urlscan.io logo urlscan.io
SecurityTrails logo

appweb-mall-logln.sp.skdrive.net Open in urlscan Pro
131.255.179.253  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://uqr.to/1j3xz
Effective URL: https://appweb-mall-logln.sp.skdrive.net/atualize&uol&mail_rlz=1C1KNTJ_pt-BRBR1054BR1054&oq=uol&aqs=69i57j46i131i199i433i465i512j
Submission: On May 22 via manual from BR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 5 countries across 10 domains to perform 23 HTTP transactions. The main IP is 131.255.179.253, located in Itauna, Brazil and belongs to Sonik Servicos de Comunicacao LTDA, BR. The main domain is appweb-mall-logln.sp.skdrive.net.
TLS certificate: Issued by R3 on May 11th 2023. Valid for: 3 months.
This is the only time appweb-mall-logln.sp.skdrive.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Universo Online (UOL) (Banking)

Domain & IP information

IP Address AS Autonomous System
1 13.58.57.95 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 212.127.94.2 15851 (WASK-COM ...)
1 9 131.255.179.253 264491 (Sonik Ser...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
23 8
1    13.58.57.95 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-58-57-95.us-east-2.compute.amazonaws.com
uqr.to
1    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:400c:c09::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    212.127.94.2 (Wroclaw, Poland)

ASN15851 (WASK-COM WROCMAN-COM non-educational part of WASK network, Wroclaw,Poland, PL)
PTR: misha.static.ip.WRO.Korbank.PL
u0ll0gin.node.cloudlets.zone
9    131.255.179.253 (Itauna, Brazil)

ASN264491 (Sonik Servicos de Comunicacao LTDA, BR)
PTR: 253-179-255-131.soniknet.com.br
appweb-mall-logln.sp.skdrive.net
2    2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
Apex Domain
Subdomains		 Transfer
9 skdrive.net
appweb-mall-logln.sp.skdrive.net
122 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
21 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 6080
515 B
2 google.com
www.google.com — Cisco Umbrella Rank: 2
515 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 76
413 B
1 cloudlets.zone
u0ll0gin.node.cloudlets.zone
478 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
49 KB
1 uqr.to
uqr.to — Cisco Umbrella Rank: 313023
2 KB
0 uol.com Failed
stc.uol.com Failed
0 imguol.com Failed
imguol.com Failed
23 10
Domain Requested by
9 appweb-mall-logln.sp.skdrive.net 1 redirects uqr.to
appweb-mall-logln.sp.skdrive.net
3 www.google-analytics.com www.googletagmanager.com
uqr.to
2 www.google.de
2 www.google.com
2 stats.g.doubleclick.net www.google-analytics.com
1 u0ll0gin.node.cloudlets.zone 1 redirects
1 www.googletagmanager.com uqr.to
1 uqr.to
0 stc.uol.com Failed appweb-mall-logln.sp.skdrive.net
0 imguol.com Failed appweb-mall-logln.sp.skdrive.net
23 10

This site contains links to these domains. Also see Links.

Domain
email.uol.com.br
uolmailsecurity-001-site1.atempurl.com
Subject Issuer Validity Valid
uqr.to
R3		 2023-03-29 -
2023-06-27		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.sp.skdrive.net
R3		 2023-05-11 -
2023-08-09		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://appweb-mall-logln.sp.skdrive.net/atualize&uol&mail_rlz=1C1KNTJ_pt-BRBR1054BR1054&oq=uol&aqs=69i57j46i131i199i433i465i512j
Frame ID: C0F7E8F37ADBBED19D67486C02749E86
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

E-mail UOL

Page URL History Show full URLs

  1. https://uqr.to/1j3xz Page URL
  2. https://u0ll0gin.node.cloudlets.zone/links.php HTTP 302
    https://appweb-mall-logln.sp.skdrive.net/?763189 HTTP 302
    https://appweb-mall-logln.sp.skdrive.net/atualize&uol&mail_rlz=1C1KNTJ_pt-BRBR1054BR1054&oq=uol&aqs=69i57j46i131i199i... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

23
Requests

83 %
HTTPS

63 %
IPv6

10
Domains

10
Subdomains

8
IPs

5
Countries

195 kB
Transfer

531 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://uqr.to/1j3xz Page URL
  2. https://u0ll0gin.node.cloudlets.zone/links.php HTTP 302
    https://appweb-mall-logln.sp.skdrive.net/?763189 HTTP 302
    https://appweb-mall-logln.sp.skdrive.net/atualize&uol&mail_rlz=1C1KNTJ_pt-BRBR1054BR1054&oq=uol&aqs=69i57j46i131i199i433i465i512j Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
1j3xz
uqr.to/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://uqr.to/1j3xz
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.58.57.95 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-58-57-95.us-east-2.compute.amazonaws.com
Software
Apache /
Resource Hash
878b1d56a33e5dfd767db7fca875afe3bb8b9424d653132425b984d2197f038a
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, private, max-age=2592000
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
797
Content-Security-Policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
Content-Type
text/html; charset=UTF-8
Date
Mon, 22 May 2023 14:15:11 GMT
Expires
Wed, 21 Jun 2023 14:15:11 GMT
Keep-Alive
timeout=5, max=500
Permissions-Policy
geolocation=self
Referrer-Policy
strict-origin
Server
Apache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Robots-Tag
noindex, nofollow
X-XSS-Protection
1; mode=block
gtm.js
www.googletagmanager.com/ 		127 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NSZ7GSJ&l=uqtdl
Requested by
Host: uqr.to
URL: https://uqr.to/1j3xz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
65f6d50704b7f2be48b03a6df038d4e47788a64bf6e7e8061a7acdb4ed344a59
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uqr.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:15:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49296
x-xss-protection
0
last-modified
Mon, 22 May 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 22 May 2023 14:15:11 GMT
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NSZ7GSJ&l=uqtdl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uqr.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 22 May 2023 13:05:00 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
4211
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Mon, 22 May 2023 15:05:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-18982026-1&cid=1352210915.1684764912&jid=1705792378&gjid=1463027764&_gid=2024861691.1684764912&_u=YGBAgEABAAAAAEAAI~&z=1221228020
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://uqr.to/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 22 May 2023 14:15:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://uqr.to
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-18982026-3&cid=1352210915.1684764912&jid=997265679&gjid=825373181&_gid=2024861691.1684764912&_u=YGDAgEABAAAAAEAAI~&z=1549412779
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://uqr.to/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 22 May 2023 14:15:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://uqr.to
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=684944386&t=pageview&_s=1&dl=https%3A%2F%2Fuqr.to%2F1j3xz&ul=en-us&de=UTF-8&dt=Cadastro-UOL&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEABAAAAAAAAI~&jid=1705792378&gjid=1463027764&cid=1352210915.1684764912&tid=UA-18982026-1&_gid=2024861691.1684764912&gtm=45He35h0n81NSZ7GSJ&cd1=1&cd2=1025098&z=1735123592
Requested by
Host: uqr.to
URL: https://uqr.to/1j3xz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uqr.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 May 2023 18:11:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
72235
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=684944386&t=pageview&_s=1&dl=https%3A%2F%2Fuqr.to%2F1j3xz&ul=en-us&de=UTF-8&dt=Cadastro-UOL&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAgEABAAAAAEAAI~&jid=997265679&gjid=825373181&cid=1352210915.1684764912&tid=UA-18982026-3&_gid=2024861691.1684764912&gtm=45He35h0n81NSZ7GSJ&cd1=1025098&cd2=%20-%20test&z=389389057
Requested by
Host: uqr.to
URL: https://uqr.to/1j3xz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uqr.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 May 2023 18:11:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
72235
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
Primary Request atualize&uol&mail_rlz=1C1KNTJ_pt-BRBR1054BR1054&oq=uol&aqs=69i57j46i131i199i433i465i512j
appweb-mall-logln.sp.skdrive.net/
Redirect Chain
  • https://u0ll0gin.node.cloudlets.zone/links.php
  • https://appweb-mall-logln.sp.skdrive.net/?763189
  • https://appweb-mall-logln.sp.skdrive.net/atualize&uol&mail_rlz=1C1KNTJ_pt-BRBR1054BR1054&oq=uol&aqs=69i57j46i131i199i433i465i512j
13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://appweb-mall-logln.sp.skdrive.net/atualize&uol&mail_rlz=1C1KNTJ_pt-BRBR1054BR1054&oq=uol&aqs=69i57j46i131i199i433i465i512j
Requested by
Host: uqr.to
URL: https://uqr.to/1j3xz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
131.255.179.253 Itauna, Brazil, ASN264491 (Sonik Servicos de Comunicacao LTDA, BR),
Reverse DNS
253-179-255-131.soniknet.com.br
Software
openresty /
Resource Hash
2e7d476b62899f136cb77b73e9360bb733e128c0a9fb355384ce5f3b75ba69dd
Security Headers
Name Value
Strict-Transport-Security max-age=15811200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

Referer
https://uqr.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
4768
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-origin
date
Mon, 22 May 2023 14:15:14 GMT
etag
"348e-5f9c3651ea780-gzip"
last-modified
Thu, 20 Apr 2023 12:08:14 GMT
permissions-policy
geolocation=(self), payment=(self)
referrer-policy
strict-origin-when-cross-origin
server
openresty
strict-transport-security
max-age=15811200
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-resolver-ip
131.255.179.253
x-xss-protection
1; mode=block;

Redirect headers

content-length
92
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-origin
date
Mon, 22 May 2023 14:15:14 GMT
location
atualize&uol&mail_rlz=1C1KNTJ_pt-BRBR1054BR1054&oq=uol&aqs=69i57j46i131i199i433i465i512j
permissions-policy
geolocation=(self), payment=(self)
referrer-policy
strict-origin-when-cross-origin
server
openresty
strict-transport-security
max-age=15811200
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-resolver-ip
131.255.179.253
x-xss-protection
1; mode=block;
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-18982026-1&cid=1352210915.1684764912&jid=1705792378&_u=YGBAgEABAAAAAEAAI~&z=1950183895
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uqr.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:15:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-18982026-1&cid=1352210915.1684764912&jid=1705792378&_u=YGBAgEABAAAAAEAAI~&z=1950183895
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uqr.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:15:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-18982026-3&cid=1352210915.1684764912&jid=997265679&_u=YGDAgEABAAAAAEAAI~&z=149327307
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uqr.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:15:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-18982026-3&cid=1352210915.1684764912&jid=997265679&_u=YGDAgEABAAAAAEAAI~&z=149327307
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uqr.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 14:15:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.css
appweb-mall-logln.sp.skdrive.net/index_arquivos/ 		158 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://appweb-mall-logln.sp.skdrive.net/index_arquivos/main.css
Requested by
Host: appweb-mall-logln.sp.skdrive.net
URL: https://appweb-mall-logln.sp.skdrive.net/atualize&uol&mail_rlz=1C1KNTJ_pt-BRBR1054BR1054&oq=uol&aqs=69i57j46i131i199i433i465i512j
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
131.255.179.253 Itauna, Brazil, ASN264491 (Sonik Servicos de Comunicacao LTDA, BR),
Reverse DNS
253-179-255-131.soniknet.com.br
Software
openresty /
Resource Hash
2379d136b78de5869d1937d82bf940b355864749e989829f3ef49fa3c5095464
Security Headers
Name Value
Strict-Transport-Security max-age=15811200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://appweb-mall-logln.sp.skdrive.net/atualize&uol&mail_rlz=1C1KNTJ_pt-BRBR1054BR1054&oq=uol&aqs=69i57j46i131i199i433i465i512j
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:15:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15811200
x-permitted-cross-domain-policies
none
cross-origin-embedder-policy
unsafe-none
cross-origin-resource-policy
same-origin
content-length
32473
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 30 Sep 2020 12:05:04 GMT
server
openresty
cross-origin-opener-policy
same-origin-allow-popups
etag
"2777f-5b086b5b1fc00-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
x-resolver-ip
131.255.179.253
jquery.js
appweb-mall-logln.sp.skdrive.net/index_arquivos/ 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://appweb-mall-logln.sp.skdrive.net/index_arquivos/jquery.js
Requested by
Host: appweb-mall-logln.sp.skdrive.net
URL: https://appweb-mall-logln.sp.skdrive.net/atualize&uol&mail_rlz=1C1KNTJ_pt-BRBR1054BR1054&oq=uol&aqs=69i57j46i131i199i433i465i512j
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
131.255.179.253 Itauna, Brazil, ASN264491 (Sonik Servicos de Comunicacao LTDA, BR),
Reverse DNS
253-179-255-131.soniknet.com.br
Software
openresty /
Resource Hash
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515
Security Headers
Name Value
Strict-Transport-Security max-age=15811200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://appweb-mall-logln.sp.skdrive.net/atualize&uol&mail_rlz=1C1KNTJ_pt-BRBR1054BR1054&oq=uol&aqs=69i57j46i131i199i433i465i512j
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:15:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15811200
x-permitted-cross-domain-policies
none
cross-origin-embedder-policy
unsafe-none
cross-origin-resource-policy
same-origin
content-length
29547
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 30 Sep 2020 12:05:06 GMT
server
openresty
cross-origin-opener-policy
same-origin-allow-popups
etag
"14983-5b086b5d08080-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
x-resolver-ip
131.255.179.253
partner
appweb-mall-logln.sp.skdrive.net/index_arquivos/ 		827 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://appweb-mall-logln.sp.skdrive.net/index_arquivos/partner
Requested by
Host: appweb-mall-logln.sp.skdrive.net
URL: https://appweb-mall-logln.sp.skdrive.net/atualize&uol&mail_rlz=1C1KNTJ_pt-BRBR1054BR1054&oq=uol&aqs=69i57j46i131i199i433i465i512j
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
131.255.179.253 Itauna, Brazil, ASN264491 (Sonik Servicos de Comunicacao LTDA, BR),
Reverse DNS
253-179-255-131.soniknet.com.br
Software
openresty /
Resource Hash
9369e6384596ebc8c7bfc024dca2876deaa3c452b8e22252ce730845f4d44b71
Security Headers
Name Value
Strict-Transport-Security max-age=15811200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://appweb-mall-logln.sp.skdrive.net/atualize&uol&mail_rlz=1C1KNTJ_pt-BRBR1054BR1054&oq=uol&aqs=69i57j46i131i199i433i465i512j
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:15:14 GMT
strict-transport-security
max-age=15811200
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
cross-origin-embedder-policy
unsafe-none
cross-origin-resource-policy
same-origin
content-length
827
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 30 Sep 2020 12:05:04 GMT
server
openresty
cross-origin-opener-policy
same-origin-allow-popups
etag
"33b-5b086b5b1fc00"
x-frame-options
SAMEORIGIN
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
x-resolver-ip
131.255.179.253
logo_uolmail2.png
imguol.com/p/g/logos/ 		0
0
logo-uol.svg
appweb-mall-logln.sp.skdrive.net/index_arquivos/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://appweb-mall-logln.sp.skdrive.net/index_arquivos/logo-uol.svg
Requested by
Host: appweb-mall-logln.sp.skdrive.net
URL: https://appweb-mall-logln.sp.skdrive.net/atualize&uol&mail_rlz=1C1KNTJ_pt-BRBR1054BR1054&oq=uol&aqs=69i57j46i131i199i433i465i512j
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
131.255.179.253 Itauna, Brazil, ASN264491 (Sonik Servicos de Comunicacao LTDA, BR),
Reverse DNS
253-179-255-131.soniknet.com.br
Software
openresty /
Resource Hash
8d828650afa0e87b3ece850b6be4d2eaded63e4e4424a190f1ce39f62460f625
Security Headers
Name Value
Strict-Transport-Security max-age=15811200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://appweb-mall-logln.sp.skdrive.net/atualize&uol&mail_rlz=1C1KNTJ_pt-BRBR1054BR1054&oq=uol&aqs=69i57j46i131i199i433i465i512j
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:15:15 GMT
strict-transport-security
max-age=15811200
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
cross-origin-embedder-policy
unsafe-none
cross-origin-resource-policy
same-origin
content-length
17873
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 30 Sep 2020 12:05:04 GMT
server
openresty
cross-origin-opener-policy
same-origin-allow-popups
etag
"45d1-5b086b5b1fc00"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
x-resolver-ip
131.255.179.253
logo-pagseguro.svg
appweb-mall-logln.sp.skdrive.net/index_arquivos/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://appweb-mall-logln.sp.skdrive.net/index_arquivos/logo-pagseguro.svg
Requested by
Host: appweb-mall-logln.sp.skdrive.net
URL: https://appweb-mall-logln.sp.skdrive.net/atualize&uol&mail_rlz=1C1KNTJ_pt-BRBR1054BR1054&oq=uol&aqs=69i57j46i131i199i433i465i512j
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
131.255.179.253 Itauna, Brazil, ASN264491 (Sonik Servicos de Comunicacao LTDA, BR),
Reverse DNS
253-179-255-131.soniknet.com.br
Software
openresty /
Resource Hash
4cc86e7e65f1f8332228e8d1735ba8b7e82367c6e93d644c3d41c473891b6c2d
Security Headers
Name Value
Strict-Transport-Security max-age=15811200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://appweb-mall-logln.sp.skdrive.net/atualize&uol&mail_rlz=1C1KNTJ_pt-BRBR1054BR1054&oq=uol&aqs=69i57j46i131i199i433i465i512j
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:15:15 GMT
strict-transport-security
max-age=15811200
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
cross-origin-embedder-policy
unsafe-none
cross-origin-resource-policy
same-origin
content-length
5598
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 30 Sep 2020 12:05:04 GMT
server
openresty
cross-origin-opener-policy
same-origin-allow-popups
etag
"15de-5b086b5b1fc00"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
x-resolver-ip
131.255.179.253
logo-uolhost.svg
appweb-mall-logln.sp.skdrive.net/index_arquivos/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://appweb-mall-logln.sp.skdrive.net/index_arquivos/logo-uolhost.svg
Requested by
Host: appweb-mall-logln.sp.skdrive.net
URL: https://appweb-mall-logln.sp.skdrive.net/atualize&uol&mail_rlz=1C1KNTJ_pt-BRBR1054BR1054&oq=uol&aqs=69i57j46i131i199i433i465i512j
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
131.255.179.253 Itauna, Brazil, ASN264491 (Sonik Servicos de Comunicacao LTDA, BR),
Reverse DNS
253-179-255-131.soniknet.com.br
Software
openresty /
Resource Hash
0b931dd83952d1b448e6afb2520ca01091274b875839e4134e6c0bf433b61587
Security Headers
Name Value
Strict-Transport-Security max-age=15811200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://appweb-mall-logln.sp.skdrive.net/atualize&uol&mail_rlz=1C1KNTJ_pt-BRBR1054BR1054&oq=uol&aqs=69i57j46i131i199i433i465i512j
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:15:15 GMT
strict-transport-security
max-age=15811200
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
cross-origin-embedder-policy
unsafe-none
cross-origin-resource-policy
same-origin
content-length
18827
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 30 Sep 2020 12:05:04 GMT
server
openresty
cross-origin-opener-policy
same-origin-allow-popups
etag
"498b-5b086b5b1fc00"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
x-resolver-ip
131.255.179.253
main.js
appweb-mall-logln.sp.skdrive.net/index_arquivos/ 		56 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://appweb-mall-logln.sp.skdrive.net/index_arquivos/main.js
Requested by
Host: appweb-mall-logln.sp.skdrive.net
URL: https://appweb-mall-logln.sp.skdrive.net/atualize&uol&mail_rlz=1C1KNTJ_pt-BRBR1054BR1054&oq=uol&aqs=69i57j46i131i199i433i465i512j
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
131.255.179.253 Itauna, Brazil, ASN264491 (Sonik Servicos de Comunicacao LTDA, BR),
Reverse DNS
253-179-255-131.soniknet.com.br
Software
openresty /
Resource Hash
6f1d74f97d22f131acfa463839affc314352a452eb6649b8d9fd181e1b83d487
Security Headers
Name Value
Strict-Transport-Security max-age=15811200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://appweb-mall-logln.sp.skdrive.net/atualize&uol&mail_rlz=1C1KNTJ_pt-BRBR1054BR1054&oq=uol&aqs=69i57j46i131i199i433i465i512j
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 14:15:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15811200
x-permitted-cross-domain-policies
none
cross-origin-embedder-policy
unsafe-none
cross-origin-resource-policy
same-origin
content-length
10581
x-xss-protection
1; mode=block;
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 30 Sep 2020 12:05:04 GMT
server
openresty
cross-origin-opener-policy
same-origin-allow-popups
etag
"df79-5b086b5b1fc00-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
permissions-policy
geolocation=(self), payment=(self)
accept-ranges
bytes
x-resolver-ip
131.255.179.253
uol-text-regular.woff
stc.uol.com/c/webfont/projeto-grafico/uol-font/ 		0
0
uol-text-bold.woff
stc.uol.com/c/webfont/projeto-grafico/uol-font/ 		0
0
uol-text-lighter.woff
stc.uol.com/c/webfont/projeto-grafico/uol-font/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
imguol.com
URL
https://imguol.com/p/g/logos/logo_uolmail2.png
Domain
stc.uol.com
URL
https://stc.uol.com/c/webfont/projeto-grafico/uol-font/uol-text-regular.woff
Domain
stc.uol.com
URL
https://stc.uol.com/c/webfont/projeto-grafico/uol-font/uol-text-bold.woff
Domain
stc.uol.com
URL
https://stc.uol.com/c/webfont/projeto-grafico/uol-font/uol-text-lighter.woff

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Universo Online (UOL) (Banking)

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| $ function| jQuery function| mostrar function| esconder function| onSubmit function| onloadCallback object| osirisUai function| uolAnalytics object| universal_variable object| uolads object| dnaReady undefined| dnaRun object| webpackJsonposiris-frontend

8 Cookies

Domain/Path Name / Value
uqr.to/ Name: stat_session2571191
Value: b8c18c6b-80bf-44de-8973-f550de9a155a
uqr.to/ Name: device_view
Value: full
.uqr.to/ Name: _ga
Value: GA1.2.1352210915.1684764912
.uqr.to/ Name: _gid
Value: GA1.2.2024861691.1684764912
.uqr.to/ Name: _dc_gtm_UA-18982026-1
Value: 1
.uqr.to/ Name: _dc_gtm_UA-18982026-3
Value: 1
u0ll0gin.node.cloudlets.zone/ Name: SRVGROUP
Value: common
appweb-mall-logln.sp.skdrive.net/ Name: SRVGROUP
Value: common

1 Console Messages

Source Level URL
Text
security error URL: https://appweb-mall-logln.sp.skdrive.net/atualize&uol&mail_rlz=1C1KNTJ_pt-BRBR1054BR1054&oq=uol&aqs=69i57j46i131i199i433i465i512j
Message:
Refused to execute script from 'https://appweb-mall-logln.sp.skdrive.net/index_arquivos/partner' because its MIME type ('') is not executable, and strict MIME type checking is enabled.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block