admin.mensagemespirita.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.219.134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4159357e2c22c483e36cb6a4ee53f99a41ef69973b3b020d3e37efa349cd034b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://admin.mensagemespirita.com.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 09:43:29 GMT
content-encoding: gzip
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 727
last-modified: Fri, 07 Oct 2016 23:13:02 GMT
server: cloudflare
etag: "9b3-53e4e8d447b80-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AhfEr7J8OGKO4744k2qM10cYRlDYDvvRbM1AZmu3OhUkQrdphWCSdZdS5rzq%2BbvJwOUKw7vZM7FxKeHCsWqz%2BvXu5I%2FLGBAEeKF7CP%2F%2FlpWvgfSxbpL8rjQybzO%2FGMUC%2B23tKpY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800, s-maxage=10
accept-ranges: bytes
cf-ray: 89629337492d1987-FRA
expires: Wed, 26 Jun 2024 09:43:29 GMT

GET
H3 200 jquery-ui-1.8.2.custom.css
images1.hlq.com.br/css/jqueryui/ui-lightness/ 29 KB
5 KB 617ms
443ms Stylesheet
text/css 172.67.219.134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://images1.hlq.com.br/css/jqueryui/ui-lightness/jquery-ui-1.8.2.custom.css

Requested by

Host: admin.mensagemespirita.com.br
URL: https://admin.mensagemespirita.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.219.134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f0f31c83d2973f9a14e0276328cf701161eb2635683f42df4942162a8bfa773

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://admin.mensagemespirita.com.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 09:43:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-original-content-length: 36463
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 4993
server: cloudflare
etag: W/"PSA-aj-K2pjrkuxME"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zfZk3buW%2B8rXNp5rV8NpI5ctSKmMspT%2BAmpX9hPAeBsuL%2FTsm5KbvIHdHilJPBsLCM3EgPLLQQIGm8wIyfS%2BbjX0sRtNqU2uXzyk75nKLK8637t73QoUeVbNrldIiVkFBO3Pn88%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=563580
accept-ranges: bytes
cf-ray: 89629334fd061987-FRA
expires: Tue, 25 Jun 2024 22:16:30 GMT

GET
H2 200 logo.jpg
www.mensagemespirita.com.br/imgs/ 9 KB
10 KB 661ms
419ms Image
image/jpeg 2606:4700:3030::ac43:9288
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mensagemespirita.com.br/imgs/logo.jpg
Requested by: Host: admin.mensagemespirita.com.br
URL: https://admin.mensagemespirita.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:9288 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d330f620e4e42c3bc255498a0dd5096dacd90da2da108608353f7180d4b0902e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://admin.mensagemespirita.com.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 09:43:29 GMT
cf-cache-status: MISS
last-modified: Sat, 08 Oct 2016 03:24:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5wVu4OLIZZGP7cjssJjd%2BdDYYd8ze7VJ9dKtk%2BRt%2Brn%2B4RSRoultJ7u%2Bt%2FueKZx8VXoydKMh0OUw4z8NX98SJoS2Cuhr59Ham8q7ZTQuSfM2dCzVVLC7WWVJhkuCYWWhPi5yencDwZ3ofnuXnNuX1IxjTxMRZEWqdYU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=25920000, s-maxage=10
accept-ranges: bytes
cf-ray: 896293355c4b6922-FRA
alt-svc: h3=":443"; ma=86400
content-length: 9625
expires: Tue, 15 Apr 2025 09:43:29 GMT

GET
H2

200

loader.js Show response
www.gstatic.com/charts/
Redirect Chain

https://www.google.com/jsapi
https://www.gstatic.com/charts/loader.js

61 KB
19 KB

160ms
31ms

Script
text/javascript

2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/loader.js

Requested by

Host: admin.mensagemespirita.com.br
URL: https://admin.mensagemespirita.com.br/

Protocol

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

369ae154eab37b7ada7776b934833183bb053ebd1d0255f70ef8944f65cabb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://admin.mensagemespirita.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 19 Jun 2024 08:58:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2690
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18534
x-xss-protection: 0
last-modified: Tue, 04 Apr 2023 17:52:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="gviz"
vary: Accept-Encoding, Origin
report-to: {"group":"gviz","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gviz"}]}
content-type: text/javascript
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Wed, 19 Jun 2024 09:58:38 GMT

Redirect headers

date: Wed, 19 Jun 2024 09:20:17 GMT
x-content-type-options: nosniff
server: sffe
age: 1391
content-type: text/html; charset=UTF-8
location: https://www.gstatic.com/charts/loader.js
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 237
x-xss-protection: 0
expires: Wed, 19 Jun 2024 09:50:17 GMT

GET
H3 200 jquery.myfunctions.js Show response
images4.hlq.com.br/scripts/ 330 B
747 B 655ms
446ms Script
application/javascript 172.67.219.134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://images4.hlq.com.br/scripts/jquery.myfunctions.js
Requested by: Host: admin.mensagemespirita.com.br
URL: https://admin.mensagemespirita.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.219.134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88b725174884db47fbf1cd242e97ea50845749fbba1d8f1c0379556f5b198b94

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://admin.mensagemespirita.com.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 09:43:29 GMT
content-encoding: gzip
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 241
last-modified: Fri, 07 Oct 2016 23:13:03 GMT
server: cloudflare
etag: "14a-53e4e8d53bdc0-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9p5E1eRnoTjtY5DPxAQJ%2FTM5uHZWPotAOxQFQ0tiP4%2BYHTKJ71WB4UiMjAEHMps9kr3GnGjJDiujiftvwuQ4CTxISgNDtffjSHnOgI5VYt%2BXvj%2BU%2FpFAz739aKvYu6bc1mb4Bas%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=216000, private
accept-ranges: bytes
cf-ray: 896293359e091987-FRA
expires: Wed, 19 Jun 2024 09:43:30 GMT

GET
H3 200 jquery.meio.mask.js Show response
images1.hlq.com.br/scripts/ 23 KB
8 KB 595ms
492ms Script
application/javascript 172.67.219.134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://images1.hlq.com.br/scripts/jquery.meio.mask.js
Requested by: Host: admin.mensagemespirita.com.br
URL: https://admin.mensagemespirita.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.219.134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d25fd99a6dd1cbf5505abe18b2b863dbb64992bcee14563169bb1aa938a3a561

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://admin.mensagemespirita.com.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 09:43:29 GMT
content-encoding: gzip
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 7526
last-modified: Fri, 07 Oct 2016 23:13:03 GMT
server: cloudflare
etag: "5be1-53e4e8d53bdc0-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BeJJPUeAokkhSddwyV84QfSDic57q0DajjrAX0D6WW5ZJGNTQjA9WW4YnB4S6nRMx%2BG59rh6aBTeFtmdIoVg87y%2FZ%2BMb9ZQuJnOap%2FMWtz1fY8GWd32UWguXsbTojrnreZpP034%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=216000, private
accept-ranges: bytes
cf-ray: 89629334fd081987-FRA
expires: Wed, 19 Jun 2024 09:43:30 GMT

GET
H3 200 jquery.validationEngine-br.js Show response
images3.hlq.com.br/scripts/form_validator/js/ 2 KB
1 KB 711ms
435ms Script
application/javascript 172.67.219.134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://images3.hlq.com.br/scripts/form_validator/js/jquery.validationEngine-br.js
Requested by: Host: admin.mensagemespirita.com.br
URL: https://admin.mensagemespirita.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.219.134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3abb3255a4ec97cae8d821862dfb8fad5855d6a6d1e88bc106adc8b7cc9a38a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://admin.mensagemespirita.com.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 09:43:29 GMT
content-encoding: gzip
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 735
last-modified: Fri, 07 Oct 2016 23:13:02 GMT
server: cloudflare
etag: "7d8-53e4e8d447b80-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v7GtidtJZ4H0hpMXJqCwa5s0Tw3at5fNgZcC%2Bip9sJJ%2FjK5%2Fd9iKww3RGq71tK7%2FCUN7Zhht4kC8WXH%2FMyIHpeea%2BL5Cowc0yEdkEPTg4KBGUizlUVrYBYf92g14EmhnSM%2FNoW8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=216000, private
accept-ranges: bytes
cf-ray: 896293360ea31987-FRA
expires: Wed, 19 Jun 2024 09:43:30 GMT

GET
H3 200 jquery.validationEngine.js Show response
images2.hlq.com.br/scripts/form_validator/js/ 24 KB
7 KB 927ms
448ms Script
application/javascript 172.67.219.134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://images2.hlq.com.br/scripts/form_validator/js/jquery.validationEngine.js
Requested by: Host: admin.mensagemespirita.com.br
URL: https://admin.mensagemespirita.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.219.134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ae22d3f7a7c2cbe42eca1874fdb1b79eb6d14806e2dd2f264dc81ce715690fa

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://admin.mensagemespirita.com.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 09:43:29 GMT
content-encoding: gzip
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 6170
last-modified: Fri, 07 Oct 2016 23:13:02 GMT
server: cloudflare
etag: "6035-53e4e8d447b80-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wRRlBDqoFEf%2B3qzy1PL%2F3DQGyo0eXsGdMw28a5x21vYDO7Nc4nZXhA8BiEWwMc3py%2BeMifnQxTpQxVgRJ6nCintzDHc2Cc8J%2Bv5KHjDambj4ymJoAahXIbIIsKozYe9Iw%2Bo4J3c%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=216000, private
accept-ranges: bytes
cf-ray: 8962933749301987-FRA
expires: Wed, 19 Jun 2024 09:43:30 GMT

GET
H3 200 jquery.form.js Show response
images1.hlq.com.br/scripts/ 20 KB
8 KB 546ms
443ms Script
application/javascript 172.67.219.134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://images1.hlq.com.br/scripts/jquery.form.js
Requested by: Host: admin.mensagemespirita.com.br
URL: https://admin.mensagemespirita.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.219.134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33fe94ea6f1ac47c417b26ed69ec9e03a7d18f2d42c0031940ee0c714ae79249

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://admin.mensagemespirita.com.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 09:43:29 GMT
content-encoding: gzip
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 7283
last-modified: Fri, 07 Oct 2016 23:13:02 GMT
server: cloudflare
etag: "5145-53e4e8d447b80-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rWAZBjXW%2BHdINcWjoGrFpq%2Ftr0%2BqNTLKaYq9%2BgEEwKDUZrxxB6Wk2xNjexfqisNb3fc7gggrOHq9fW%2BrGRhOD7kt1cSjg%2F6udCjU%2BI5m6F%2FYHwm0mLy%2Fk04eHkVsYzVkKmcdED4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=216000, private
accept-ranges: bytes
cf-ray: 89629334fd0b1987-FRA
expires: Wed, 19 Jun 2024 09:43:30 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.4.2/ 70 KB
24 KB 109ms
59ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js

Requested by

Host: www.google.com
URL: https://www.google.com/jsapi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://admin.mensagemespirita.com.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 04:00:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20562
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24715
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Jun 2025 04:00:47 GMT

GET
H2 200 jquery-ui.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1.8.2/ 188 KB
49 KB 73ms
23ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.2/jquery-ui.min.js

Requested by

Host: www.google.com
URL: https://www.google.com/jsapi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f96d06c989aeaef7acb0196ea9ddc5d9ce2c662125e5fe935901b8ae98e2a004

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://admin.mensagemespirita.com.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 14:48:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68115
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49529
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Jun 2025 14:48:14 GMT

GET
H3 200 bg1.jpg
admin.mensagemespirita.com.br/imgs/ 314 B
803 B 430ms
428ms Image
image/jpeg 172.67.146.136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://admin.mensagemespirita.com.br/imgs/bg1.jpg
Requested by: Host: admin.mensagemespirita.com.br
URL: https://admin.mensagemespirita.com.br/css/login_layout.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.146.136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7bde9a3438b17a774b29a2c03766743802e9204f44b3c8a3f6dd1cfc023b090

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://admin.mensagemespirita.com.br/css/login_layout.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 09:43:30 GMT
cf-cache-status: MISS
last-modified: Sat, 08 Oct 2016 03:26:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Kx%2FmDU1w%2BeIpd9ne1k51RI8uXPbDe0gYYbb5%2FhTu2zaEbCgd0RmT405GooUhsX9UTaBNEDOuBo5%2Bp1dfdbwaoWduwIK%2FG2v1r6GgWXn7VvG94hihdOvaleG0v0aCrig0WJpdaXf%2Fu5yQLuSU7DFCBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 8962933a5dc02c59-FRA
alt-svc: h3=":443"; ma=86400
content-length: 314
expires: Fri, 19 Jul 2024 09:43:29 GMT

GET
H3 404 favicon.ico
admin.mensagemespirita.com.br/ 557 B
826 B 424ms
423ms Other
text/html 172.67.146.136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://admin.mensagemespirita.com.br/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.146.136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9e8431f346fba96912e1b6f36f68fc597181ffd7adcd15e0dcb8411bfc7876f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://admin.mensagemespirita.com.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 19 Jun 2024 09:43:30 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pz6R%2BAuQtDFti3RvH7lK6souqFrtMpmFBC7dAeKeebN8aCHB0tEg8Q11iQs4%2BI4UEVOmKRcwfPLrm2lfGUdxM6ez7CjOJP1AXp6Q%2B6Q0ZjX5%2FeJ99bXXK92ZHsy%2F6zN3r71JSyRUhpXOw5UIjScpfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: private, max-age=3600, must-revalidate, post-check=0, pre-check=0
cf-ray: 8962933fdc0e2c59-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://admin.mensagemespirita.com.br/ Message: Mixed Content: The page at 'https://admin.mensagemespirita.com.br/' was loaded over HTTPS, but requested an insecure element 'http://www.mensagemespirita.com.br/imgs/logo.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://admin.mensagemespirita.com.br/(Line 40) Message: Mixed Content: The page at 'https://admin.mensagemespirita.com.br/' was loaded over HTTPS, but requested an insecure element 'http://www.mensagemespirita.com.br/imgs/logo.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
recommendation	verbose	URL: https://admin.mensagemespirita.com.br/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://admin.mensagemespirita.com.br/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

admin.mensagemespirita.com.br
ajax.googleapis.com
images1.hlq.com.br
images2.hlq.com.br
images3.hlq.com.br
images4.hlq.com.br
www.google.com
www.gstatic.com
www.mensagemespirita.com.br
142.250.184.228
172.67.146.136
172.67.219.134
2606:4700:3030::ac43:9288
2a00:1450:4001:80f::200a
2a00:1450:4001:82a::2003
062b20722608fdbaaef7c5f69f50e2fe6201a5c5c8eabb09e4e313a7d6f6dde5
0ae22d3f7a7c2cbe42eca1874fdb1b79eb6d14806e2dd2f264dc81ce715690fa
31eaa126dbc4eef4718c9e43660aa2b02373301e34235abf63af043d85d6d3f5
33fe94ea6f1ac47c417b26ed69ec9e03a7d18f2d42c0031940ee0c714ae79249
369ae154eab37b7ada7776b934833183bb053ebd1d0255f70ef8944f65cabb0c
4159357e2c22c483e36cb6a4ee53f99a41ef69973b3b020d3e37efa349cd034b
88b725174884db47fbf1cd242e97ea50845749fbba1d8f1c0379556f5b198b94
9f0f31c83d2973f9a14e0276328cf701161eb2635683f42df4942162a8bfa773
a9e8431f346fba96912e1b6f36f68fc597181ffd7adcd15e0dcb8411bfc7876f
c7bde9a3438b17a774b29a2c03766743802e9204f44b3c8a3f6dd1cfc023b090
d25fd99a6dd1cbf5505abe18b2b863dbb64992bcee14563169bb1aa938a3a561
d330f620e4e42c3bc255498a0dd5096dacd90da2da108608353f7180d4b0902e
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
e3abb3255a4ec97cae8d821862dfb8fad5855d6a6d1e88bc106adc8b7cc9a38a
f96d06c989aeaef7acb0196ea9ddc5d9ce2c662125e5fe935901b8ae98e2a004

admin.mensagemespirita.com.br Open in urlscan Pro 172.67.146.136 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

15 Requests

93 %HTTPS

50 %IPv6

5 Domains

9 Subdomains

5 IPs

2 Countries

138 kBTransfer

439 kBSize

0 Cookies

2 Outgoing links

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

0 Cookies

4 Console Messages

Indicators

admin.mensagemespirita.com.br Open in urlscan Pro
172.67.146.136 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

93 %
HTTPS

50 %
IPv6

5
Domains

9
Subdomains

5
IPs

2
Countries

138 kB
Transfer

439 kB
Size

0
Cookies

15 HTTP transactions
0 data transactions