urlscan.io logo urlscan.io
SecurityTrails logo

boletopdf.correspondenciasdigitais.com.br Open in urlscan Pro
20.206.169.53  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://boletopdf.correspondenciasdigitais.com.br/
Effective URL: https://boletopdf.correspondenciasdigitais.com.br/
Submission: On April 21 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 17 HTTP transactions. The main IP is 20.206.169.53, located in Campinas, Brazil and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is boletopdf.correspondenciasdigitais.com.br.
TLS certificate: Issued by R3 on April 15th 2023. Valid for: 3 months.
This is the only time boletopdf.correspondenciasdigitais.com.br was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Banco Itau (Banking)

Domain & IP information

IP Address AS Autonomous System
1 15 20.206.169.53 8075 (MICROSOFT...)
1 2606:4700:e2:... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 191.235.228.36 8075 (MICROSOFT...)
17 5
Apex Domain
Subdomains		 Transfer
15 correspondenciasdigitais.com.br
boletopdf.correspondenciasdigitais.com.br
3 MB
1 azurewebsites.net
itaucedenteapi.azurewebsites.net
5 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 119
1 KB
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1543
11 KB
17 4
Domain Requested by
15 boletopdf.correspondenciasdigitais.com.br 1 redirects boletopdf.correspondenciasdigitais.com.br
1 itaucedenteapi.azurewebsites.net boletopdf.correspondenciasdigitais.com.br
1 fonts.googleapis.com boletopdf.correspondenciasdigitais.com.br
1 use.fontawesome.com boletopdf.correspondenciasdigitais.com.br
17 4

This site contains no links.

Subject Issuer Validity Valid
boletopdf.correspondenciasdigitais.com.br
R3		 2023-04-15 -
2023-07-14		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-06 -
2023-06-05		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.azurewebsites.net
Microsoft Azure TLS Issuing CA 02		 2023-03-10 -
2024-03-04		 a year crt.sh

This page contains 1 frames:

Primary Page: https://boletopdf.correspondenciasdigitais.com.br/
Frame ID: 1FC7342D4D979B2F46EE5839CBAC47A1
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Itaú - Boletos Digitais

Page URL History Show full URLs

  1. http://boletopdf.correspondenciasdigitais.com.br/ HTTP 301
    https://boletopdf.correspondenciasdigitais.com.br/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googleapis\.com/.+webfont

Page Statistics

17
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

3544 kB
Transfer

3591 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://boletopdf.correspondenciasdigitais.com.br/ HTTP 301
    https://boletopdf.correspondenciasdigitais.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
boletopdf.correspondenciasdigitais.com.br/
Redirect Chain
  • http://boletopdf.correspondenciasdigitais.com.br/
  • https://boletopdf.correspondenciasdigitais.com.br/
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://boletopdf.correspondenciasdigitais.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.206.169.53 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Itaú Unibanco Holding S.A. /
Resource Hash
a508aa76b56a924c7d3dfab9cdddd519b9f3264b494cc044430653aa38cbcd77
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
response-type, Content-Type, Accept, X-Requested-With, remember-me, Authorization, Authentication
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*.correspondenciasdigitais.com.br
content-length
2505
content-type
text/html
date
Fri, 21 Apr 2023 15:44:12 GMT
etag
"e972df3878ced81:0"
last-modified
Thu, 22 Sep 2022 11:41:15 GMT
server
Itaú Unibanco Holding S.A.
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-frame-options
sameorigin
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
response-type, Content-Type, Accept, X-Requested-With, remember-me, Authorization, Authentication
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin
*.correspondenciasdigitais.com.br
Content-Length
173
Content-Type
text/html; charset=UTF-8
Date
Fri, 21 Apr 2023 15:44:12 GMT
Location
https://boletopdf.correspondenciasdigitais.com.br/
Server
Microsoft-IIS/10.0
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
X-Frame-Options
sameorigin
X-Permitted-Cross-Domain-Policies
none
X-XSS-Protection
1; mode=block
all.css
use.fontawesome.com/releases/v5.3.1/css/ 		48 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.3.1/css/all.css
Requested by
Host: boletopdf.correspondenciasdigitais.com.br
URL: https://boletopdf.correspondenciasdigitais.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
604dcf1f11698655f75046bb92f98aaa9477e1c16b01c5fc415e78794393ffb9

Request headers

Referer
https://boletopdf.correspondenciasdigitais.com.br/
Origin
https://boletopdf.correspondenciasdigitais.com.br
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 15:44:13 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
MC9JJQYK96N9T71M
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
uNTBqoQUbfgKY6/5N2KpJUmBgUvShCeLtIFp+DJN3kOrTA9tXI0WzTDM6zwd+fDek9YRaLcojgvw0oiwu/tz1Wner0BuSi17PkrCLqEHEsM=
last-modified
Wed, 30 Jun 2021 15:42:14 GMT
server
cloudflare
etag
W/"10519cfd3206802f58315b877a9beab5"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ckjBbFFOZe7Np9LJZb9vN7lU1x5rRjDcdomYT6Cbdrk0sPBIkx8iXamBdUb371TPznJlXOWN8HMJx4jHAfOjEHtS2bqVQ%2F4YbcUo3VhhlNAZV873uNnGA8oKzGJYzjApGyyUnxt6qu7LePOGc1CfzdSS"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
7bb6bf429e7bc518-ORD
styles.4d2fb176df6d446efdb1.css
boletopdf.correspondenciasdigitais.com.br/ 		592 KB
592 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://boletopdf.correspondenciasdigitais.com.br/styles.4d2fb176df6d446efdb1.css
Requested by
Host: boletopdf.correspondenciasdigitais.com.br
URL: https://boletopdf.correspondenciasdigitais.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.206.169.53 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Itaú Unibanco Holding S.A. /
Resource Hash
d0d30036259e8ac9a614e851e3ad0878f337df856c8abe2dd4c0aa620d615f3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://boletopdf.correspondenciasdigitais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 21 Apr 2023 15:44:13 GMT
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
content-length
606021
x-xss-protection
1; mode=block
last-modified
Thu, 22 Sep 2022 11:40:56 GMT
server
Itaú Unibanco Holding S.A.
etag
"4ee1632d78ced81:0"
x-frame-options
sameorigin
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/css
access-control-allow-origin
*.correspondenciasdigitais.com.br
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
response-type, Content-Type, Accept, X-Requested-With, remember-me, Authorization, Authentication
runtime-es2015.30d568831ef135121678.js
boletopdf.correspondenciasdigitais.com.br/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://boletopdf.correspondenciasdigitais.com.br/runtime-es2015.30d568831ef135121678.js
Requested by
Host: boletopdf.correspondenciasdigitais.com.br
URL: https://boletopdf.correspondenciasdigitais.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.206.169.53 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Itaú Unibanco Holding S.A. /
Resource Hash
34559caa489fda05d9c558278394ea90208b0e2c45e716b012e5fe5ad85257ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://boletopdf.correspondenciasdigitais.com.br/
Origin
https://boletopdf.correspondenciasdigitais.com.br
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 21 Apr 2023 15:44:13 GMT
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
content-length
2289
x-xss-protection
1; mode=block
last-modified
Thu, 22 Sep 2022 11:40:57 GMT
server
Itaú Unibanco Holding S.A.
etag
"d6ca3b2e78ced81:0"
x-frame-options
sameorigin
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*.correspondenciasdigitais.com.br
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
response-type, Content-Type, Accept, X-Requested-With, remember-me, Authorization, Authentication
polyfills-es2015.5b10b8fd823b6392f1fd.js
boletopdf.correspondenciasdigitais.com.br/ 		36 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://boletopdf.correspondenciasdigitais.com.br/polyfills-es2015.5b10b8fd823b6392f1fd.js
Requested by
Host: boletopdf.correspondenciasdigitais.com.br
URL: https://boletopdf.correspondenciasdigitais.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.206.169.53 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Itaú Unibanco Holding S.A. /
Resource Hash
cbc6e7c903c128a1e6bb6a7ecb6d2007b92327c1c8f7f0519eadec261da00074
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://boletopdf.correspondenciasdigitais.com.br/
Origin
https://boletopdf.correspondenciasdigitais.com.br
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 21 Apr 2023 15:44:13 GMT
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
content-length
37053
x-xss-protection
1; mode=block
last-modified
Wed, 11 May 2022 14:10:40 GMT
server
Itaú Unibanco Holding S.A.
etag
"ed90e54065d81:0"
x-frame-options
sameorigin
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*.correspondenciasdigitais.com.br
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
response-type, Content-Type, Accept, X-Requested-With, remember-me, Authorization, Authentication
scripts.fd3b0c6f41dcec5a4374.js
boletopdf.correspondenciasdigitais.com.br/ 		1 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://boletopdf.correspondenciasdigitais.com.br/scripts.fd3b0c6f41dcec5a4374.js
Requested by
Host: boletopdf.correspondenciasdigitais.com.br
URL: https://boletopdf.correspondenciasdigitais.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.206.169.53 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Itaú Unibanco Holding S.A. /
Resource Hash
1bf4df82c04c41663c996db2f1db9fcc85aa24f75b8fed5ad802aeb87a724901
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://boletopdf.correspondenciasdigitais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 21 Apr 2023 15:44:13 GMT
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
content-length
1388843
x-xss-protection
1; mode=block
last-modified
Thu, 22 Sep 2022 11:40:56 GMT
server
Itaú Unibanco Holding S.A.
etag
"bb8642d78ced81:0"
x-frame-options
sameorigin
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*.correspondenciasdigitais.com.br
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
response-type, Content-Type, Accept, X-Requested-With, remember-me, Authorization, Authentication
main-es2015.12dfcf81746b371b7f01.js
boletopdf.correspondenciasdigitais.com.br/ 		472 KB
472 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://boletopdf.correspondenciasdigitais.com.br/main-es2015.12dfcf81746b371b7f01.js
Requested by
Host: boletopdf.correspondenciasdigitais.com.br
URL: https://boletopdf.correspondenciasdigitais.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.206.169.53 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Itaú Unibanco Holding S.A. /
Resource Hash
8279b705b51043ba6e37f06697cb832a20978032c7e203a96f18018c0e2f7b76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://boletopdf.correspondenciasdigitais.com.br/
Origin
https://boletopdf.correspondenciasdigitais.com.br
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 21 Apr 2023 15:44:13 GMT
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
content-length
482997
x-xss-protection
1; mode=block
last-modified
Thu, 22 Sep 2022 11:41:15 GMT
server
Itaú Unibanco Holding S.A.
etag
"2c4acd3878ced81:0"
x-frame-options
sameorigin
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*.correspondenciasdigitais.com.br
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
response-type, Content-Type, Accept, X-Requested-With, remember-me, Authorization, Authentication
css
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900
Requested by
Host: boletopdf.correspondenciasdigitais.com.br
URL: https://boletopdf.correspondenciasdigitais.com.br/styles.4d2fb176df6d446efdb1.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b2a5c4811723ddfbbea26c1b791292aa7b2979760c8901c26c52de9800582aac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://boletopdf.correspondenciasdigitais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 21 Apr 2023 15:44:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 21 Apr 2023 14:40:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 21 Apr 2023 15:44:14 GMT
itaudisplay_rg-webfont.348c7d6133fd9b603c14.ttf
boletopdf.correspondenciasdigitais.com.br/ 		53 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://boletopdf.correspondenciasdigitais.com.br/itaudisplay_rg-webfont.348c7d6133fd9b603c14.ttf
Requested by
Host: boletopdf.correspondenciasdigitais.com.br
URL: https://boletopdf.correspondenciasdigitais.com.br/styles.4d2fb176df6d446efdb1.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.206.169.53 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Itaú Unibanco Holding S.A. /
Resource Hash
dd6a9313d55f3d4e75e71aedb3fee34281caf8fdb3690e6484008604e8986b6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://boletopdf.correspondenciasdigitais.com.br/styles.4d2fb176df6d446efdb1.css
Origin
https://boletopdf.correspondenciasdigitais.com.br
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 21 Apr 2023 15:44:15 GMT
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
content-length
54056
x-xss-protection
1; mode=block
last-modified
Thu, 22 Sep 2022 11:40:56 GMT
server
Itaú Unibanco Holding S.A.
etag
"7bbe612d78ced81:0"
x-frame-options
sameorigin
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*.correspondenciasdigitais.com.br
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
response-type, Content-Type, Accept, X-Requested-With, remember-me, Authorization, Authentication
5-es2015.6c26a0dd28544d53d0c8.js
boletopdf.correspondenciasdigitais.com.br/ 		276 KB
277 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://boletopdf.correspondenciasdigitais.com.br/5-es2015.6c26a0dd28544d53d0c8.js
Requested by
Host: boletopdf.correspondenciasdigitais.com.br
URL: https://boletopdf.correspondenciasdigitais.com.br/runtime-es2015.30d568831ef135121678.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.206.169.53 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Itaú Unibanco Holding S.A. /
Resource Hash
16044dd9296fd5714d0e0df941a9af0945e3e09ef78c71475069bfbbb6dbf20b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://boletopdf.correspondenciasdigitais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 21 Apr 2023 15:44:15 GMT
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
content-length
282929
x-xss-protection
1; mode=block
last-modified
Thu, 22 Sep 2022 11:41:09 GMT
server
Itaú Unibanco Holding S.A.
etag
"16eb833578ced81:0"
x-frame-options
sameorigin
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*.correspondenciasdigitais.com.br
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
response-type, Content-Type, Accept, X-Requested-With, remember-me, Authorization, Authentication
generatecaptcha
itaucedenteapi.azurewebsites.net/api/security/ 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://itaucedenteapi.azurewebsites.net/api/security/generatecaptcha
Requested by
Host: boletopdf.correspondenciasdigitais.com.br
URL: https://boletopdf.correspondenciasdigitais.com.br/polyfills-es2015.5b10b8fd823b6392f1fd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
191.235.228.36 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
bb87ba07aa042f683de11de4ba29cd74432542642ecd2db508e03e6cc86e76c7

Request headers

Accept
application/json, text/plain, */*
Referer
https://boletopdf.correspondenciasdigitais.com.br/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 15:44:16 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Expires
-1
231-0236-L2.png
boletopdf.correspondenciasdigitais.com.br/assets/img/itau/ 		438 KB
438 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://boletopdf.correspondenciasdigitais.com.br/assets/img/itau/231-0236-L2.png
Requested by
Host: boletopdf.correspondenciasdigitais.com.br
URL: https://boletopdf.correspondenciasdigitais.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.206.169.53 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Itaú Unibanco Holding S.A. /
Resource Hash
29db029e748c3924c6946fde0b0a4a6b00d52300e7957ab2820353343685068c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://boletopdf.correspondenciasdigitais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 21 Apr 2023 15:44:16 GMT
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
content-length
448043
x-xss-protection
1; mode=block
last-modified
Thu, 22 Sep 2022 11:40:56 GMT
server
Itaú Unibanco Holding S.A.
etag
"d8a1782d78ced81:0"
x-frame-options
sameorigin
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/png
access-control-allow-origin
*.correspondenciasdigitais.com.br
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
response-type, Content-Type, Accept, X-Requested-With, remember-me, Authorization, Authentication
logo-itau.png
boletopdf.correspondenciasdigitais.com.br/assets/img/itau/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://boletopdf.correspondenciasdigitais.com.br/assets/img/itau/logo-itau.png
Requested by
Host: boletopdf.correspondenciasdigitais.com.br
URL: https://boletopdf.correspondenciasdigitais.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.206.169.53 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Itaú Unibanco Holding S.A. /
Resource Hash
ec449b90a12df224ff679dcc26fe6a075b8bee6575b7891ea55b96c5869d828c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://boletopdf.correspondenciasdigitais.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 21 Apr 2023 15:44:16 GMT
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
content-length
8432
x-xss-protection
1; mode=block
last-modified
Thu, 22 Sep 2022 11:40:56 GMT
server
Itaú Unibanco Holding S.A.
etag
"1f65792d78ced81:0"
x-frame-options
sameorigin
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/png
access-control-allow-origin
*.correspondenciasdigitais.com.br
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
response-type, Content-Type, Accept, X-Requested-With, remember-me, Authorization, Authentication
itaudisplay_bd-webfont.e98e89f15d9dcf9ea138.ttf
boletopdf.correspondenciasdigitais.com.br/ 		53 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://boletopdf.correspondenciasdigitais.com.br/itaudisplay_bd-webfont.e98e89f15d9dcf9ea138.ttf
Requested by
Host: boletopdf.correspondenciasdigitais.com.br
URL: https://boletopdf.correspondenciasdigitais.com.br/styles.4d2fb176df6d446efdb1.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.206.169.53 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Itaú Unibanco Holding S.A. /
Resource Hash
47d6592a94f7bf3e4ac42626860cdb7e604953561b83956adaec0a2b77c5f3c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://boletopdf.correspondenciasdigitais.com.br/styles.4d2fb176df6d446efdb1.css
Origin
https://boletopdf.correspondenciasdigitais.com.br
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 21 Apr 2023 15:44:16 GMT
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
content-length
54696
x-xss-protection
1; mode=block
last-modified
Thu, 22 Sep 2022 11:40:56 GMT
server
Itaú Unibanco Holding S.A.
etag
"7bbe612d78ced81:0"
x-frame-options
sameorigin
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*.correspondenciasdigitais.com.br
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
response-type, Content-Type, Accept, X-Requested-With, remember-me, Authorization, Authentication
ItauText_Rg.559b5301fcaf88a3b49f.ttf
boletopdf.correspondenciasdigitais.com.br/ 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://boletopdf.correspondenciasdigitais.com.br/ItauText_Rg.559b5301fcaf88a3b49f.ttf
Requested by
Host: boletopdf.correspondenciasdigitais.com.br
URL: https://boletopdf.correspondenciasdigitais.com.br/styles.4d2fb176df6d446efdb1.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.206.169.53 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Itaú Unibanco Holding S.A. /
Resource Hash
0656ec3094e952835fd507c3861e6409eaf1b6bf26ecab7aa4eb5408c815dde3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://boletopdf.correspondenciasdigitais.com.br/styles.4d2fb176df6d446efdb1.css
Origin
https://boletopdf.correspondenciasdigitais.com.br
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 21 Apr 2023 15:44:16 GMT
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
content-length
50960
x-xss-protection
1; mode=block
last-modified
Thu, 22 Sep 2022 11:40:56 GMT
server
Itaú Unibanco Holding S.A.
etag
"7bbe612d78ced81:0"
x-frame-options
sameorigin
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*.correspondenciasdigitais.com.br
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
response-type, Content-Type, Accept, X-Requested-With, remember-me, Authorization, Authentication
ItauDisplay_Lt.445d2ca034481f17fee2.ttf
boletopdf.correspondenciasdigitais.com.br/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://boletopdf.correspondenciasdigitais.com.br/ItauDisplay_Lt.445d2ca034481f17fee2.ttf
Requested by
Host: boletopdf.correspondenciasdigitais.com.br
URL: https://boletopdf.correspondenciasdigitais.com.br/styles.4d2fb176df6d446efdb1.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.206.169.53 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Itaú Unibanco Holding S.A. /
Resource Hash
02a20dbc98bc2ac0730257f30bdb6677b4c46589d1e2baf17bd54fb910877bcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://boletopdf.correspondenciasdigitais.com.br/styles.4d2fb176df6d446efdb1.css
Origin
https://boletopdf.correspondenciasdigitais.com.br
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 21 Apr 2023 15:44:16 GMT
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
content-length
50092
x-xss-protection
1; mode=block
last-modified
Thu, 22 Sep 2022 11:40:56 GMT
server
Itaú Unibanco Holding S.A.
etag
"7bbe612d78ced81:0"
x-frame-options
sameorigin
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*.correspondenciasdigitais.com.br
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
response-type, Content-Type, Accept, X-Requested-With, remember-me, Authorization, Authentication
itaufonts_master_24px_v44.ebf863866ee3b68af7c9.ttf
boletopdf.correspondenciasdigitais.com.br/ 		136 KB
136 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://boletopdf.correspondenciasdigitais.com.br/itaufonts_master_24px_v44.ebf863866ee3b68af7c9.ttf
Requested by
Host: boletopdf.correspondenciasdigitais.com.br
URL: https://boletopdf.correspondenciasdigitais.com.br/styles.4d2fb176df6d446efdb1.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.206.169.53 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Itaú Unibanco Holding S.A. /
Resource Hash
f6aba01dfbeb3b19b23c4a6ca25ace71c7d794ec834e077d809c6082e5c76156
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://boletopdf.correspondenciasdigitais.com.br/styles.4d2fb176df6d446efdb1.css
Origin
https://boletopdf.correspondenciasdigitais.com.br
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 21 Apr 2023 15:44:17 GMT
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
content-length
139220
x-xss-protection
1; mode=block
last-modified
Thu, 22 Sep 2022 11:40:56 GMT
server
Itaú Unibanco Holding S.A.
etag
"94e5612d78ced81:0"
x-frame-options
sameorigin
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*.correspondenciasdigitais.com.br
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
response-type, Content-Type, Accept, X-Requested-With, remember-me, Authorization, Authentication
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4dfbf35bbbaeb03edefbe60cbced515b6df3d0a15195b74619d911e81532c73b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/jpeg

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banco Itau (Banking)

265 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| webpackJsonp function| Zone function| __zone_symbol__Promise function| __zone_symbol__ZoneAwarePromise function| __zone_symbol__fetch function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__ononbeforeinputpatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__onontransitioncancelpatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__onondevicemotionpatched boolean| __zone_symbol__onondeviceorientationpatched boolean| __zone_symbol__onondeviceorientationabsolutepatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__onontransitionrunpatched boolean| __zone_symbol__onontransitionstartpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononmessageerrorpatched function| getUrlParameter function| detectIE function| rgb2hex function| _createClass function| _possibleConstructorReturn function| _inherits function| _classCallCheck function| Emitter function| Dropzone function| without function| camelize function| detectVerticalSquash function| drawImageIOSFix function| ExifRestore function| contentLoaded function| __guard__ function| __guardMethod__ function| watchFileUploader function| bytesToSize function| setInitialFocus function| preventRouteChange function| initializePopovers function| initializeTooltips function| initializeDatePickers function| initializeMasks function| initializeColorPickers function| initializeComboboxes function| initializeSlider function| setDropdownInitialValue function| disableControls function| getQueryString function| applyOnScope function| isNullOrBlank function| isNullOrEmpty function| isNull function| isFunction function| applyColumnFilters function| createFilterContent function| closePopover function| sortColumn function| filterColumn function| prepareFilters function| createLocalDownload function| createUrlDownload function| prepareSingleSearchSetting function| generateNewGUID function| alphanumeric function| reloadRoute function| launchContainer function| createDynamicModalContainer function| replaceAll function| displaySuccessToastMessage function| displayToastMessage function| datediff function| sumSection function| translatePage function| downloadFile function| Showloading function| Removeloading object| Pace function| $ function| jQuery function| Popper object| bootstrap object| __zone_symbol__loadfalse function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal function| SVGPathSeg function| SVGPathSegClosePath function| SVGPathSegMovetoAbs function| SVGPathSegMovetoRel function| SVGPathSegLinetoAbs function| SVGPathSegLinetoRel function| SVGPathSegCurvetoCubicAbs function| SVGPathSegCurvetoCubicRel function| SVGPathSegCurvetoQuadraticAbs function| SVGPathSegCurvetoQuadraticRel function| SVGPathSegArcAbs function| SVGPathSegArcRel function| SVGPathSegLinetoHorizontalAbs function| SVGPathSegLinetoHorizontalRel function| SVGPathSegLinetoVerticalAbs function| SVGPathSegLinetoVerticalRel function| SVGPathSegCurvetoCubicSmoothAbs function| SVGPathSegCurvetoCubicSmoothRel function| SVGPathSegCurvetoQuadraticSmoothAbs function| SVGPathSegCurvetoQuadraticSmoothRel function| SVGPathSegList object| c3 object| d3 function| md5 function| getUserSettings function| getPreference function| setPreference function| getSnippetConfig function| getSnippetOption function| setSnippetOption function| minimizeSnippet function| removeSnippet function| saveUserSettings object| __zone_symbol__scrollfalse object| language number| defaultCurrency number| currentExchangeMark object| exchangeRatios function| storeExchangeData string| cultureInfo object| formatter object| converter object| installedModules function| verifyInstalledModule function| verifyInstalledModuleByGUID function| storeModuleData function| apiServiceCall function| getAppResource function| getAppResourceUrl function| logOff function| localServiceCall function| _ object| toastr function| JSZip object| ZeroClipboard_TableTools object| ng object| __zone_symbol__popstatefalse object| __zone_symbol__hashchangefalse function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

boletopdf.correspondenciasdigitais.com.br
fonts.googleapis.com
itaucedenteapi.azurewebsites.net
use.fontawesome.com
191.235.228.36
20.206.169.53
2606:4700:e2::ac40:840f
2607:f8b0:4006:822::200a
02a20dbc98bc2ac0730257f30bdb6677b4c46589d1e2baf17bd54fb910877bcf
0656ec3094e952835fd507c3861e6409eaf1b6bf26ecab7aa4eb5408c815dde3
16044dd9296fd5714d0e0df941a9af0945e3e09ef78c71475069bfbbb6dbf20b
1bf4df82c04c41663c996db2f1db9fcc85aa24f75b8fed5ad802aeb87a724901
29db029e748c3924c6946fde0b0a4a6b00d52300e7957ab2820353343685068c
34559caa489fda05d9c558278394ea90208b0e2c45e716b012e5fe5ad85257ac
47d6592a94f7bf3e4ac42626860cdb7e604953561b83956adaec0a2b77c5f3c4
4dfbf35bbbaeb03edefbe60cbced515b6df3d0a15195b74619d911e81532c73b
604dcf1f11698655f75046bb92f98aaa9477e1c16b01c5fc415e78794393ffb9
8279b705b51043ba6e37f06697cb832a20978032c7e203a96f18018c0e2f7b76
a508aa76b56a924c7d3dfab9cdddd519b9f3264b494cc044430653aa38cbcd77
b2a5c4811723ddfbbea26c1b791292aa7b2979760c8901c26c52de9800582aac
bb87ba07aa042f683de11de4ba29cd74432542642ecd2db508e03e6cc86e76c7
cbc6e7c903c128a1e6bb6a7ecb6d2007b92327c1c8f7f0519eadec261da00074
d0d30036259e8ac9a614e851e3ad0878f337df856c8abe2dd4c0aa620d615f3a
dd6a9313d55f3d4e75e71aedb3fee34281caf8fdb3690e6484008604e8986b6f
ec449b90a12df224ff679dcc26fe6a075b8bee6575b7891ea55b96c5869d828c
f6aba01dfbeb3b19b23c4a6ca25ace71c7d794ec834e077d809c6082e5c76156