Report - acesse.dev/wtclisboaheadtohead

Report Overview

Submitted URL
acesse.dev/wtclisboaheadtohead
IP
216.239.38.21
ASN
#15169 GOOGLE
Submitted
2024-04-26 18:42:24
Access
public
Website Title
Head to Head | WTC Lisboa Business Club
Final URL
wtclisboa.rds.land/head-to-head
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
14

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
wtclisboa.rds.land	unknown	unknown	No data	No data	978 B	54 kB	34.68.90.188
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2024-04-26	434 B	34 kB	216.58.207.202
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-25	608 B	34 kB	216.58.207.234
acesse.dev	unknown	2023-07-17	2023-07-19	2024-03-21	484 B	538 B	216.239.34.21
encurtador.dev	unknown	2021-10-07	2021-10-20	2024-04-17	505 B	546 B	216.239.36.21
dr-api.encurtador.dev	unknown	2021-10-07	2022-09-05	2024-04-18	1.1 kB	631 B	52.201.47.91
d335luupugsy2.cloudfront.net	unknown	2008-04-25	2015-04-16	2024-04-24	7.0 kB	1.4 MB	3.164.247.68
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-26	1.1 kB	51 kB	216.58.207.227
dk9suync0k2va.cloudfront.net	unknown	2008-04-25	2021-01-26	2024-04-18	471 B	8.9 kB	54.230.241.143
www.encurtador.dev	unknown	2021-10-07	2022-12-04	2024-04-18	2.1 kB	88 kB	54.230.111.53
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-04-25	1.4 kB	21 kB	104.17.24.14
popups.rdstation.com.br	65718	2011-06-06	2021-03-19	2024-04-22	539 B	425 B	34.68.90.188
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-04-26	415 B	126 kB	142.250.74.168

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-26	medium	encurtador.dev	Sinkholed
2024-04-26	medium	encurtador.dev	Sinkholed
2024-04-26	medium	encurtador.dev	Sinkholed
2024-04-26	medium	encurtador.dev	Sinkholed
2024-04-26	medium	encurtador.dev	Sinkholed
2024-04-26	medium	encurtador.dev	Sinkholed
2024-04-26	medium	encurtador.dev	Sinkholed

ThreatFox

No alerts detected

JavaScript (18)

	URL	Size	First Seen	Last Seen
	www.googletagmanager.com/gtag/js?id=	125 kB	2024-04-26	2024-04-26
Pretty URL www.googletagmanager.com/gtag/js?id= IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 20:42:31 Last Seen2024-04-26 20:42:32 Times Seen2 Hash 9f3ca86ec2de632816e962a2e152bfee ea7066535c7496c541bcd8f38bff445692a7c1a1 e90f99a5865191e9a9b844ab7a77a7280bbc0b086151d141eeb1fa342d19b920 Loading...

	cdnjs.cloudflare.com/ajax/libs/select2/3.5.2/select2.min.js	67 kB	2023-03-07	2024-05-06
Pretty URL cdnjs.cloudflare.com/ajax/libs/select2/3.5.2/select2.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:22:00 Last Seen2024-05-06 14:29:18 Times Seen258 Hash 43ea1dd926d28fb13254881c45cd313f 6445d0667b0c8005122d79019ac0d794dae99bb4 1f3cd9162638b743c8bf4d939bcfd1dc256f2e97231e13b5cff600502a78a10e Loading...

	d335luupugsy2.cloudfront.net/js/lead-tracking/stable/plugins/jquery.cookie.v1.4.1.min.js	1.3 kB	2023-03-07	2024-05-07
Pretty URL d335luupugsy2.cloudfront.net/js/lead-tracking/stable/plugins/jquery.cookie.v1.4.1.min.js IP 3.164.247.68 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:34 Last Seen2024-05-07 19:56:42 Times Seen8667 Hash 4412bf8023109ee9eb1f1f226d391329 c273960aa874a87dd022b5e597887142f1b8e34f d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6 Loading...

	d335luupugsy2.cloudfront.net/js/lead-tracking/stable/plugins/math.uuid.v1.4.min.js	876 B	2023-03-12	2024-04-29
Pretty URL d335luupugsy2.cloudfront.net/js/lead-tracking/stable/plugins/math.uuid.v1.4.min.js IP 3.164.247.68 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 16:06:17 Last Seen2024-04-29 22:49:39 Times Seen90 Hash 84f19792de0d53f3000550ed75b539ea 542e68fc6a304b9e2c3ef59b83100126a957213e 09e62de51ee41b28720d7c1d7e0b00b5cd191fc6fcc047d702ce2232ccdfd04c Loading...

	d335luupugsy2.cloudfront.net/js/rd/stable/rdlps.min.js?t=1713979059	288 kB	2024-04-22	2024-04-29
Pretty URL d335luupugsy2.cloudfront.net/js/rd/stable/rdlps.min.js?t=1713979059 IP 3.164.247.68 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-22 14:20:07 Last Seen2024-04-29 22:49:39 Times Seen8 Hash 6c1861e2996ec8cdacfcd2c2b7cc9ce7 50824ad14935f84f6e01a991dcd3999bd0cb71c1 6217b8a977d77f823f2445b985599da9c0b17106df85f63fcb41240bb9075814 Loading...

	d335luupugsy2.cloudfront.net/js/loader-scripts/a2e43129-0f8c-4186-820b-ab70dd70309f-loader.js	3.3 kB	2024-04-26	2024-04-26
Pretty URL d335luupugsy2.cloudfront.net/js/loader-scripts/a2e43129-0f8c-4186-820b-ab70dd70309f-loader.js IP 3.164.247.68 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 20:42:31 Last Seen2024-04-26 20:42:31 Times Seen1 Hash ee7967c880ea0440caf7caa0989c7b7c 24349f4642cb063a95a6ba34574eac5011ff3178 ee4792c4f2d3229cef091689350bc285ff22356eea1435ad8883e0955522177d Loading...

	unknown	38 B	2023-04-10	2024-05-07
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-10 16:02:06 Last Seen2024-05-07 21:30:26 Times Seen14184 Hash 43e28c5553d54ed2964bd5147521769b 0a2b8c3db330a47aa7b9195e6dfdf944adb9240d d63026c985dc46aeb316574b7bf1828080c906238e35d5e34cb80414c0e70d23 Loading...

	wtclisboa.rds.land/head-to-head	1 B	2023-03-07	2024-05-07
Pretty URL wtclisboa.rds.land/head-to-head IP 34.68.90.188 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02:53 Last Seen2024-05-07 18:51:38 Times Seen21738 Hash 7215ee9c7d9dc229d2921a40e899ec5f b858cb282617fb0956d960215c8e84d1ccf909c6 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068 Loading...

	d335luupugsy2.cloudfront.net/js/integration/2.0.0/rd-js-integration.min.js?v=1	30 kB	2023-04-05	2024-05-06
Pretty URL d335luupugsy2.cloudfront.net/js/integration/2.0.0/rd-js-integration.min.js?v=1 IP 3.164.247.68 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 02:08:23 Last Seen2024-05-06 23:35:42 Times Seen181 Hash 46e62a283e73de651b4a0e6da749ac74 fb103ea405b54e0d092fb78fb3aced702041a235 f4aa9e3a976f20cd4babf17dcdd27e63335a70191d322432a6f6c868d73a5cfa Loading...

	d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/rdstation-popup.min.js?v=1	209 kB	2024-04-17	2024-05-07
Pretty URL d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/rdstation-popup.min.js?v=1 IP 3.164.247.68 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-17 21:52:48 Last Seen2024-05-07 20:36:56 Times Seen28 Hash b6340e82771c1e242b5862eda7fb7008 b77828c85a7843399f97c5d19c4f3411003ad331 70be3f27403e0ab74c6b11fcd837997e5bca12b69449cf287823d18be663f87c Loading...

	d335luupugsy2.cloudfront.net/js/jquery.form/2.02/jquery.form.js	32 kB	2023-03-11	2024-04-29
Pretty URL d335luupugsy2.cloudfront.net/js/jquery.form/2.02/jquery.form.js IP 3.164.247.68 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:04:49 Last Seen2024-04-29 22:49:38 Times Seen85 Hash 820f80306571dbe0a1deb0b63496d85f a48f47033b36d76ccc0f5a8c9dfc91cc8917449e eba027d59d9bb46f605599febf927a74079c645c808f5ee3bb783af909801fdb Loading...

	d335luupugsy2.cloudfront.net/js/traffic-source-cookie/stable/traffic-source-cookie.min.js	2.0 kB	2023-03-12	2024-05-07
Pretty URL d335luupugsy2.cloudfront.net/js/traffic-source-cookie/stable/traffic-source-cookie.min.js IP 3.164.247.68 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 19:36:03 Last Seen2024-05-07 20:36:54 Times Seen488 Hash dae3ed517b23abad11d0bd6b79f24080 3cbe159417dab94723aa715dc8a44b61dfe04a86 f6d92be1f6d97a323320191dfed0c85aaa581ef050be1ae22e20a4ae007bcee5 Loading...

	wtclisboa.rds.land/head-to-head	661 B	2024-04-26	2024-04-26
Pretty URL wtclisboa.rds.land/head-to-head IP 34.68.90.188 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-26 20:42:31 Last Seen2024-04-26 20:42:31 Times Seen1 Hash 9eef819d4ee1bf8ddeacccb462b0572c c4cf439836fbeefd8c9b85659298e2d4b4d2843a 7090b4ae6ad660d307d9fd771e793f925051e969e1f632693a673d721d049684 Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js	96 kB	2023-03-07	2024-05-07
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js IP 216.58.207.202 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:51 Last Seen2024-05-07 15:34:49 Times Seen10174 Hash 5790ead7ad3ba27397aedfa3d263b867 8130544c215fe5d1ec081d83461bf4a711e74882 2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0 Loading...

	d335luupugsy2.cloudfront.net/js/jquery.validate/1.9/jquery.validate.min.js	22 kB	2023-04-07	2024-05-03
Pretty URL d335luupugsy2.cloudfront.net/js/jquery.validate/1.9/jquery.validate.min.js IP 3.164.247.68 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-07 21:42:40 Last Seen2024-05-03 17:35:09 Times Seen495 Hash de35625281fdf2867bc18828db9819eb 7540c6a43158ff23760b049c3edaad32535e630e 2bc760b36b21f2d114a0d6a778515ce9387362d20bd910e4f6f8ac5dbf20e023 Loading...

	d335luupugsy2.cloudfront.net/js/rd/stable/rdlps-progressive-profiling.min.js?t=1713979059	5.8 kB	2024-04-22	2024-04-29
Pretty URL d335luupugsy2.cloudfront.net/js/rd/stable/rdlps-progressive-profiling.min.js?t=1713979059 IP 3.164.247.68 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-22 14:20:07 Last Seen2024-04-29 22:49:39 Times Seen8 Hash 08bc7b8506be27bb434ccbd73d961433 138ff398dc9f2aee0f6e91745ba74eb34dbf545f 59fa194aba21c2ec7db2bd3445996a1df02e84fefd6e9e20ff62888357b15b3e Loading...

	d335luupugsy2.cloudfront.net/js/rd/stable/rdlps-autofill.min.js?t=1713979059	6.3 kB	2024-04-22	2024-04-29
Pretty URL d335luupugsy2.cloudfront.net/js/rd/stable/rdlps-autofill.min.js?t=1713979059 IP 3.164.247.68 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-22 14:20:07 Last Seen2024-04-29 22:49:39 Times Seen8 Hash f1e3929914ccfe138612d089252639c2 ed854e7032bc9513986e370b6b62905b9068e262 91875ddc84940875369d4b7eb6b0506fc65fb3a393e0a5eb9d78fbd099f82803 Loading...

	wtclisboa.rds.land/head-to-head	221 B	2023-03-12	2024-04-29
Pretty URL wtclisboa.rds.land/head-to-head IP 34.68.90.188 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 16:06:17 Last Seen2024-04-29 22:49:38 Times Seen47 Hash 96bd7c671e9b5179eab5d0a4c5c57b77 c3ea31d741b337f02358555137eadd471284c69b 9015bb554607dfe213df647eff84fafaefa353ce287f919a5dec7a831ef4d62d Loading...

HTTP Transactions (35)

URL IP Response Size

acesse.dev/wtclisboaheadtohead

216.239.34.21

256 B

URL
acesse.dev/wtclisboaheadtohead
IP
216.239.34.21:0
ASN
#15169 GOOGLE

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
256 B (256 bytes)
Hash
b871a67836d0b85c104a1998c4f672aa
dd262ae983a4b4074cb2430a22936017443a2d3e
323422da9dd3ef56755cd5da49b0652e9ff55a2fe4309d2e23ac2a4efcbbbfb6

HTTP Headers

GET /wtclisboaheadtohead HTTP/1.1
Host: acesse.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
location: https://encurtador.dev/redirecionamento/wtclisboaheadtohead
date: Fri, 26 Apr 2024 18:41:47 GMT
content-type: text/html; charset=UTF-8
server: ghs
content-length: 256
x-xss-protection: 0
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2

encurtador.dev/redirecionamento/wtclisboaheadtohead

216.239.36.21

260 B

URL
encurtador.dev/redirecionamento/wtclisboaheadtohead
IP
216.239.36.21:0
ASN
#15169 GOOGLE

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
260 B (260 bytes)
Hash
b5ab19c1a15f11f72a1e50b26008490a
1376d53d55ca15d625f21867ef53ac30450a8d1a
04be0700c0a5d86063863f3f273274b8334c07af8a72088f3f8a4fb1581e7ce4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /redirecionamento/wtclisboaheadtohead HTTP/1.1
Host: encurtador.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
location: https://www.encurtador.dev/redirecionamento/wtclisboaheadtohead
date: Fri, 26 Apr 2024 18:41:47 GMT
content-type: text/html; charset=UTF-8
server: ghs
content-length: 260
x-xss-protection: 0
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2

www.encurtador.dev/assets/images/sprites.webp

54.230.111.53

19 kB

URL
www.encurtador.dev/assets/images/sprites.webp
IP
54.230.111.53:0
ASN
#16509 AMAZON-02

File type
RIFF (little-endian) data, Web/P image
Size
19 kB (18754 bytes)
Hash
b074ae989afb5f0978ea02e3fa2c1064
0e1abe04aa1fdf614ba5e8c5cfea6148f07e8554
94f285306ce3c8e7a752d63b1f56765d1b61782a065ba767f9f5472f193db81b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/images/sprites.webp HTTP/1.1
Host: www.encurtador.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.encurtador.dev/assets/css/26b7b9bd1e4e4e27389d0f2ebb08c9841595067b.style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/webp
content-length: 18754
date: Sat, 13 Jan 2024 00:57:00 GMT
last-modified: Fri, 12 Jan 2024 23:32:05 GMT
etag: "b074ae989afb5f0978ea02e3fa2c1064"
x-amz-server-side-encryption: AES256
cache-control: 3600
expires: Tue, 01 Jan 2030 00:00:00 GMT
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: MGzEhwUkqvJdl79oyxy_LvF2fgmJXUbvUR6nCe94Npd1FfRl_YQxcg==
age: 9049489
X-Firefox-Spdy: h2

www.encurtador.dev/assets/icons/icon-192x192.png

54.230.111.53

6.6 kB

URL
www.encurtador.dev/assets/icons/icon-192x192.png
IP
54.230.111.53:0
ASN
#16509 AMAZON-02

File type
PNG image data, 192 x 192, 8-bit colormap, non-interlaced
Size
6.6 kB (6552 bytes)
Hash
0541c5dbe2cfbe6ad5a7b515e6ab9067
999c2752c9578e394bf2954ce6a5e76112440be8
49a41c3ceb01fad6ab47e2bd3456034c960adb6e4d9b8901ccbfdaebbf752404

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/icons/icon-192x192.png HTTP/1.1
Host: www.encurtador.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.encurtador.dev/redirecionamento/wtclisboaheadtohead
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 6552
date: Sat, 13 Jan 2024 00:07:33 GMT
last-modified: Fri, 12 Jan 2024 23:32:05 GMT
etag: "0541c5dbe2cfbe6ad5a7b515e6ab9067"
x-amz-server-side-encryption: AES256
cache-control: 3600
expires: Tue, 01 Jan 2030 00:00:00 GMT
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: uRw2ucYnO1CmyvhUoWbiAcyiYL54R1Y_BlJEpnXC3_qp1vFK4SNp8g==
age: 9052456
X-Firefox-Spdy: h2

dr-api.encurtador.dev/encurtamentos/wtclisboaheadtohead

52.201.47.91

0 B

URL
dr-api.encurtador.dev/encurtamentos/wtclisboaheadtohead
IP
52.201.47.91:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /encurtamentos/wtclisboaheadtohead HTTP/1.1
Host: dr-api.encurtador.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://www.encurtador.dev/
Origin: https://www.encurtador.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Fri, 26 Apr 2024 18:41:48 GMT
access-control-allow-origin: https://www.encurtador.dev
access-control-allow-methods: *
access-control-allow-headers: *
vary: origin
access-control-max-age: 3600
apigw-requestid: W2NJEhu5IAMEMXw=
X-Firefox-Spdy: h2

www.encurtador.dev/assets/js/26b7b9bd1e4e4e27389d0f2ebb08c9841595067b.redirecionamento.js

54.230.111.53

8.3 kB

URL
www.encurtador.dev/assets/js/26b7b9bd1e4e4e27389d0f2ebb08c9841595067b.redirecionamento.js
IP
54.230.111.53:0
ASN
#16509 AMAZON-02

File type
HTML document, Unicode text, UTF-8 text, with very long lines (26366), with no line terminators
Size
8.3 kB (8287 bytes)
Hash
e02342ac66864d7fa09632252c6303db
a414cbcda3a35ce4ec0b780acb1121ea601cbea6
01a42da404cea7f2653981ecb2b9c60b65fc77902f438732c1fe249db0e90964

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/js/26b7b9bd1e4e4e27389d0f2ebb08c9841595067b.redirecionamento.js HTTP/1.1
Host: www.encurtador.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.encurtador.dev/redirecionamento/wtclisboaheadtohead
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Fri, 12 Jan 2024 23:32:12 GMT
last-modified: Fri, 12 Jan 2024 23:32:05 GMT
etag: W/"e02342ac66864d7fa09632252c6303db"
x-amz-server-side-encryption: AES256
cache-control: 3600
expires: Tue, 01 Jan 2030 00:00:00 GMT
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: iQNoafiLjmbDehGxBsWrwhNPyDChjhKK4_nmn05KZ-i4uVsoeQuqlw==
age: 9054577
X-Firefox-Spdy: h2

dr-api.encurtador.dev/encurtamentos/wtclisboaheadtohead

52.201.47.91

118 B

URL
dr-api.encurtador.dev/encurtamentos/wtclisboaheadtohead
IP
52.201.47.91:0
ASN
#14618 AMAZON-AES

File type
JSON text data
Size
118 B (118 bytes)
Hash
773a257678367bed6156a492cbd56933
2dfafecdf3ab75dc936a98196649c7ce7e15593f
8a7029441b30f71fd50bd93bc0bbd23dd3fcc764a8dd0d3c25951fddc4ca3568

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /encurtamentos/wtclisboaheadtohead HTTP/1.1
Host: dr-api.encurtador.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json
Origin: https://www.encurtador.dev
DNT: 1
Connection: keep-alive
Referer: https://www.encurtador.dev/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 18:41:49 GMT
content-type: application/json
content-length: 118
access-control-allow-origin: https://www.encurtador.dev
vary: origin
apigw-requestid: W2NJFjQEIAMEYLA=
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/select2/3.5.2/select2.min.css

104.17.24.14

200 OK

2.3 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/select2/3.5.2/select2.min.css
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wtclisboa.rds.land/head-to-head
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (14506), with no line terminators
Size
2.3 kB (2295 bytes)
Hash
87d76f456eb3b628f24e4be848d19c26
647b91865d21d47488cf40d3ce0a89348352da67
939b4f5c505097e74e93c3a6a82b69b516bb6d160d449bafb37edb72ab260c1d

HTTP Headers

GET /ajax/libs/select2/3.5.2/select2.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wtclisboa.rds.land/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 18:41:49 GMT
content-type: text/css; charset=utf-8
content-length: 2295
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fcb-38aa"
last-modified: Mon, 04 May 2020 16:16:11 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 13354142
expires: Wed, 16 Apr 2025 18:41:49 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Eo8me4hheHNvGasLvkmiZk0tErreY9tc9W%2B1Rvu%2FEJFrYoEsSXubna%2Ftlz%2BgD7brj7wOxn8Qdv4Kxv3jLJM0YzlDddF9xSpTGQS1Hh5Wo9rXg%2FskLb%2FbzmXEtOW9nGOvLmZ5YigQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87a8b58e989ab505-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

wtclisboa.rds.land/head-to-head

34.68.90.188

200 OK

53 kB

URL User Request GET HTTP/2
wtclisboa.rds.land/head-to-head
IP
34.68.90.188:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Certificate
IssuerSectigo Limited
Subject*.rds.land
Fingerprint82:8A:DD:C0:AC:65:F0:33:05:FF:2E:8A:63:6F:79:8D:51:2A:73:A2
ValidityThu, 05 Oct 2023 00:00:00 GMT - Fri, 04 Oct 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (314)
Size
53 kB (52765 bytes)
Hash
3f2bd545b0a3f3fe951a312dd99b3093
fa0b931da8d9f0ffb4d637b11013074a83af7714
307aa2bfa88139063d907c13695a3d0c0cf2548efe4f099075eceaf8f8039dde

HTTP Headers

GET /head-to-head HTTP/1.1
Host: wtclisboa.rds.land
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.encurtador.dev/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
content-security-policy-report-only: upgrade-insecure-requests; default-src 'self' https: data: wss: 'unsafe-inline' 'unsafe-eval';
content-type: text/html
referrer-policy: strict-origin-when-cross-origin
set-cookie: __rd_experiment_version=index; Path=/head-to-head; Max-Age=31536000000000000
strict-transport-security: max-age=7776000
x-frame-options: sameorigin
content-length: 52765
date: Fri, 26 Apr 2024 18:41:49 GMT
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/select2/3.5.2/select2.min.js

104.17.24.14

200 OK

16 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/select2/3.5.2/select2.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wtclisboa.rds.land/head-to-head
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (32075)
Size
16 kB (15507 bytes)
Hash
43ea1dd926d28fb13254881c45cd313f
6445d0667b0c8005122d79019ac0d794dae99bb4
1f3cd9162638b743c8bf4d939bcfd1dc256f2e97231e13b5cff600502a78a10e

HTTP Headers

GET /ajax/libs/select2/3.5.2/select2.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wtclisboa.rds.land/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 18:41:50 GMT
content-type: application/javascript; charset=utf-8
content-length: 15507
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fcb-10424"
last-modified: Mon, 04 May 2020 16:16:11 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 165080
expires: Wed, 16 Apr 2025 18:41:50 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TrXV%2FoCIYSrK%2Fkd1Pa1v61%2Ba5yERGJCDsu80hMUxfHcQwImarJfzqQTQndfMHCkn48heDyOvQjtTCt82i42ctySek4vvt9K0VqabpOkuYFpbIKjF2octivxvFMou9o%2BJfpLBczds"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87a8b58f5e2b712e-OSL
alt-svc: h3=":443"; ma=86400

d335luupugsy2.cloudfront.net/js/rd/stable/rdlps-autofill.min.js?t=1713979059

3.164.247.68

200 OK

2.7 kB

URL GET HTTP/2
d335luupugsy2.cloudfront.net/js/rd/stable/rdlps-autofill.min.js?t=1713979059
IP
3.164.247.68:443
ASN
#0

Requested by
https://wtclisboa.rds.land/head-to-head
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (6014)
Size
2.7 kB (2734 bytes)
Hash
f1e3929914ccfe138612d089252639c2
ed854e7032bc9513986e370b6b62905b9068e262
91875ddc84940875369d4b7eb6b0506fc65fb3a393e0a5eb9d78fbd099f82803

HTTP Headers

GET /js/rd/stable/rdlps-autofill.min.js?t=1713979059 HTTP/1.1
Host: d335luupugsy2.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wtclisboa.rds.land/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 2734
last-modified: Tue, 16 Apr 2024 18:25:23 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: J45pgro_oPtvm.zHyg5_1LLk29aNpTHq
accept-ranges: bytes
server: AmazonS3
date: Fri, 26 Apr 2024 03:46:07 GMT
etag: "e808a873ecd8167fd71ce2b123d1702c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 41fc52a84466debf784d2dbdb0b64b36.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN53-P2
x-amz-cf-id: uDIXU1NQgwJIaAfdY0eiY64BhawL2prLcmPg2UP5SstShaK1FGcHXA==
age: 53744
X-Firefox-Spdy: h2

d335luupugsy2.cloudfront.net/js/lead-tracking/stable/plugins/jquery.cookie.v1.4.1.min.js

3.164.247.68

200 OK

697 B

URL GET HTTP/2
d335luupugsy2.cloudfront.net/js/lead-tracking/stable/plugins/jquery.cookie.v1.4.1.min.js
IP
3.164.247.68:443
ASN
#0

Requested by
https://wtclisboa.rds.land/head-to-head
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (1266)
Size
697 B (697 bytes)
Hash
4412bf8023109ee9eb1f1f226d391329
c273960aa874a87dd022b5e597887142f1b8e34f
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6

HTTP Headers

GET /js/lead-tracking/stable/plugins/jquery.cookie.v1.4.1.min.js HTTP/1.1
Host: d335luupugsy2.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wtclisboa.rds.land/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
content-length: 697
last-modified: Wed, 26 Oct 2016 16:53:49 GMT
content-encoding: gzip
x-amz-version-id: bREjeT6RWwdSVDNRZsm9DM9XoAml6XZP
accept-ranges: bytes
server: AmazonS3
date: Thu, 25 Apr 2024 02:10:18 GMT
cache-control: max-age=2592000
etag: "bac86a22d09cf057b53c6a659592ac0d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 41fc52a84466debf784d2dbdb0b64b36.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN53-P2
x-amz-cf-id: OQqHtph2IByvHQ1rYHbW709gt-VS07Qrdrd03buKzxksSIoluyiBVw==
age: 147017
X-Firefox-Spdy: h2

d335luupugsy2.cloudfront.net/js/lead-tracking/stable/plugins/math.uuid.v1.4.min.js

3.164.247.68

200 OK

569 B

URL GET HTTP/2
d335luupugsy2.cloudfront.net/js/lead-tracking/stable/plugins/math.uuid.v1.4.min.js
IP
3.164.247.68:443
ASN
#0

Requested by
https://wtclisboa.rds.land/head-to-head
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
ASCII text, with very long lines (721)
Size
569 B (569 bytes)
Hash
84f19792de0d53f3000550ed75b539ea
542e68fc6a304b9e2c3ef59b83100126a957213e
09e62de51ee41b28720d7c1d7e0b00b5cd191fc6fcc047d702ce2232ccdfd04c

HTTP Headers

GET /js/lead-tracking/stable/plugins/math.uuid.v1.4.min.js HTTP/1.1
Host: d335luupugsy2.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wtclisboa.rds.land/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
content-length: 569
last-modified: Wed, 26 Oct 2016 16:54:00 GMT
content-encoding: gzip
x-amz-version-id: RP1uHWfCghp53Dg7Bw0k.8n7GWbl5nn7
accept-ranges: bytes
server: AmazonS3
date: Thu, 11 Apr 2024 01:11:35 GMT
cache-control: max-age=2592000
etag: "73fb69ebd144308f821f3c4f357459c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 41fc52a84466debf784d2dbdb0b64b36.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN53-P2
x-amz-cf-id: lFPMY0ezV1GXxckrom68AK62zYDDlU9iSkw9hBlSwp3ukoEKikTNEQ==
age: 1359016
X-Firefox-Spdy: h2

d335luupugsy2.cloudfront.net/js/rd/stable/rdlps.min.js?t=1713979059

3.164.247.68

200 OK

85 kB

URL GET HTTP/2
d335luupugsy2.cloudfront.net/js/rd/stable/rdlps.min.js?t=1713979059
IP
3.164.247.68:443
ASN
#0

Requested by
https://wtclisboa.rds.land/head-to-head
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (45258), with LF, NEL line terminators
Size
85 kB (85305 bytes)
Hash
6c1861e2996ec8cdacfcd2c2b7cc9ce7
50824ad14935f84f6e01a991dcd3999bd0cb71c1
6217b8a977d77f823f2445b985599da9c0b17106df85f63fcb41240bb9075814

HTTP Headers

GET /js/rd/stable/rdlps.min.js?t=1713979059 HTTP/1.1
Host: d335luupugsy2.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wtclisboa.rds.land/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
content-length: 85305
last-modified: Tue, 16 Apr 2024 18:25:23 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: xZSm8FJqzqzlLONOk.4zWDnQQ_eQxLyZ
accept-ranges: bytes
server: AmazonS3
date: Fri, 26 Apr 2024 06:45:50 GMT
etag: "467baf0c13f59d55343c59ca06c3a2a5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 41fc52a84466debf784d2dbdb0b64b36.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN53-P2
x-amz-cf-id: ziqW-SuCifN6kQ0wTy2WixGkfwVwyxoTOgujwzmq1mPoeHxix_tmkw==
age: 43318
X-Firefox-Spdy: h2

d335luupugsy2.cloudfront.net/js/rd/stable/rdlps-progressive-profiling.min.js?t=1713979059

3.164.247.68

200 OK

2.6 kB

URL GET HTTP/2
d335luupugsy2.cloudfront.net/js/rd/stable/rdlps-progressive-profiling.min.js?t=1713979059
IP
3.164.247.68:443
ASN
#0

Requested by
https://wtclisboa.rds.land/head-to-head
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (5463)
Size
2.6 kB (2585 bytes)
Hash
08bc7b8506be27bb434ccbd73d961433
138ff398dc9f2aee0f6e91745ba74eb34dbf545f
59fa194aba21c2ec7db2bd3445996a1df02e84fefd6e9e20ff62888357b15b3e

HTTP Headers

GET /js/rd/stable/rdlps-progressive-profiling.min.js?t=1713979059 HTTP/1.1
Host: d335luupugsy2.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wtclisboa.rds.land/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
content-length: 2585
last-modified: Tue, 16 Apr 2024 18:25:23 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: zzc9Et534bXZNvAyHlzgUEcnlQUVNlm5
accept-ranges: bytes
server: AmazonS3
date: Fri, 26 Apr 2024 06:25:41 GMT
etag: "3b9991966b6b65b8c9192ff9817686db"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 41fc52a84466debf784d2dbdb0b64b36.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN53-P2
x-amz-cf-id: Sx0zA4bxViQySTIEUnuhprVnDZKlEyZcxeOs3Pyr57Vm5OxiR0LRoA==
age: 44170
X-Firefox-Spdy: h2

fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://wtclisboa.rds.land/head-to-head
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 14892, version 1.0
Size
15 kB (14892 bytes)
Hash
9ec6deaf6bada919e20b98f9f7b718b1
501d36403ad8205e4644532600019ecb10f5cb0a
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

HTTP Headers

GET /s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://wtclisboa.rds.land
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14892
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 17:27:12 GMT
expires: Fri, 25 Apr 2025 17:27:12 GMT
cache-control: public, max-age=31536000
age: 90878
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2

216.58.207.227

200 OK

35 kB

URL GET HTTP/2
fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://wtclisboa.rds.land/head-to-head
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 34852, version 1.0
Size
35 kB (34852 bytes)
Hash
0e8eefb4549a2edf26c560cb9845952e
8d0b1718aacad934fd0043c87cbc54aa091396bf
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a

HTTP Headers

GET /s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://wtclisboa.rds.land
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 34852
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 02:38:14 GMT
expires: Fri, 25 Apr 2025 02:38:14 GMT
cache-control: public, max-age=31536000
age: 144216
last-modified: Wed, 27 Apr 2022 16:31:23 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js

216.58.207.202

200 OK

34 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js
IP
216.58.207.202:443
ASN
#15169 GOOGLE

Requested by
https://wtclisboa.rds.land/head-to-head
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50
ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT

File type
JavaScript source, ASCII text, with very long lines (32047)
Size
34 kB (33495 bytes)
Hash
5790ead7ad3ba27397aedfa3d263b867
8130544c215fe5d1ec081d83461bf4a711e74882
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

HTTP Headers

GET /ajax/libs/jquery/1.11.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wtclisboa.rds.land/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33495
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 06:02:25 GMT
expires: Sat, 26 Apr 2025 06:02:25 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 45565
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/select2/3.5.2/select2.png

104.17.24.14

522 B

URL GET
cdnjs.cloudflare.com/ajax/libs/select2/3.5.2/select2.png
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

Requested by
https://wtclisboa.rds.land/head-to-head
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
PNG image data, 60 x 40, 8-bit gray+alpha, non-interlaced
Size
522 B (522 bytes)
Hash
9d5415470203fa99ff046d9cc8624978
46f33bf49f7aaf80da16f1e270308fa6b6f98bac
d6e577638db834fd15b0f3799b7a3848a64a8daac7c90baa64d72a8a1ed67641

HTTP Headers

GET /ajax/libs/select2/3.5.2/select2.png HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/ajax/libs/select2/3.5.2/select2.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 18:41:50 GMT
content-type: image/png; charset=utf-8
content-length: 522
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fcb-206"
last-modified: Mon, 04 May 2020 16:16:11 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 7543961
expires: Wed, 16 Apr 2025 18:41:50 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VCa1kc%2F9l5%2F%2FmWZRDWXaSSRMX74T%2FbTz%2B8bvhev4Q5stlK09g2uDF%2Fo0EuCk1hsFvZva0I7ysUBh6ulaJe2%2FZnNzBtaSr0oRvBC0WhPgutwE%2FMN7ykbNJ%2FpbW%2FL9%2FNOAc%2F08FRYF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87a8b595685b712e-OSL
alt-svc: h3=":443"; ma=86400

d335luupugsy2.cloudfront.net/js/traffic-source-cookie/stable/traffic-source-cookie.min.js

3.164.247.68

200 OK

4.4 kB

URL GET HTTP/2
d335luupugsy2.cloudfront.net/js/traffic-source-cookie/stable/traffic-source-cookie.min.js
IP
3.164.247.68:443
ASN
#0

Requested by
https://wtclisboa.rds.land/head-to-head
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (2072)
Size
4.4 kB (4427 bytes)
Hash
4e736927f9339fe8c571254cab6649e8
6fe118e1f8f46706858919f5fed7927682d41c6a
efb0254add22123441a5459b2eeab51f8f2d8cce8c0cf5526045d4810ce3cef3

HTTP Headers

GET /js/traffic-source-cookie/stable/traffic-source-cookie.min.js HTTP/1.1
Host: d335luupugsy2.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wtclisboa.rds.land/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 09 Jan 2023 17:04:37 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: QfrmjXJN9imPm0CvR.Kk8uxg0RnubrVf
server: AmazonS3
content-encoding: gzip
date: Thu, 25 Apr 2024 19:14:16 GMT
etag: W/"dae3ed517b23abad11d0bd6b79f24080"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 41fc52a84466debf784d2dbdb0b64b36.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN53-P2
x-amz-cf-id: dV2CkLmiJlejgls1_D57kDqOJOHt1YdWdQtjo97tNY8NbIo9uEtIHw==
age: 84455
X-Firefox-Spdy: h2

wtclisboa.rds.land/favicon.ico

34.68.90.188

200 OK

0 B

URL GET HTTP/2
wtclisboa.rds.land/favicon.ico
IP
34.68.90.188:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://wtclisboa.rds.land/head-to-head
Certificate
IssuerSectigo Limited
Subject*.rds.land
Fingerprint82:8A:DD:C0:AC:65:F0:33:05:FF:2E:8A:63:6F:79:8D:51:2A:73:A2
ValidityThu, 05 Oct 2023 00:00:00 GMT - Fri, 04 Oct 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: wtclisboa.rds.land
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wtclisboa.rds.land/head-to-head
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: text/plain; charset=utf-8
last-modified: Tue, 20 Aug 2019 16:17:29 GMT
content-length: 0
date: Fri, 26 Apr 2024 18:41:50 GMT
X-Firefox-Spdy: h2

www.encurtador.dev/assets/css/26b7b9bd1e4e4e27389d0f2ebb08c9841595067b.style.css

54.230.111.53

52 kB

URL
www.encurtador.dev/assets/css/26b7b9bd1e4e4e27389d0f2ebb08c9841595067b.style.css
IP
54.230.111.53:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (16794), with no line terminators
Size
52 kB (52204 bytes)
Hash
9d10a760011535bef40e0f19bf220611
6ee9083d84d3390b94000ec2ee25966b935f29d3
74cb0fd4d253e7acf34668943eb8af66307f66b5fc7cc854f5db66bb1caaef74

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/css/26b7b9bd1e4e4e27389d0f2ebb08c9841595067b.style.css HTTP/1.1
Host: www.encurtador.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.encurtador.dev/redirecionamento/wtclisboaheadtohead
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/css
date: Fri, 12 Jan 2024 23:32:12 GMT
last-modified: Fri, 12 Jan 2024 23:32:05 GMT
etag: W/"9d10a760011535bef40e0f19bf220611"
x-amz-server-side-encryption: AES256
cache-control: 3600
expires: Tue, 01 Jan 2030 00:00:00 GMT
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: IkGwiD00Q-tH2QUaEOabX9nxsnEsBtluWx3O559BJSGvHthQgE90oA==
age: 9054577
X-Firefox-Spdy: h2

d335luupugsy2.cloudfront.net/cms/files/309902/1665055614/$nmbk9h9pe6m

3.164.247.68

200 OK

21 kB

URL GET HTTP/2
d335luupugsy2.cloudfront.net/cms/files/309902/1665055614/$nmbk9h9pe6m
IP
3.164.247.68:443
ASN
#0

Requested by
https://wtclisboa.rds.land/head-to-head
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
PNG image data, 768 x 768, 8-bit/color RGBA, non-interlaced
Size
21 kB (21396 bytes)
Hash
ac609c27075e5cf91d853e12e72ad50c
095d7bd1b34709501866dc790fb852cbda172871
640cefa85d187eeeff53441d0998de62d3eb37565fa307314f004ca7f53393ac

HTTP Headers

GET /cms/files/309902/1665055614/$nmbk9h9pe6m HTTP/1.1
Host: d335luupugsy2.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wtclisboa.rds.land/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 21396
last-modified: Thu, 06 Oct 2022 11:28:07 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: I2d2lp6lf827kKzA.zLDX9c9468qW4am
accept-ranges: bytes
server: AmazonS3
date: Fri, 26 Apr 2024 18:41:52 GMT
etag: "ac609c27075e5cf91d853e12e72ad50c"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 41fc52a84466debf784d2dbdb0b64b36.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN53-P2
x-amz-cf-id: A21xFsXd_BosMgtFPAtl9BkN5sF2pCtIYJz9X20COXRrWoFA5Ks4Gg==
X-Firefox-Spdy: h2

d335luupugsy2.cloudfront.net/cms/files/309902/1651776690/$3jnj8rfdh6w

3.164.247.68

200 OK

21 kB

URL GET HTTP/2
d335luupugsy2.cloudfront.net/cms/files/309902/1651776690/$3jnj8rfdh6w
IP
3.164.247.68:443
ASN
#0

Requested by
https://wtclisboa.rds.land/head-to-head
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1280x720, components 3
Size
21 kB (20731 bytes)
Hash
71f96e3c10d2c9837d2cb98f92ae2d27
b1a5d744ea6c51d8cfaaa61760c865fc0f5873c1
7e643a46377ddde1f276b3d67c290efb9ffa9ad6e73ca5c31bfd8fdc85b3f494

HTTP Headers

GET /cms/files/309902/1651776690/$3jnj8rfdh6w HTTP/1.1
Host: d335luupugsy2.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wtclisboa.rds.land/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 20731
date: Fri, 26 Apr 2024 18:41:52 GMT
last-modified: Thu, 05 May 2022 18:51:56 GMT
etag: "71f96e3c10d2c9837d2cb98f92ae2d27"
x-amz-version-id: h0UKJEg.ewn9wHn.PB7Uj2BqW_68mcdx
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 41fc52a84466debf784d2dbdb0b64b36.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN53-P2
x-amz-cf-id: Cgjh1b1cp2PyCPvgUpb9PgFEZdrJomMDcORRm9-LTCJow42WJDTYLg==
X-Firefox-Spdy: h2

d335luupugsy2.cloudfront.net/cms/files/309902/1650393010/$avfktu9az9i

3.164.247.68

200 OK

73 kB

URL GET HTTP/2
d335luupugsy2.cloudfront.net/cms/files/309902/1650393010/$avfktu9az9i
IP
3.164.247.68:443
ASN
#0

Requested by
https://wtclisboa.rds.land/head-to-head
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 1950x360, components 3
Size
73 kB (72659 bytes)
Hash
0f39ad1c08d64927f8506ae0aedac00d
c9f0699ebd3efc931a91675fc9acf00e52d147ff
cdc6e8f3dd9baa02bd8391bb9fb0bbacc6dcc4a5d283ab58544ce5435c3d96ca

HTTP Headers

GET /cms/files/309902/1650393010/$avfktu9az9i HTTP/1.1
Host: d335luupugsy2.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wtclisboa.rds.land/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 72659
date: Fri, 26 Apr 2024 18:41:52 GMT
last-modified: Tue, 19 Apr 2022 18:39:23 GMT
etag: "0f39ad1c08d64927f8506ae0aedac00d"
x-amz-version-id: 7WPzxhyExjBVclO8tc2PlHzBYXjnP6Wy
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 41fc52a84466debf784d2dbdb0b64b36.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN53-P2
x-amz-cf-id: dCVFfjf_tHPEPxgPKQb67ejMLC1zWmTXTamEGxDjn0J294_U56WsRg==
X-Firefox-Spdy: h2

d335luupugsy2.cloudfront.net/cms/files/309902/1711672571/$w1c64nm43j

3.164.247.68

200 OK

1.0 MB

URL GET HTTP/2
d335luupugsy2.cloudfront.net/cms/files/309902/1711672571/$w1c64nm43j
IP
3.164.247.68:443
ASN
#0

Requested by
https://wtclisboa.rds.land/head-to-head
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, description=head-to-head], baseline, precision 8, 2641x5183, components 3
Size
1.0 MB (1047643 bytes)
Hash
9fffe892799c127997b96fe782d0c36d
cae018d77cf61248d08130487e17606363998531
15492a0cdbe9273b6b94263ccd1547716dea9dd9088d00ac03ac6fbd041b387e

HTTP Headers

GET /cms/files/309902/1711672571/$w1c64nm43j HTTP/1.1
Host: d335luupugsy2.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wtclisboa.rds.land/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 1047643
date: Fri, 26 Apr 2024 18:41:52 GMT
last-modified: Fri, 29 Mar 2024 00:36:59 GMT
etag: "9fffe892799c127997b96fe782d0c36d"
x-amz-server-side-encryption: AES256
x-amz-version-id: .y.L85Z3iF4G_4vBhQ3Z7._ftQBsFP5H
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 41fc52a84466debf784d2dbdb0b64b36.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN53-P2
x-amz-cf-id: 1tfNoz2-gBHukuxvDZz8X8ak59Ri0duLEuhtJlIhqTjBH-Yn1lCJ6A==
X-Firefox-Spdy: h2

d335luupugsy2.cloudfront.net/js/integration/2.0.0/rd-js-integration.min.js?v=1

3.164.247.68

200 OK

10 kB

URL GET HTTP/2
d335luupugsy2.cloudfront.net/js/integration/2.0.0/rd-js-integration.min.js?v=1
IP
3.164.247.68:443
ASN
#0

Requested by
https://wtclisboa.rds.land/head-to-head
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (30400)
Size
10 kB (9976 bytes)
Hash
46e62a283e73de651b4a0e6da749ac74
fb103ea405b54e0d092fb78fb3aced702041a235
f4aa9e3a976f20cd4babf17dcdd27e63335a70191d322432a6f6c868d73a5cfa

HTTP Headers

GET /js/integration/2.0.0/rd-js-integration.min.js?v=1 HTTP/1.1
Host: d335luupugsy2.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wtclisboa.rds.land/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 9976
last-modified: Wed, 29 Mar 2023 14:01:04 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: 3dngmS.4H4nxkAQ1dQ4Zed.bkb2I4WUy
accept-ranges: bytes
server: AmazonS3
date: Fri, 26 Apr 2024 04:33:00 GMT
cache-control: max-age=86400, must-revalidate
etag: "a101060a6ec593b54e9c4227f96e2695"
x-cache: Hit from cloudfront
via: 1.1 41fc52a84466debf784d2dbdb0b64b36.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN53-P2
x-amz-cf-id: 2PAGJ4xWWF-z_7e4MAboGKycisKPlS5HqDKaQbagbJNbfq1TTLAVSw==
age: 50955
X-Firefox-Spdy: h2

d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/rdstation-popup.min.js?v=1

3.164.247.68

200 OK

57 kB

URL GET HTTP/2
d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/rdstation-popup.min.js?v=1
IP
3.164.247.68:443
ASN
#0

Requested by
https://wtclisboa.rds.land/head-to-head
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65218)
Size
57 kB (57363 bytes)
Hash
b6340e82771c1e242b5862eda7fb7008
b77828c85a7843399f97c5d19c4f3411003ad331
70be3f27403e0ab74c6b11fcd837997e5bca12b69449cf287823d18be663f87c

HTTP Headers

GET /js/rdstation-popups/bricks/rdstation-popup.min.js?v=1 HTTP/1.1
Host: d335luupugsy2.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wtclisboa.rds.land/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 57363
last-modified: Tue, 16 Apr 2024 18:56:23 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: bXw_6DEbP4cvD1251Yhm.RnfFb6kzmD7
accept-ranges: bytes
server: AmazonS3
date: Thu, 25 Apr 2024 19:14:17 GMT
etag: "10b6883a771a55bcb6b5749d0515f172"
x-cache: Hit from cloudfront
via: 1.1 41fc52a84466debf784d2dbdb0b64b36.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN53-P2
x-amz-cf-id: M7_wq9XW_1C7gO0GJ_esa_Z7D4D77e3AEbIKvB8v78UdMrHF5Y-QqQ==
age: 84456
X-Firefox-Spdy: h2

popups.rdstation.com.br/popup/show.json?account_id=309902&uniq=_wwabhj815&ref=aHR0cHM6Ly93dGNsaXNib2EucmRzLmxhbmQvaGVhZC10by1oZWFk

34.68.90.188

200 OK

13 B

URL GET HTTP/2
popups.rdstation.com.br/popup/show.json?account_id=309902&uniq=_wwabhj815&ref=aHR0cHM6Ly93dGNsaXNib2EucmRzLmxhbmQvaGVhZC10by1oZWFk
IP
34.68.90.188:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://wtclisboa.rds.land/head-to-head
Certificate
IssuerLet's Encrypt
Subjectpopups.rdstation.com.br
Fingerprint0F:B0:0C:D2:9E:D7:10:C9:47:2B:4A:F6:1E:EA:39:74:A6:79:6D:F1
ValidityThu, 22 Feb 2024 01:36:44 GMT - Wed, 22 May 2024 01:36:43 GMT

File type
JSON text data
Size
13 B (13 bytes)
Hash
6346e069259dd802eaf247566e2f4368
03783069db6874744910cd5a92636f22529c6328
96ddd38efe76ec82a9f2b4ecb8c151aa7b202d792823131a8936fc9bd616b22a

HTTP Headers

GET /popup/show.json?account_id=309902&uniq=_wwabhj815&ref=aHR0cHM6Ly93dGNsaXNib2EucmRzLmxhbmQvaGVhZC10by1oZWFk HTTP/1.1
Host: popups.rdstation.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wtclisboa.rds.land/
Origin: https://wtclisboa.rds.land
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
content-security-policy-report-only: upgrade-insecure-requests; default-src 'self' https: data: wss: 'unsafe-inline' 'unsafe-eval';
content-type: application/json
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=7776000
x-frame-options: sameorigin
content-length: 13
date: Fri, 26 Apr 2024 18:41:53 GMT
X-Firefox-Spdy: h2

dk9suync0k2va.cloudfront.net/js/rd/stable/flags/4x3/pt.svg?t=1560538149

54.230.241.143

200 OK

8.4 kB

URL GET HTTP/1.1
dk9suync0k2va.cloudfront.net/js/rd/stable/flags/4x3/pt.svg?t=1560538149
IP
54.230.241.143:443
ASN
#16509 AMAZON-02

Requested by
https://wtclisboa.rds.land/head-to-head
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
8.4 kB (8369 bytes)
Hash
56954ffc43f839d80afc4590f12561c0
02ee0ac54681388e61fc08885011fbe78fe03ac8
846ca2e4f609e5ec0cef5354e9bdc57a0ff4cda359404ccd3b638c439778dbbd

HTTP Headers

GET /js/rd/stable/flags/4x3/pt.svg?t=1560538149 HTTP/1.1
Host: dk9suync0k2va.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wtclisboa.rds.land/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/svg+xml
Content-Length: 3426
Connection: keep-alive
Last-Modified: Tue, 18 Jun 2019 14:20:31 GMT
Content-Encoding: gzip
Accept-Ranges: bytes
Server: AmazonS3
Date: Fri, 26 Apr 2024 18:41:51 GMT
ETag: "0930279683351ea62bf351ea07c29c29"
X-Cache: Hit from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: GZ1F70JsqAAE5VPIRMPt4sgG59ulE1DJQTBxkopDVyKbL28taxTz3w==
Age: 45715

d335luupugsy2.cloudfront.net/js/jquery.validate/1.9/jquery.validate.min.js

3.164.247.68

200 OK

22 kB

URL GET HTTP/2
d335luupugsy2.cloudfront.net/js/jquery.validate/1.9/jquery.validate.min.js
IP
3.164.247.68:443
ASN
#0

Requested by
https://wtclisboa.rds.land/head-to-head
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type

Size
22 kB (21601 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js/jquery.validate/1.9/jquery.validate.min.js HTTP/1.1
Host: d335luupugsy2.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wtclisboa.rds.land/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/x-javascript
date: Tue, 12 Mar 2024 01:11:24 GMT
last-modified: Tue, 24 Jul 2012 19:23:28 GMT
etag: W/"c593e70ef041ab387fefad5fe38a724c"
cache-control: max-age=31536000
x-amz-version-id: null
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 41fc52a84466debf784d2dbdb0b64b36.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN53-P2
x-amz-cf-id: 25_j2hQirNiayrqbKcbT37uMq-vTno_MKlVA_Muv6-CdwXZKpCingg==
age: 3951027
X-Firefox-Spdy: h2

d335luupugsy2.cloudfront.net/js/loader-scripts/a2e43129-0f8c-4186-820b-ab70dd70309f-loader.js

3.164.247.68

200 OK

3.3 kB

URL GET HTTP/2
d335luupugsy2.cloudfront.net/js/loader-scripts/a2e43129-0f8c-4186-820b-ab70dd70309f-loader.js
IP
3.164.247.68:443
ASN
#0

Requested by
https://wtclisboa.rds.land/head-to-head
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (3425), with no line terminators
Size
3.3 kB (3317 bytes)
Hash
97b35e1fc83be23ef28970868ee36045
47e3c8f85f0b55a9f60a5802cb4ce5bf4ab1e179
6d8b1eda478faea88926d5c49dda06f926c5ad0df2abb9ac636be964885c9bd2

HTTP Headers

GET /js/loader-scripts/a2e43129-0f8c-4186-820b-ab70dd70309f-loader.js HTTP/1.1
Host: d335luupugsy2.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wtclisboa.rds.land/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
date: Fri, 26 Apr 2024 18:41:51 GMT
last-modified: Sat, 16 Mar 2024 04:31:08 GMT
etag: W/"ee7967c880ea0440caf7caa0989c7b7c"
x-amz-server-side-encryption: AES256
cache-control: no-cache
x-amz-version-id: gWexxXMnWYEyV2Lt3NL7E345XVmgTVed
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 41fc52a84466debf784d2dbdb0b64b36.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN53-P2
x-amz-cf-id: vWYYA3E2BrDSVm6Q2a8awAL8MqDqZ_dSCja-ANK_aEQxHLmGWO01CA==
X-Firefox-Spdy: h2

216.58.207.234

200 OK

34 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Bitter|Cabin|Crimson+Text|Droid+Sans|Droid+Serif|Lato|Lobster|Montserrat|Old+Standard+TT|Open+Sans|Oswald|Pacifico|Playfair+Display|PT+Sans|Raleway|Rubik|Source+Sans+Pro|Ubuntu|Roboto
IP
216.58.207.234:443
ASN
#15169 GOOGLE

Requested by
https://wtclisboa.rds.land/head-to-head
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50
ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT

File type
ASCII text, with very long lines (1572)
Size
34 kB (33545 bytes)
Hash
211ac17e2203d2af9b0869fba50d712e
e0dd39dd0f2f0aabc964edb874d5d0d164f702e8
67c7ca02627651328137f634d3d44a353758eda1187ffc7265cdb8e794bca5e5

HTTP Headers

GET /css?family=Bitter|Cabin|Crimson+Text|Droid+Sans|Droid+Serif|Lato|Lobster|Montserrat|Old+Standard+TT|Open+Sans|Oswald|Pacifico|Playfair+Display|PT+Sans|Raleway|Rubik|Source+Sans+Pro|Ubuntu|Roboto HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wtclisboa.rds.land/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 18:41:49 GMT
date: Fri, 26 Apr 2024 18:41:49 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=

142.250.74.168

200 OK

125 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://wtclisboa.rds.land/head-to-head
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52
ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT

File type
JavaScript source, ASCII text, with very long lines (2642)
Size
125 kB (125261 bytes)
Hash
9f3ca86ec2de632816e962a2e152bfee
ea7066535c7496c541bcd8f38bff445692a7c1a1
e90f99a5865191e9a9b844ab7a77a7280bbc0b086151d141eeb1fa342d19b920

HTTP Headers

GET /gtag/js?id= HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wtclisboa.rds.land/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 18:41:51 GMT
expires: Fri, 26 Apr 2024 18:41:51 GMT
cache-control: private, max-age=900
last-modified: Fri, 26 Apr 2024 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 48192
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

d335luupugsy2.cloudfront.net/js/jquery.form/2.02/jquery.form.js

3.164.247.68

200 OK

32 kB

URL GET HTTP/2
d335luupugsy2.cloudfront.net/js/jquery.form/2.02/jquery.form.js
IP
3.164.247.68:443
ASN
#0

Requested by
https://wtclisboa.rds.land/head-to-head
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
JavaScript source, ASCII text
Size
32 kB (31465 bytes)
Hash
820f80306571dbe0a1deb0b63496d85f
a48f47033b36d76ccc0f5a8c9dfc91cc8917449e
eba027d59d9bb46f605599febf927a74079c645c808f5ee3bb783af909801fdb

HTTP Headers

GET /js/jquery.form/2.02/jquery.form.js HTTP/1.1
Host: d335luupugsy2.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wtclisboa.rds.land/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/x-javascript
date: Tue, 12 Mar 2024 04:13:23 GMT
last-modified: Tue, 24 Jul 2012 19:23:27 GMT
etag: W/"820f80306571dbe0a1deb0b63496d85f"
cache-control: max-age=31536000
x-amz-version-id: null
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 41fc52a84466debf784d2dbdb0b64b36.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN53-P2
x-amz-cf-id: C62-D-awYW1oMDXSArJ-6ZShpSzKCWTlMmTNq0ov6XfZ3zIpMaX59Q==
age: 3940108
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (18)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL