1a873ae0a3205bc1.ngrok.app Open in urlscan Pro
2a05:d014:21b:8e00::6e:3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://1a873ae0a3205bc1.ngrok.app/l/
Submission: On April 30 via api (April 30th 2024, 4:20:28 am UTC) from HU — Scanned from DE

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 15 HTTP transactions. The main IP is 2a05:d014:21b:8e00::6e:3, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is 1a873ae0a3205bc1.ngrok.app.
TLS certificate: Issued by R3 on April 8th 2024. Valid for: 3 months.

This is the only time 1a873ae0a3205bc1.ngrok.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	2a05:d014:21b... 2a05:d014:21b:8e00::6e:3	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
2	216.58.206.36 216.58.206.36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:12d... 2a02:26f0:12d::b819:ef58	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.95.164.100 52.95.164.100	16509 (AMAZON-02) (AMAZON-02)
1 1	2606:4700:10:... 2606:4700:10::ac43:8ee	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	6

7 2a05:d014:21b:8e00::6e:3 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

1a873ae0a3205bc1.ngrok.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.36 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:12d::b819:ef58 (Berlin, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.locaweb.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.95.164.100 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: s3-sa-east-1.amazonaws.com

s3-sa-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:8ee (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cutt.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	ngrok.app 1a873ae0a3205bc1.ngrok.app	253 KB
3	gstatic.com www.gstatic.com fonts.gstatic.com	437 KB
2	locaweb.com.br www.locaweb.com.br	3 KB
2	google.com www.google.com — Cisco Umbrella Rank: 2	576 B
1	cutt.ly 1 redirects cutt.ly — Cisco Umbrella Rank: 54972	438 B
1	amazonaws.com s3-sa-east-1.amazonaws.com	516 B
15	6

	Domain	Requested by
7	1a873ae0a3205bc1.ngrok.app	1a873ae0a3205bc1.ngrok.app
2	www.locaweb.com.br	1a873ae0a3205bc1.ngrok.app
2	www.google.com	1a873ae0a3205bc1.ngrok.app
2	www.gstatic.com	1a873ae0a3205bc1.ngrok.app www.google.com
1	cutt.ly	1 redirects
1	s3-sa-east-1.amazonaws.com	1a873ae0a3205bc1.ngrok.app
1	fonts.gstatic.com	1a873ae0a3205bc1.ngrok.app
15	7

This site contains no links.

Subject Issuer	Validity	Valid
*.ngrok.app R3	`2024-04-08` - `2024-07-07`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
www.locaweb.com.br R3	`2024-03-25` - `2024-06-23`	3 months	crt.sh
*.s3-sa-east-1.amazonaws.com Amazon RSA 2048 M01	`2024-04-12` - `2025-03-30`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://1a873ae0a3205bc1.ngrok.app/l/
Frame ID: F2EBA9389E9240741FD9E35F289D0EFE
Requests: 14 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=pt-BR&v=x5WWoE57Fv0d6ATKsLDIAKnt&k=6LeNHOUZAAAAAJ2hYkVBkc_RMZ_GfaCd6XwqZty0
Frame ID: 4897A6F2CD6E63E2F1D712FA19462D54
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Autenticação Locaweb

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

15
Requests

93 %
HTTPS

71 %
IPv6

6
Domains

7
Subdomains

6
IPs

3
Countries

694 kB
Transfer

1323 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

https://cutt.ly/5wNfMV9X HTTP 301
https://www.locaweb.com.br/ajuda/wp-content/uploads/2018/09/cropped-favicon-wiki-1-32x32.png

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
1a873ae0a3205bc1.ngrok.app/l/ 10 KB
10 KB 555ms
459ms Document
text/html 2a05:d014:21b:8e00::6e:3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://1a873ae0a3205bc1.ngrok.app/l/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:21b:8e00::6e:3 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.0.30 / PHP/8.0.30
Resource Hash: 408c0b1dd7c0e8299666abbdbcaed5339f6f9120b5b3dc20237af8e11fcae0ff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

content-type: text/html; charset=UTF-8
date: Tue, 30 Apr 2024 04:20:22 GMT
server: Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.0.30
x-powered-by: PHP/8.0.30

GET
H2 200 cas.css
1a873ae0a3205bc1.ngrok.app/l/css/ 31 KB
31 KB 257ms
255ms Stylesheet
text/css 2a05:d014:21b:8e00::6e:3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://1a873ae0a3205bc1.ngrok.app/l/css/cas.css
Requested by: Host: 1a873ae0a3205bc1.ngrok.app
URL: https://1a873ae0a3205bc1.ngrok.app/l/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:21b:8e00::6e:3 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.0.30 /
Resource Hash: ad730db97368826f0c4775aaa73ba74386d314d08d96e7028ff4a4353f412d61

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://1a873ae0a3205bc1.ngrok.app/l/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 30 Apr 2024 04:20:22 GMT
last-modified: Fri, 23 Feb 2024 18:50:57 GMT
server: Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.0.30
accept-ranges: bytes
etag: "7c44-612110a4fa640"
content-length: 31812
content-type: text/css

GET
H2 200 recaptcha__pt_br.js Show response
www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/ 492 KB
197 KB 142ms
48ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/recaptcha__pt_br.js

Requested by

Host: 1a873ae0a3205bc1.ngrok.app
URL: https://1a873ae0a3205bc1.ngrok.app/l/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fb3a13805e8437546c8adfd8fe665cb6a074f1413e7605aa180fa53a1692f0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1a873ae0a3205bc1.ngrok.app/
Origin: https://1a873ae0a3205bc1.ngrok.app
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 30 Apr 2024 04:20:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 200642
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 05:00:25 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Apr 2025 04:20:22 GMT

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 850 B
576 B 132ms
49ms Script
text/javascript 216.58.206.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: 1a873ae0a3205bc1.ngrok.app
URL: https://1a873ae0a3205bc1.ngrok.app/l/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f4.1e100.net

Software

GSE /

Resource Hash

67bfe787373089eb83995de4b2abbfb7cbd7bab8c70aa1fd5608533e27799a99

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://1a873ae0a3205bc1.ngrok.app/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 30 Apr 2024 04:20:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 30 Apr 2024 04:20:22 GMT

GET
H2 200 vendor.min.js Show response
1a873ae0a3205bc1.ngrok.app/l/js/vendors/ 183 KB
183 KB 462ms
461ms Script
text/javascript 2a05:d014:21b:8e00::6e:3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://1a873ae0a3205bc1.ngrok.app/l/js/vendors/vendor.min.js
Requested by: Host: 1a873ae0a3205bc1.ngrok.app
URL: https://1a873ae0a3205bc1.ngrok.app/l/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:21b:8e00::6e:3 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.0.30 /
Resource Hash: 203ed3c14822b122d1c0d29bb510fb73f96c8f777d25d8e64a16c176711c4da7

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://1a873ae0a3205bc1.ngrok.app/l/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 30 Apr 2024 04:20:22 GMT
last-modified: Fri, 23 Feb 2024 18:50:57 GMT
server: Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.0.30
accept-ranges: bytes
etag: "2dbb0-612110a4fa640"
content-length: 187312
content-type: text/javascript

GET
H2 200 modernizr.js Show response
1a873ae0a3205bc1.ngrok.app/l/js/vendors/ 17 KB
17 KB 470ms
469ms Script
text/javascript 2a05:d014:21b:8e00::6e:3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://1a873ae0a3205bc1.ngrok.app/l/js/vendors/modernizr.js
Requested by: Host: 1a873ae0a3205bc1.ngrok.app
URL: https://1a873ae0a3205bc1.ngrok.app/l/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:21b:8e00::6e:3 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.0.30 /
Resource Hash: bf0d1f2cdc8a0e0ef1f12952983d3a50381970dfa209411b0467617304d93415

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://1a873ae0a3205bc1.ngrok.app/l/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 30 Apr 2024 04:20:22 GMT
last-modified: Fri, 23 Feb 2024 18:50:57 GMT
server: Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.0.30
accept-ranges: bytes
etag: "435a-612110a4fa640"
content-length: 17242
content-type: text/javascript

GET
H2 200 cas.js Show response
1a873ae0a3205bc1.ngrok.app/l/js/ 7 KB
7 KB 499ms
498ms Script
text/javascript 2a05:d014:21b:8e00::6e:3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://1a873ae0a3205bc1.ngrok.app/l/js/cas.js
Requested by: Host: 1a873ae0a3205bc1.ngrok.app
URL: https://1a873ae0a3205bc1.ngrok.app/l/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:21b:8e00::6e:3 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.0.30 /
Resource Hash: 08a5a928c5fe630d56ab94a657ad209ff0073490605033c3a68406ff19d61b73

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://1a873ae0a3205bc1.ngrok.app/l/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 30 Apr 2024 04:20:22 GMT
last-modified: Fri, 23 Feb 2024 18:50:57 GMT
server: Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.0.30
accept-ranges: bytes
etag: "1c95-612110a4fa640"
content-length: 7317
content-type: text/javascript

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/ 509 KB
203 KB 122ms
121ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

352a6d9b12a5ae3949d370ff42a338ba8bb6ff455d9ba995b1755fb7b99e8824

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1a873ae0a3205bc1.ngrok.app/
Origin: https://1a873ae0a3205bc1.ngrok.app
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 27 Apr 2024 07:55:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 246264
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 207268
x-xss-protection: 0
last-modified: Mon, 22 Apr 2024 21:03:35 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 27 Apr 2025 07:55:58 GMT

GET
H2 200 logo.png
1a873ae0a3205bc1.ngrok.app/l/images/ 3 KB
3 KB 255ms
254ms Image
image/png 2a05:d014:21b:8e00::6e:3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1a873ae0a3205bc1.ngrok.app/l/images/logo.png
Requested by: Host: 1a873ae0a3205bc1.ngrok.app
URL: https://1a873ae0a3205bc1.ngrok.app/l/css/cas.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:21b:8e00::6e:3 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.0.30 /
Resource Hash: 77ed1e7f83eccec316ba234a5ecc245fd2015be98563b176746541ea47829853

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://1a873ae0a3205bc1.ngrok.app/l/css/cas.css
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 30 Apr 2024 04:20:23 GMT
last-modified: Fri, 23 Feb 2024 18:50:57 GMT
server: Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.0.30
accept-ranges: bytes
etag: "a6f-612110a4fa640"
content-length: 2671
content-type: image/png

GET
H2 200 4iCs6KVjbNBYlgoKfw7z.ttf
fonts.gstatic.com/s/ubuntu/v10/ 68 KB
38 KB 138ms
40ms Font
font/ttf 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v10/4iCs6KVjbNBYlgoKfw7z.ttf

Requested by

Host: 1a873ae0a3205bc1.ngrok.app
URL: https://1a873ae0a3205bc1.ngrok.app/l/css/cas.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9583e0a18af0182f2db062db52693d8292651ff79004d114ee6c515e9d2b8a28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1a873ae0a3205bc1.ngrok.app/
Origin: https://1a873ae0a3205bc1.ngrok.app
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 27 Apr 2024 00:36:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 272661
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38347
x-xss-protection: 0
last-modified: Mon, 05 Jun 2017 20:31:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Apr 2025 00:36:02 GMT

GET
H2 200 dyn__locaweb-icons.ttf
1a873ae0a3205bc1.ngrok.app/l/fonts/ 2 KB
2 KB 256ms
254ms Font
font/ttf 2a05:d014:21b:8e00::6e:3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://1a873ae0a3205bc1.ngrok.app/l/fonts/dyn__locaweb-icons.ttf?-sdn0n
Requested by: Host: 1a873ae0a3205bc1.ngrok.app
URL: https://1a873ae0a3205bc1.ngrok.app/l/css/cas.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:21b:8e00::6e:3 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.0.30 /
Resource Hash: 18672d73c3550cdf0f85e670c218204043dd176d77de1c965a8e0ef7305f80c1

Request headers

Referer: https://1a873ae0a3205bc1.ngrok.app/l/css/cas.css
Origin: https://1a873ae0a3205bc1.ngrok.app
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 30 Apr 2024 04:20:23 GMT
last-modified: Fri, 23 Feb 2024 18:50:57 GMT
server: Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.0.30
accept-ranges: bytes
etag: "654-612110a4fa640"
content-length: 1620
content-type: font/ttf

POST
H2 200 / Show response
www.locaweb.com.br/json/products-description/ 807 B
2 KB 738ms
639ms XHR
application/json 2a02:26f0:12d::b819:ef58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.locaweb.com.br/json/products-description/

Requested by

Host: 1a873ae0a3205bc1.ngrok.app
URL: https://1a873ae0a3205bc1.ngrok.app/l/js/vendors/vendor.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:12d::b819:ef58 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

c95b59f930ffde62edc9d350a8528df17c18b65329975ab77243f008b75fc01f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://afiliados.locaweb.com.br
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://1a873ae0a3205bc1.ngrok.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-ua-compatible: IE=Edge
pragma: no-cache
content-security-policy: frame-ancestors 'self' https://afiliados.locaweb.com.br
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
date: Tue, 30 Apr 2024 04:20:24 GMT
server: Apache
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-robots-tag: noindex, nofollow
content-length: 807
x-xss-protection: 1; mode=block
expires: Tue, 30 Apr 2024 04:20:24 GMT

GET
H/1.1 200
OK bg.png
s3-sa-east-1.amazonaws.com/frame-image-br/ 0
516 B 755ms
256ms Image
image/png 52.95.164.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-sa-east-1.amazonaws.com/frame-image-br/bg.png?x-id=POCLCB&x-r=
Requested by: Host: 1a873ae0a3205bc1.ngrok.app
URL: https://1a873ae0a3205bc1.ngrok.app/l/
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 52.95.164.100 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-sa-east-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://1a873ae0a3205bc1.ngrok.app/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Tue, 30 Apr 2024 04:20:25 GMT
Last-Modified: Thu, 04 May 2017 08:21:21 GMT
Server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:502/gname:staff/uname:user/gid:20/mode:33188/mtime:1493416832/atime:1493796970/md5:d41d8cd98f00b204e9800998ecf8427e/ctime:1493416832
x-amz-request-id: BCPJWSX698KDENXM
ETag: "d41d8cd98f00b204e9800998ecf8427e"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 0
x-amz-id-2: XLogLElt1RnU+tE+pU3sXHniKqZAtGA0VcQ7juIkhwDZ9/XxFe4OoTqRe5IwQs22gL0MjR6uTqw=

GET
H3 200 bframe
www.google.com/recaptcha/api2/ Frame 4897 0
0 131ms
51ms Document
text/html 216.58.206.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=pt-BR&v=x5WWoE57Fv0d6ATKsLDIAKnt&k=6LeNHOUZAAAAAJ2hYkVBkc_RMZ_GfaCd6XwqZty0

Requested by

Host: 1a873ae0a3205bc1.ngrok.app
URL: https://1a873ae0a3205bc1.ngrok.app/l/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-uktCyZmgeNsMc81RStUcNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://1a873ae0a3205bc1.ngrok.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'nonce-uktCyZmgeNsMc81RStUcNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 30 Apr 2024 04:20:23 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2

200

cropped-favicon-wiki-1-32x32.png
www.locaweb.com.br/ajuda/wp-content/uploads/2018/09/
Redirect Chain

https://cutt.ly/5wNfMV9X
https://www.locaweb.com.br/ajuda/wp-content/uploads/2018/09/cropped-favicon-wiki-1-32x32.png

1 KB
1 KB

162ms
89ms

Other
image/png

2a02:26f0:12d::b819:ef58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.locaweb.com.br/ajuda/wp-content/uploads/2018/09/cropped-favicon-wiki-1-32x32.png
Protocol: H2
Server: 2a02:26f0:12d::b819:ef58 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache/2.4.54 (Locaweb) OpenSSL/1.0.2k-fips PHP/7.4.11 /
Resource Hash: 87b0d0592afb313bded01b237c0280a8832cebf6c8f6b5820e913b8d8a2b9dca

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 30 Apr 2024 04:20:25 GMT
last-modified: Wed, 14 Sep 2022 11:25:54 GMT
server: Apache/2.4.54 (Locaweb) OpenSSL/1.0.2k-fips PHP/7.4.11
accept-ranges: bytes
etag: "439-5e8a1645c6c0d"
content-length: 1081
content-type: image/png

Redirect headers

pragma: no-cache
date: Tue, 30 Apr 2024 04:20:25 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
referrer-policy: same-origin
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://www.locaweb.com.br/ajuda/wp-content/uploads/2018/09/cropped-favicon-wiki-1-32x32.png
cache-control: no-cache, no-store, must-revalidate
cf-ray: 87c4bd37ae0565ae-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1a873ae0a3205bc1.ngrok.app
cutt.ly
fonts.gstatic.com
s3-sa-east-1.amazonaws.com
www.google.com
www.gstatic.com
www.locaweb.com.br
216.58.206.36
2606:4700:10::ac43:8ee
2a00:1450:4001:82a::2003
2a00:1450:4001:830::2003
2a02:26f0:12d::b819:ef58
2a05:d014:21b:8e00::6e:3
52.95.164.100
08a5a928c5fe630d56ab94a657ad209ff0073490605033c3a68406ff19d61b73
18672d73c3550cdf0f85e670c218204043dd176d77de1c965a8e0ef7305f80c1
203ed3c14822b122d1c0d29bb510fb73f96c8f777d25d8e64a16c176711c4da7
352a6d9b12a5ae3949d370ff42a338ba8bb6ff455d9ba995b1755fb7b99e8824
408c0b1dd7c0e8299666abbdbcaed5339f6f9120b5b3dc20237af8e11fcae0ff
67bfe787373089eb83995de4b2abbfb7cbd7bab8c70aa1fd5608533e27799a99
77ed1e7f83eccec316ba234a5ecc245fd2015be98563b176746541ea47829853
7fb3a13805e8437546c8adfd8fe665cb6a074f1413e7605aa180fa53a1692f0d
87b0d0592afb313bded01b237c0280a8832cebf6c8f6b5820e913b8d8a2b9dca
9583e0a18af0182f2db062db52693d8292651ff79004d114ee6c515e9d2b8a28
ad730db97368826f0c4775aaa73ba74386d314d08d96e7028ff4a4353f412d61
bf0d1f2cdc8a0e0ef1f12952983d3a50381970dfa209411b0467617304d93415
c95b59f930ffde62edc9d350a8528df17c18b65329975ab77243f008b75fc01f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

1a873ae0a3205bc1.ngrok.app Open in urlscan Pro 2a05:d014:21b:8e00::6e:3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

15 Requests

93 %HTTPS

71 %IPv6

6 Domains

7 Subdomains

6 IPs

3 Countries

694 kBTransfer

1323 kBSize

0 Cookies

0 Outgoing links

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

0 Cookies

Indicators

1a873ae0a3205bc1.ngrok.app Open in urlscan Pro
2a05:d014:21b:8e00::6e:3 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

93 %
HTTPS

71 %
IPv6

6
Domains

7
Subdomains

6
IPs

3
Countries

694 kB
Transfer

1323 kB
Size

0
Cookies

15 HTTP transactions
0 data transactions