cservicosonsss.is-a-geek.net Open in urlscan Pro
104.234.70.188 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://cservicosonsss.is-a-geek.net/fatura/
Effective URL:
https://cservicosonsss.is-a-geek.net/fatura/
Submission Tags: @phish_report
Submission: On July 04 via api (July 4th 2024, 12:49:29 pm UTC) from FI — Scanned from IS

Summary HTTP 84 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 20 IPs in 5 countries across 14 domains to perform 84 HTTP transactions. The main IP is 104.234.70.188, located in Canada and belongs to MASTER DA WEB DATACENTER LTDA, BR. The main domain is cservicosonsss.is-a-geek.net.
TLS certificate: Issued by R11 on July 2nd 2024. Valid for: 3 months.

This is the only time cservicosonsss.is-a-geek.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Universo Online (UOL) (Banking)

Domain & IP information

	IP Address	AS Autonomous System
40	104.234.70.188 104.234.70.188	270564 (MASTER DA...) (MASTER DA WEB DATACENTER LTDA)
6	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.185.100 142.250.185.100	15169 (GOOGLE) (GOOGLE)
3	2600:9000:225... 2600:9000:2251:8000:6:5b96:3f00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:350... 2a02:26f0:3500:4::b818:4d94	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:276... 2600:9000:2761:fa00:6:9eb2:5cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:276... 2600:9000:2761:b600:1:5a19:8b40:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1 4	18.244.18.32 18.244.18.32	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:235... 2600:9000:2359:3c00:1:bcff:6780:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
1	200.147.66.10 200.147.66.10	7162 (Universo ...) (Universo Online S.A.)
1	185.89.211.84 185.89.211.84	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c09::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2 4	34.102.185.99 34.102.185.99	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2804:49c:3101... 2804:49c:3101:401:ffff:ffff:ffff:52	15201 (Universo ...) (Universo Online S.A.)
84	20

40 104.234.70.188 (Canada)

ASN270564 (MASTER DA WEB DATACENTER LTDA, BR)
PTR: 104-234-70-188.masterdaweb.com

cservicosonsss.is-a-geek.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2251:8000:6:5b96:3f00:93a1 (United States)

ASN16509 (AMAZON-02, US)

tm.uol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:4::b818:4d94 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

me.jsuol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2761:fa00:6:9eb2:5cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

tm.jsuol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2761:b600:1:5a19:8b40:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.uol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.244.18.32 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-32.fra56.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2359:3c00:1:bcff:6780:93a1 (United States)

ASN16509 (AMAZON-02, US)

udr.uol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 200.147.66.10 (Brazil)

ASN7162 (Universo Online S.A., BR)

imgpx.uol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.211.84 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c09::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.is	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.102.185.99 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 99.185.102.34.bc.googleusercontent.com

m.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2804:49c:3101:401:ffff:ffff:ffff:52 (Brazil)

ASN15201 (Universo Online S.A., BR)

tracker.bt.uol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	is-a-geek.net cservicosonsss.is-a-geek.net	552 KB
10	gstatic.com www.gstatic.com fonts.gstatic.com	248 KB
9	uol.com.br tm.uol.com.br — Cisco Umbrella Rank: 63811 www.uol.com.br — Cisco Umbrella Rank: 70762 dna.uol.com.br Failed udr.uol.com.br — Cisco Umbrella Rank: 74394 imgpx.uol.com.br tracker.bt.uol.com.br — Cisco Umbrella Rank: 68294	3 KB
4	tailtarget.com 2 redirects m.t.tailtarget.com — Cisco Umbrella Rank: 142183	991 B
4	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 188	6 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 71	21 KB
2	jsuol.com.br me.jsuol.com.br — Cisco Umbrella Rank: 76372 tm.jsuol.com.br — Cisco Umbrella Rank: 59793	12 KB
2	google.com www.google.com — Cisco Umbrella Rank: 5 region1.analytics.google.com — Cisco Umbrella Rank: 3125	619 B
1	google.is www.google.is — Cisco Umbrella Rank: 30069	408 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 136	253 B
1	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 279	581 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 81	89 KB
0	imguol.com.br Failed hp.imguol.com.br Failed
0	uol.com Failed stc.uol.com Failed
84	14

	Domain	Requested by
40	cservicosonsss.is-a-geek.net	cservicosonsss.is-a-geek.net
6	www.gstatic.com	cservicosonsss.is-a-geek.net www.google.com
4	m.t.tailtarget.com	2 redirects cservicosonsss.is-a-geek.net
4	sb.scorecardresearch.com	1 redirects cservicosonsss.is-a-geek.net
4	fonts.gstatic.com	cservicosonsss.is-a-geek.net
3	udr.uol.com.br	tm.jsuol.com.br cservicosonsss.is-a-geek.net
3	www.google-analytics.com	cservicosonsss.is-a-geek.net
3	tm.uol.com.br	cservicosonsss.is-a-geek.net
1	tracker.bt.uol.com.br	cservicosonsss.is-a-geek.net
1	www.google.is	cservicosonsss.is-a-geek.net
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	ib.adnxs.com	tm.jsuol.com.br
1	imgpx.uol.com.br	cservicosonsss.is-a-geek.net
1	www.googletagmanager.com	me.jsuol.com.br
1	www.uol.com.br
1	tm.jsuol.com.br	cservicosonsss.is-a-geek.net
1	me.jsuol.com.br	cservicosonsss.is-a-geek.net
1	www.google.com	cservicosonsss.is-a-geek.net
0	hp.imguol.com.br Failed
0	dna.uol.com.br Failed
0	stc.uol.com Failed	cservicosonsss.is-a-geek.net
84	22

This site contains links to these domains. Also see Links.

Domain
email.uol.com.br
sac.uol.com.br
regras.uol.com.br
denuncia.uol.com.br

Subject Issuer	Validity	Valid
cservicosonsss.is-a-geek.net R11	`2024-07-02` - `2024-09-30`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.uol.com.br Amazon RSA 2048 M02	`2024-06-05` - `2025-07-04`	a year	crt.sh
www.uol.com.br DigiCert TLS RSA SHA256 2020 CA1	`2024-05-07` - `2025-03-12`	10 months	crt.sh
*.jsuol.com.br Amazon RSA 2048 M03	`2024-07-03` - `2025-07-31`	a year	crt.sh
*.google-analytics.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2023-12-11` - `2024-12-10`	a year	crt.sh
imgpx.uol.com.br RapidSSL TLS RSA CA G1	`2023-11-28` - `2024-12-28`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.google.is WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
uol.com GeoTrust TLS RSA CA G1	`2023-09-11` - `2024-09-22`	a year	crt.sh

This page contains 12 frames:

Primary Page: https://cservicosonsss.is-a-geek.net/fatura/
Frame ID: 4A6C3EB0ED97AFEA008E9505099FF4BA
Requests: 61 HTTP requests in this frame

Frame: https://cservicosonsss.is-a-geek.net/fatura/E-mail%20UOL_files/anchor.html
Frame ID: 4BC259BC03C56D9F93EB3EAA35450B69
Requests: 6 HTTP requests in this frame

Frame: https://cservicosonsss.is-a-geek.net/fatura/E-mail%20UOL_files/saved_resource(1).html
Frame ID: 5A89115DC7F8A94DC826D7B1DF624E04
Requests: 1 HTTP requests in this frame

Frame: https://cservicosonsss.is-a-geek.net/fatura/E-mail%20UOL_files/mercurio.html
Frame ID: 7BF654A72F47D1A79F63D80297C68648
Requests: 2 HTTP requests in this frame

Frame: https://cservicosonsss.is-a-geek.net/fatura/E-mail%20UOL_files/bframe.html
Frame ID: 3639E9B031772A571A0ED149FDFAEDAB
Requests: 8 HTTP requests in this frame

Frame: https://cservicosonsss.is-a-geek.net/fatura/E-mail%20UOL_files/purge-clients.html
Frame ID: 0BB3F045D043AA487760B3EE98D87FC2
Requests: 2 HTTP requests in this frame

Frame: https://cservicosonsss.is-a-geek.net/fatura/E-mail%20UOL_files/purge-clients(1).html
Frame ID: 4A6763C7B556562FBB181CF715331914
Requests: 2 HTTP requests in this frame

Frame: https://cservicosonsss.is-a-geek.net/fatura/E-mail%20UOL_files/saved_resource.html
Frame ID: A4547819AA1F64B7BDBF848C5BF29F3B
Requests: 1 HTTP requests in this frame

Frame: https://tm.uol.com.br/mercurio.html
Frame ID: 327534E0F2B41637C6D0B5BD46C11D39
Requests: 1 HTTP requests in this frame

Frame: https://www.uol.com.br/dna-iframe.html
Frame ID: 6A270E3CF3C70CE2BD307B1C8F7E17A8
Requests: 1 HTTP requests in this frame

Frame: https://tm.uol.com.br/purge-clients.html?name=DEretargeting&expname=DEretargetingExp&expdomain=1
Frame ID: 1F66F76878DC4FB5C593095F5F37D232
Requests: 1 HTTP requests in this frame

Frame: https://tm.uol.com.br/purge-clients.html?name=dynad_rt&expname=dynad_rt_exp&expdomain=1
Frame ID: AEFE7854E46CB841083DF7C4986C7704
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

E-mail UOL

Page URL History Show full URLs

http://cservicosonsss.is-a-geek.net/fatura/ HTTP 307
https://cservicosonsss.is-a-geek.net/fatura/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

84
Requests

86 %
HTTPS

68 %
IPv6

14
Domains

22
Subdomains

20
IPs

5
Countries

932 kB
Transfer

3472 kB
Size

9
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: http://email.uol.com.br/bem-vindo?utm_source=Mail-login&utm_medium=link-assineja&utm_campaign=link-mail-login-assine-uolmail
Title: ASSINE JÁ

Search URL Search Domain Scan URL

URL: https://sac.uol.com.br/#/recuperarsenha
Title: Esqueceu a senha?

Search URL Search Domain Scan URL

URL: https://sac.uol.com.br/#/account
Title: Saiba mais

Search URL Search Domain Scan URL

URL: https://regras.uol.com.br/
Title: Regras de uso

Search URL Search Domain Scan URL

URL: https://sac.uol.com.br/#/wrapper?url=https://sac.uol.com.br/info/protecao_privacidade/politica_anti-spam.jhtm
Title: Política anti-spam

Search URL Search Domain Scan URL

URL: https://denuncia.uol.com.br/
Title: Crimes virtuais: denuncie

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://cservicosonsss.is-a-geek.net/fatura/ HTTP 307
https://cservicosonsss.is-a-geek.net/fatura/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55

https://sb.scorecardresearch.com/cs/6036356/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/6036356/beacon-ios.js

Request Chain 73

https://m.t.tailtarget.com/sync/TT-10162-1/e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP 302
https://m.t.tailtarget.com/sync/TT-10162-1/e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855?check=1

Request Chain 74

https://m.t.tailtarget.com/sync/TT-10162-1/ebd6d8efd5cee98723f04f7cba880926abdc173c3036dad7fd467214ee28fa48 HTTP 302
https://m.t.tailtarget.com/sync/TT-10162-1/ebd6d8efd5cee98723f04f7cba880926abdc173c3036dad7fd467214ee28fa48?check=1

84 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
cservicosonsss.is-a-geek.net/fatura/
Redirect Chain

http://cservicosonsss.is-a-geek.net/fatura/
https://cservicosonsss.is-a-geek.net/fatura/

15 KB
6 KB

637ms
215ms

Document
text/html

104.234.70.188
MASTER DA WEB DAT...

General

Domain/Path	Expires	Name / Value
cservicosonsss.is-a-geek.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: qfnol2m3pa4k7to4ptae28dsn0
.cservicosonsss.is-a-geek.net/	1970-01-20 21:49:43	Name: _gid Value: GA1.3.954015738.1720097363
.cservicosonsss.is-a-geek.net/	1970-01-20 21:48:17	Name: _gat_uolMain Value: 1
cservicosonsss.is-a-geek.net/	1970-01-21 07:09:53	Name: _scor_uid Value: 60691943b9714898b76c79cc1173d629
.udr.uol.com.br/	1970-01-21 06:33:53	Name: UOLID Value: 34292076-5156-4cc7-9866-d09dea64602f\|0
.cservicosonsss.is-a-geek.net/	1970-01-21 07:24:17	Name: _ga_VPCVHFY8FT Value: GS1.1.1720097364.1.0.1720097364.60.0.0
.cservicosonsss.is-a-geek.net/	1970-01-21 07:24:17	Name: _ga Value: GA1.1.1245426083.1720097363
.t.tailtarget.com/	1970-01-20 21:51:10	Name: _ssc Value: y
.t.tailtarget.com/	1970-01-21 06:33:53	Name: u Value: fwAAAWaGmlQX3gZ3EVOnAgB=

Source	Level	URL Text
security	warning	URL: https://cservicosonsss.is-a-geek.net/fatura/E-mail%20UOL_files/anchor.html Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network	error	URL: https://cservicosonsss.is-a-geek.net/static/media/uol-text-lighter.9b9f69f8.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://cservicosonsss.is-a-geek.net/static/media/uol-text-bold.dd0cb7aa.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://cservicosonsss.is-a-geek.net/static/media/uol-text-lighter.c6c518c3.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://cservicosonsss.is-a-geek.net/static/media/uol-text-bold.6dd375e1.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
javascript	error	URL: https://cservicosonsss.is-a-geek.net/fatura/ Message: Access to font at 'https://stc.uol.com/c/webfont/projeto-grafico/uol-font/uol-text-regular.woff' from origin 'https://cservicosonsss.is-a-geek.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://stc.uol.com/c/webfont/projeto-grafico/uol-font/uol-text-regular.woff Message: Failed to load resource: net::ERR_FAILED
security	warning	URL: https://cservicosonsss.is-a-geek.net/fatura/E-mail%20UOL_files/bframe.html Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://cservicosonsss.is-a-geek.net/fatura/E-mail%20UOL_files/recaptcha__pt.js.download(Line 128) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.google.com') does not match the recipient window's origin ('https://cservicosonsss.is-a-geek.net').
javascript	error	URL: https://cservicosonsss.is-a-geek.net/fatura/ Message: Access to font at 'https://stc.uol.com/c/webfont/projeto-grafico/uol-font/uol-text-regular.ttf' from origin 'https://cservicosonsss.is-a-geek.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://stc.uol.com/c/webfont/projeto-grafico/uol-font/uol-text-regular.ttf Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://www.gstatic.com/recaptcha/releases/PdoyIVkd8v16xl_NMp3H0N1Y/recaptcha__pt.js Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://cservicosonsss.is-a-geek.net/fatura/ Message: Refused to execute script from 'https://www.gstatic.com/recaptcha/releases/PdoyIVkd8v16xl_NMp3H0N1Y/recaptcha__pt.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
other	warning	URL: dna.min.js(Line 3) Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
network	error	URL: https://cservicosonsss.is-a-geek.net/static/media/uol-text-regular.f5446b35.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://cservicosonsss.is-a-geek.net/static/media/uol-text-regular.2362c593.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
javascript	error	URL: https://cservicosonsss.is-a-geek.net/fatura/ Message: Access to XMLHttpRequest at 'https://dna.uol.com.br/service/cookie?dnaReferer=https%3A%2F%2Fcservicosonsss.is-a-geek.net%2Ffatura%2F&_=1720097363026' from origin 'https://cservicosonsss.is-a-geek.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://dna.uol.com.br/service/cookie?dnaReferer=https%3A%2F%2Fcservicosonsss.is-a-geek.net%2Ffatura%2F&_=1720097363026 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://cservicosonsss.is-a-geek.net/fatura/ Message: Access to XMLHttpRequest at 'https://dna.uol.com.br/service/etag?dnaReferer=https%3A%2F%2Fcservicosonsss.is-a-geek.net%2Ffatura%2F' from origin 'https://cservicosonsss.is-a-geek.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://dna.uol.com.br/service/etag?dnaReferer=https%3A%2F%2Fcservicosonsss.is-a-geek.net%2Ffatura%2F Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://cservicosonsss.is-a-geek.net/fatura/ Message: Access to XMLHttpRequest at 'https://dna.uol.com.br/service/dpt?dnaReferer=https%3A%2F%2Fcservicosonsss.is-a-geek.net%2Ffatura%2F&_=1720097363027' from origin 'https://cservicosonsss.is-a-geek.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://dna.uol.com.br/service/dpt?dnaReferer=https%3A%2F%2Fcservicosonsss.is-a-geek.net%2Ffatura%2F&_=1720097363027 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://cservicosonsss.is-a-geek.net/fatura/ Message: Access to XMLHttpRequest at 'https://dna.uol.com.br/service/sample?elapsedTime=2224&dnaReferer=https%3A%2F%2Fcservicosonsss.is-a-geek.net%2Ffatura%2F' from origin 'https://cservicosonsss.is-a-geek.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://dna.uol.com.br/service/sample?elapsedTime=2224&dnaReferer=https%3A%2F%2Fcservicosonsss.is-a-geek.net%2Ffatura%2F Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://cservicosonsss.is-a-geek.net/fatura/ Message: Access to XMLHttpRequest at 'https://dna.uol.com.br/service/cookie?dnaReferer=https%3A%2F%2Fcservicosonsss.is-a-geek.net%2Ffatura%2F&_=1720097363028' from origin 'https://cservicosonsss.is-a-geek.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://dna.uol.com.br/service/cookie?dnaReferer=https%3A%2F%2Fcservicosonsss.is-a-geek.net%2Ffatura%2F&_=1720097363028 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://cservicosonsss.is-a-geek.net/fatura/ Message: Access to XMLHttpRequest at 'https://dna.uol.com.br/service/etag?dnaReferer=https%3A%2F%2Fcservicosonsss.is-a-geek.net%2Ffatura%2F' from origin 'https://cservicosonsss.is-a-geek.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://dna.uol.com.br/service/etag?dnaReferer=https%3A%2F%2Fcservicosonsss.is-a-geek.net%2Ffatura%2F Message: Failed to load resource: net::ERR_FAILED

cservicosonsss.is-a-geek.net Open in urlscan Pro 104.234.70.188 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

84 Requests

86 %HTTPS

68 %IPv6

14 Domains

22 Subdomains

20 IPs

5 Countries

932 kBTransfer

3472 kBSize

9 Cookies

6 Outgoing links

Page URL History

Redirected requests

84 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

cservicosonsss.is-a-geek.net Open in urlscan Pro
104.234.70.188 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

84
Requests

86 %
HTTPS

68 %
IPv6

14
Domains

22
Subdomains

20
IPs

5
Countries

932 kB
Transfer

3472 kB
Size

9
Cookies

84 HTTP transactions
3 data transactions