Submitted URL: http://uqr.to/1jin6
Effective URL: http://up-mail.clicketcloud.com/?278016
Submission: On June 03 via automatic, source phishtank — Scanned from DE

Summary

This website contacted 10 IPs in 5 countries across 10 domains to perform 34 HTTP transactions. The main IP is 46.30.203.2, located in Epernon, France and belongs to OWENTIS-AS, FR. The main domain is up-mail.clicketcloud.com.
This is the only time up-mail.clicketcloud.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 13.58.57.95 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 212.127.94.2 15851 (WASK-COM ...)
10 46.30.203.2 39444 (OWENTIS-AS)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
7 2a02:26f0:350... 20940 (AKAMAI-ASN1)
34 10
Apex Domain
Subdomains
Transfer
10 clicketcloud.com
up-mail.clicketcloud.com
473 KB
9 trrsf.com
s1.trrsf.com — Cisco Umbrella Rank: 371937
p1.trrsf.com — Cisco Umbrella Rank: 400871
68 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 49
region1.google-analytics.com — Cisco Umbrella Rank: 1866
21 KB
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 111
413 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 70
124 KB
2 uqr.to
uqr.to — Cisco Umbrella Rank: 341376
2 KB
1 terra.com.br
www.terra.com.br — Cisco Umbrella Rank: 98230
3 KB
1 cloudlets.zone
webb-link-ap.node.cloudlets.zone Failed
470 B
0 google.de Failed
www.google.de Failed
0 google.com Failed
www.google.com Failed
34 10
Domain Requested by
10 up-mail.clicketcloud.com uqr.to
up-mail.clicketcloud.com
8 s1.trrsf.com up-mail.clicketcloud.com
3 www.google-analytics.com www.googletagmanager.com
2 stats.g.doubleclick.net www.google-analytics.com
2 www.googletagmanager.com uqr.to
www.googletagmanager.com
2 uqr.to 1 redirects
1 p1.trrsf.com up-mail.clicketcloud.com
1 www.terra.com.br up-mail.clicketcloud.com
1 webb-link-ap.node.cloudlets.zone uqr.to
1 region1.google-analytics.com www.googletagmanager.com
0 www.google.de Failed
0 www.google.com Failed
34 12

This site contains no links.

Subject Issuer Validity Valid
uqr.to
R3
2023-05-28 -
2023-08-26
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-05-19 -
2023-08-11
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-05-19 -
2023-08-11
3 months crt.sh
terra.com.br
DigiCert TLS RSA SHA256 2020 CA1
2022-11-17 -
2023-11-17
a year crt.sh

This page contains 2 frames:

Primary Page: http://up-mail.clicketcloud.com/?278016
Frame ID: 1A58C00810EF927CE7409F9A8D4F33EE
Requests: 28 HTTP requests in this frame

Frame: http://up-mail.clicketcloud.com/index_files/normal_2.html
Frame ID: 6D8690900D14267C38004B6138548E68
Requests: 6 HTTP requests in this frame

Screenshot

Page Title

Terra Mail

Page URL History Show full URLs

  1. http://uqr.to/1jin6 HTTP 301
    https://uqr.to/1jin6 Page URL
  2. https://webb-link-ap.node.cloudlets.zone/inf.php HTTP 302
    http://up-mail.clicketcloud.com/?278016 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

34
Requests

32 %
HTTPS

70 %
IPv6

10
Domains

12
Subdomains

10
IPs

5
Countries

691 kB
Transfer

1174 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://uqr.to/1jin6 HTTP 301
    https://uqr.to/1jin6 Page URL
  2. https://webb-link-ap.node.cloudlets.zone/inf.php HTTP 302
    http://up-mail.clicketcloud.com/?278016 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://uqr.to/1jin6 HTTP 301
  • https://uqr.to/1jin6

34 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
1jin6
uqr.to/
Redirect Chain
  • http://uqr.to/1jin6
  • https://uqr.to/1jin6
2 KB
2 KB
Document
General
Full URL
https://uqr.to/1jin6
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.58.57.95 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-58-57-95.us-east-2.compute.amazonaws.com
Software
Apache /
Resource Hash
a579f472163ee6dd5e1e2ba59388b9d1afb19283ff1ee9c41356d985dd09d435
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, private, max-age=2592000
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
809
Content-Security-Policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
Content-Type
text/html; charset=UTF-8
Date
Sat, 03 Jun 2023 21:50:53 GMT
Expires
Mon, 03 Jul 2023 21:50:53 GMT
Keep-Alive
timeout=5, max=500
Permissions-Policy
geolocation=self
Referrer-Policy
strict-origin
Server
Apache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Robots-Tag
noindex, nofollow
X-XSS-Protection
1; mode=block

Redirect headers

Connection
Keep-Alive
Content-Length
228
Content-Type
text/html; charset=iso-8859-1
Date
Sat, 03 Jun 2023 21:50:52 GMT
Keep-Alive
timeout=5, max=500
Location
https://uqr.to/1jin6
Permissions-Policy
geolocation=self
Referrer-Policy
strict-origin
Server
Apache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
gtm.js
www.googletagmanager.com/
133 KB
50 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NSZ7GSJ&l=uqtdl
Requested by
Host: uqr.to
URL: https://uqr.to/1jin6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3f4d2730874a002870d579a00b961e2eb1be10869fcaa3f8c26bceaa97d9da1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uqr.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 21:50:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50995
x-xss-protection
0
last-modified
Sat, 03 Jun 2023 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 03 Jun 2023 21:50:53 GMT
analytics.js
www.google-analytics.com/
51 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NSZ7GSJ&l=uqtdl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uqr.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 03 Jun 2023 21:04:48 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
2765
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Sat, 03 Jun 2023 23:04:48 GMT
js
www.googletagmanager.com/gtag/
205 KB
74 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-0DWYM481N5&l=uqtdl&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NSZ7GSJ&l=uqtdl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
03065369b591168cdaea0fc4ad604fe29b6e83d0ca24c5759f19446df5272560
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uqr.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 21:50:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
75316
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 03 Jun 2023 21:50:53 GMT
collect
region1.google-analytics.com/g/
0
248 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-0DWYM481N5&gtm=45je35v0&_p=1816720878&cid=1265385389.1685829054&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1685829053&sct=1&seg=0&dl=https%3A%2F%2Fuqr.to%2F1jin6&dt=QR%20code%2014&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0DWYM481N5&l=uqtdl&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uqr.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Jun 2023 21:50:53 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://uqr.to
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
inf.php
webb-link-ap.node.cloudlets.zone/
0
0

collect
stats.g.doubleclick.net/j/
4 B
343 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-18982026-1&cid=1265385389.1685829054&jid=194694850&gjid=974179694&_gid=101924047.1685829054&_u=YCDAgEABAAAAAEAAI~&z=109539438
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://uqr.to/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 03 Jun 2023 21:50:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://uqr.to
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
70 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-18982026-3&cid=1265385389.1685829054&jid=2084566076&gjid=882550105&_gid=101924047.1685829054&_u=YCDAgEABAAAAAEAAI~&z=1118758676
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://uqr.to/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 03 Jun 2023 21:50:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://uqr.to
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
194 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=1816720878&t=pageview&_s=1&dl=https%3A%2F%2Fuqr.to%2F1jin6&ul=en-us&de=UTF-8&dt=QR%20code%2014&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEABAAAAAAAAI~&jid=194694850&gjid=974179694&cid=1265385389.1685829054&tid=UA-18982026-1&_gid=101924047.1685829054&gtm=45He35v0n81NSZ7GSJ&cd1=1&cd2=1028507&z=1437585511
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uqr.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Jun 2023 00:55:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
75310
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
91 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=1816720878&t=pageview&_s=1&dl=https%3A%2F%2Fuqr.to%2F1jin6&ul=en-us&de=UTF-8&dt=QR%20code%2014&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEABAAAAAEAAI~&jid=2084566076&gjid=882550105&cid=1265385389.1685829054&tid=UA-18982026-3&_gid=101924047.1685829054&gtm=45He35v0n81NSZ7GSJ&cd1=1028507&cd2=%20-%20test&z=1867432396
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uqr.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Jun 2023 00:55:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
75310
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
Primary Request /
up-mail.clicketcloud.com/
Redirect Chain
  • https://webb-link-ap.node.cloudlets.zone/inf.php
  • http://up-mail.clicketcloud.com/?278016
176 KB
25 KB
Document
General
Full URL
http://up-mail.clicketcloud.com/?278016
Requested by
Host: uqr.to
URL: https://uqr.to/1jin6
Protocol
HTTP/1.1
Server
46.30.203.2 Epernon, France, ASN39444 (OWENTIS-AS, FR),
Reverse DNS
ns1.clicketcloud.com
Software
openresty /
Resource Hash
f047d1f77bd359ce127ff16d4b9060fd692b7870ac1f77dc6b430d364bd53593
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Length
24592
Content-Type
text/html; charset=UTF-8
Cross-Origin-Embedder-Policy
unsafe-none
Cross-Origin-Opener-Policy
same-origin-allow-popups
Cross-Origin-Resource-Policy
same-origin
Date
Sat, 03 Jun 2023 21:50:53 GMT
Permissions-Policy
geolocation=(self), payment=(self)
Referrer-Policy
strict-origin-when-cross-origin
Server
openresty
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-Resolver-IP
46.30.203.2 46.30.203.2
X-XSS-Protection
1; mode=block;

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-origin
date
Sat, 03 Jun 2023 21:50:53 GMT
location
http://up-mail.clicketcloud.com/?278016
permissions-policy
geolocation=(self), payment=(self)
referrer-policy
strict-origin-when-cross-origin
server
openresty
strict-transport-security
max-age=15811200
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-resolver-ip
212.127.94.2
x-xss-protection
1; mode=block;
ga-audiences
www.google.com/ads/
0
0

ga-audiences
www.google.de/ads/
0
0

ga-audiences
www.google.com/ads/
0
0

ga-audiences
www.google.de/ads/
0
0

core.css
up-mail.clicketcloud.com/index_files/
24 KB
6 KB
Stylesheet
General
Full URL
http://up-mail.clicketcloud.com/index_files/core.css
Requested by
Host: up-mail.clicketcloud.com
URL: http://up-mail.clicketcloud.com/?278016
Protocol
HTTP/1.1
Server
46.30.203.2 Epernon, France, ASN39444 (OWENTIS-AS, FR),
Reverse DNS
ns1.clicketcloud.com
Software
openresty /
Resource Hash
c50dab21cc8d77be54e50ac80c4449c32fcbaab32ca8e0bfbde67b366fd733b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://up-mail.clicketcloud.com/?278016
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Sat, 03 Jun 2023 21:50:53 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Cross-Origin-Embedder-Policy
unsafe-none
Cross-Origin-Resource-Policy
same-origin
Connection
keep-alive
Content-Length
5624
X-XSS-Protection
1; mode=block;
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Mon, 22 May 2023 10:53:36 GMT
Server
openresty
Cross-Origin-Opener-Policy
same-origin-allow-popups
ETag
"60de-5fc461521cc00-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/css
Permissions-Policy
geolocation=(self), payment=(self)
Accept-Ranges
bytes
X-Resolver-IP
46.30.203.2, 46.30.203.2
context2.css
up-mail.clicketcloud.com/index_files/
24 KB
7 KB
Stylesheet
General
Full URL
http://up-mail.clicketcloud.com/index_files/context2.css
Requested by
Host: up-mail.clicketcloud.com
URL: http://up-mail.clicketcloud.com/?278016
Protocol
HTTP/1.1
Server
46.30.203.2 Epernon, France, ASN39444 (OWENTIS-AS, FR),
Reverse DNS
ns1.clicketcloud.com
Software
openresty /
Resource Hash
a342613ee0097818cb1d7195811b84cce65d38b9b30850c844ce61f06935d8c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://up-mail.clicketcloud.com/?278016
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Sat, 03 Jun 2023 21:50:53 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Cross-Origin-Embedder-Policy
unsafe-none
Cross-Origin-Resource-Policy
same-origin
Connection
keep-alive
Content-Length
5966
X-XSS-Protection
1; mode=block;
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Mon, 22 May 2023 10:53:36 GMT
Server
openresty
Cross-Origin-Opener-Policy
same-origin-allow-popups
ETag
"60d0-5fc461521cc00-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/css
Permissions-Policy
geolocation=(self), payment=(self)
Accept-Ranges
bytes
X-Resolver-IP
46.30.203.2, 46.30.203.2
navbar.css
up-mail.clicketcloud.com/index_files/
67 KB
11 KB
Stylesheet
General
Full URL
http://up-mail.clicketcloud.com/index_files/navbar.css
Requested by
Host: up-mail.clicketcloud.com
URL: http://up-mail.clicketcloud.com/?278016
Protocol
HTTP/1.1
Server
46.30.203.2 Epernon, France, ASN39444 (OWENTIS-AS, FR),
Reverse DNS
ns1.clicketcloud.com
Software
openresty /
Resource Hash
5c5a9efd1aaf8622dba343cc8a028336cddb7fed5c8ec2b4c6df1b918006f333
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://up-mail.clicketcloud.com/?278016
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Sat, 03 Jun 2023 21:50:53 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Cross-Origin-Embedder-Policy
unsafe-none
Cross-Origin-Resource-Policy
same-origin
Connection
keep-alive
Content-Length
10720
X-XSS-Protection
1; mode=block;
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Mon, 22 May 2023 10:53:36 GMT
Server
openresty
Cross-Origin-Opener-Policy
same-origin-allow-popups
ETag
"10ccd-5fc461521cc00-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/css
Permissions-Policy
geolocation=(self), payment=(self)
Accept-Ranges
bytes
X-Resolver-IP
46.30.203.2, 46.30.203.2
normal_2.html
up-mail.clicketcloud.com/index_files/ Frame 6D86
3 KB
2 KB
Document
General
Full URL
http://up-mail.clicketcloud.com/index_files/normal_2.html
Requested by
Host: up-mail.clicketcloud.com
URL: http://up-mail.clicketcloud.com/?278016
Protocol
HTTP/1.1
Server
46.30.203.2 Epernon, France, ASN39444 (OWENTIS-AS, FR),
Reverse DNS
ns1.clicketcloud.com
Software
openresty /
Resource Hash
6c4ca36b34f5e1bbdde779c9fa7ea66c7ddbb5873b83f73f55b4df0e0f59e96c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

Referer
http://up-mail.clicketcloud.com/?278016
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
848
Content-Type
text/html; charset=UTF-8
Cross-Origin-Embedder-Policy
unsafe-none
Cross-Origin-Opener-Policy
same-origin-allow-popups
Cross-Origin-Resource-Policy
same-origin
Date
Sat, 03 Jun 2023 21:50:53 GMT
ETag
"c51-5fc4744668400-gzip"
Last-Modified
Mon, 22 May 2023 12:18:24 GMT
Permissions-Policy
geolocation=(self), payment=(self)
Referrer-Policy
strict-origin-when-cross-origin
Server
openresty
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-Resolver-IP
46.30.203.2 46.30.203.2
X-XSS-Protection
1; mode=block;
618x226-E-mail-Gigante.jpg
up-mail.clicketcloud.com/index_files/ Frame 6D86
100 KB
100 KB
Image
General
Full URL
http://up-mail.clicketcloud.com/index_files/618x226-E-mail-Gigante.jpg
Requested by
Host: up-mail.clicketcloud.com
URL: http://up-mail.clicketcloud.com/index_files/normal_2.html
Protocol
HTTP/1.1
Server
46.30.203.2 Epernon, France, ASN39444 (OWENTIS-AS, FR),
Reverse DNS
ns1.clicketcloud.com
Software
openresty /
Resource Hash
dd8f593e202f80b15b06b224ce8793dcd0cd40a290892ef9a4a6006d58a0bb38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://up-mail.clicketcloud.com/index_files/normal_2.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Sat, 03 Jun 2023 21:50:53 GMT
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Cross-Origin-Embedder-Policy
unsafe-none
Cross-Origin-Resource-Policy
same-origin
Connection
keep-alive
Content-Length
102128
X-XSS-Protection
1; mode=block;
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Mon, 22 May 2023 10:53:32 GMT
Server
openresty
Cross-Origin-Opener-Policy
same-origin-allow-popups
ETag
"18ef0-5fc4614e4c300"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Permissions-Policy
geolocation=(self), payment=(self)
Accept-Ranges
bytes
X-Resolver-IP
46.30.203.2, 46.30.203.2
DS668_Pecas_Online_Interno_BN_618x226_B_V0_VP.jpg
up-mail.clicketcloud.com/index_files/ Frame 6D86
72 KB
73 KB
Image
General
Full URL
http://up-mail.clicketcloud.com/index_files/DS668_Pecas_Online_Interno_BN_618x226_B_V0_VP.jpg
Requested by
Host: up-mail.clicketcloud.com
URL: http://up-mail.clicketcloud.com/index_files/normal_2.html
Protocol
HTTP/1.1
Server
46.30.203.2 Epernon, France, ASN39444 (OWENTIS-AS, FR),
Reverse DNS
ns1.clicketcloud.com
Software
openresty /
Resource Hash
faa81bbe4fed04fbb1d13c3de548e096ad4597f004bdfb0b490e83a80877321b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://up-mail.clicketcloud.com/index_files/normal_2.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Sat, 03 Jun 2023 21:50:53 GMT
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Cross-Origin-Embedder-Policy
unsafe-none
Cross-Origin-Resource-Policy
same-origin
Connection
keep-alive
Content-Length
74169
X-XSS-Protection
1; mode=block;
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Mon, 22 May 2023 10:53:34 GMT
Server
openresty
Cross-Origin-Opener-Policy
same-origin-allow-popups
ETag
"121b9-5fc4615034780"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Permissions-Policy
geolocation=(self), payment=(self)
Accept-Ranges
bytes
X-Resolver-IP
46.30.203.2, 46.30.203.2
DS749_Banner_Online_CURSOS_BN-618x226_v0_HL_new.jpg
up-mail.clicketcloud.com/index_files/ Frame 6D86
53 KB
53 KB
Image
General
Full URL
http://up-mail.clicketcloud.com/index_files/DS749_Banner_Online_CURSOS_BN-618x226_v0_HL_new.jpg
Requested by
Host: up-mail.clicketcloud.com
URL: http://up-mail.clicketcloud.com/index_files/normal_2.html
Protocol
HTTP/1.1
Server
46.30.203.2 Epernon, France, ASN39444 (OWENTIS-AS, FR),
Reverse DNS
ns1.clicketcloud.com
Software
openresty /
Resource Hash
c3ef10afe36e1b37a78c10ec71f1367094711470f38210a44bb9bb64a9333334
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://up-mail.clicketcloud.com/index_files/normal_2.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Sat, 03 Jun 2023 21:50:53 GMT
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Cross-Origin-Embedder-Policy
unsafe-none
Cross-Origin-Resource-Policy
same-origin
Connection
keep-alive
Content-Length
53804
X-XSS-Protection
1; mode=block;
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Mon, 22 May 2023 10:53:34 GMT
Server
openresty
Cross-Origin-Opener-Policy
same-origin-allow-popups
ETag
"d22c-5fc4615034780"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Permissions-Policy
geolocation=(self), payment=(self)
Accept-Ranges
bytes
X-Resolver-IP
46.30.203.2, 46.30.203.2
TER_601_Campanha_Loja_BN_618x226_V0_VP.jpg
up-mail.clicketcloud.com/index_files/ Frame 6D86
72 KB
73 KB
Image
General
Full URL
http://up-mail.clicketcloud.com/index_files/TER_601_Campanha_Loja_BN_618x226_V0_VP.jpg
Requested by
Host: up-mail.clicketcloud.com
URL: http://up-mail.clicketcloud.com/index_files/normal_2.html
Protocol
HTTP/1.1
Server
46.30.203.2 Epernon, France, ASN39444 (OWENTIS-AS, FR),
Reverse DNS
ns1.clicketcloud.com
Software
openresty /
Resource Hash
d386885215fb12d5b2b1d3f07a4691b5654476eae9fdb4ce2a29bba7d28d5462
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://up-mail.clicketcloud.com/index_files/normal_2.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Sat, 03 Jun 2023 21:50:53 GMT
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Cross-Origin-Embedder-Policy
unsafe-none
Cross-Origin-Resource-Policy
same-origin
Connection
keep-alive
Content-Length
74125
X-XSS-Protection
1; mode=block;
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Mon, 22 May 2023 10:53:34 GMT
Server
openresty
Cross-Origin-Opener-Policy
same-origin-allow-popups
ETag
"1218d-5fc4615034780"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Permissions-Policy
geolocation=(self), payment=(self)
Accept-Ranges
bytes
X-Resolver-IP
46.30.203.2, 46.30.203.2
DS749_Banner_Online_CONSTRUTOR_BN-618x226_v0_HL.jpg
up-mail.clicketcloud.com/index_files/ Frame 6D86
122 KB
123 KB
Image
General
Full URL
http://up-mail.clicketcloud.com/index_files/DS749_Banner_Online_CONSTRUTOR_BN-618x226_v0_HL.jpg
Requested by
Host: up-mail.clicketcloud.com
URL: http://up-mail.clicketcloud.com/index_files/normal_2.html
Protocol
HTTP/1.1
Server
46.30.203.2 Epernon, France, ASN39444 (OWENTIS-AS, FR),
Reverse DNS
ns1.clicketcloud.com
Software
openresty /
Resource Hash
7c77a879c840d5056487ab9ee5ca13cc1c8aae2593f0a99674a4f12cce7890b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://up-mail.clicketcloud.com/index_files/normal_2.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Sat, 03 Jun 2023 21:50:53 GMT
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Cross-Origin-Embedder-Policy
unsafe-none
Cross-Origin-Resource-Policy
same-origin
Connection
keep-alive
Content-Length
125225
X-XSS-Protection
1; mode=block;
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Mon, 22 May 2023 10:53:34 GMT
Server
openresty
Cross-Origin-Opener-Policy
same-origin-allow-popups
ETag
"1e929-5fc4615034780"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Permissions-Policy
geolocation=(self), payment=(self)
Accept-Ranges
bytes
X-Resolver-IP
46.30.203.2, 46.30.203.2
menu-white.svg
s1.trrsf.com/update-1684436071/fe/zaz-mod-icons/svg/essential/
471 B
567 B
Image
General
Full URL
https://s1.trrsf.com/update-1684436071/fe/zaz-mod-icons/svg/essential/menu-white.svg
Requested by
Host: up-mail.clicketcloud.com
URL: http://up-mail.clicketcloud.com/?278016
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:3::b818:4d08 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
abdfabd3bdc79d4892487c7a172e6081a2c240c50aa908799dea10f28eb7e428

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://up-mail.clicketcloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 21:50:54 GMT
content-encoding
gzip
last-modified
Tue, 24 Jan 2023 18:51:48 GMT
server
cloudflare-nginx
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
x-cdnterra-cache-status
HIT
cache-control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
232
terra-horizontal-branco.svg
www.terra.com.br/globalSTATIC/fe/zaz-mod-t360-icons/svg/logos/
6 KB
3 KB
Image
General
Full URL
https://www.terra.com.br/globalSTATIC/fe/zaz-mod-t360-icons/svg/logos/terra-horizontal-branco.svg
Requested by
Host: up-mail.clicketcloud.com
URL: http://up-mail.clicketcloud.com/?278016
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:e::210:f104 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
044ebbd0a887ffce575bef7a00aa81536aea2d1f8cfa7894c1618f6101067e72
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://up-mail.clicketcloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-mt-cache
HIT
strict-transport-security
max-age=15552000
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 03 Jun 2023 21:50:54 GMT
x-cdnterra-cache-status
STALE
content-length
2774
last-modified
Tue, 24 Jan 2023 18:51:52 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
content-type, x-cache
cache-control
max-age=3600, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Content-Type
ttl-general.gif
s1.trrsf.com/terramail/capa/terra/_img/
5 KB
5 KB
Image
General
Full URL
http://s1.trrsf.com/terramail/capa/terra/_img/ttl-general.gif
Requested by
Host: up-mail.clicketcloud.com
URL: http://up-mail.clicketcloud.com/index_files/context2.css
Protocol
HTTP/1.1
Server
2a02:26f0:3500:3::b818:4d13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
cce5b207bafcac198b067c60c7899be700fc0780fa46b7d75773d0f360a45e9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://up-mail.clicketcloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Sat, 03 Jun 2023 21:50:54 GMT
Last-Modified
Fri, 06 Aug 2010 18:13:55 GMT
Server
cloudflare-nginx
X-CDNTerra-Cache-Status
MISS
Content-Type
image/gif
Cache-Control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000
Connection
keep-alive
Accept-Ranges
bytes
Server-Timing
ak_p; desc="1685829054137_389467923_468099766_13_774_5_0_-";dur=1
Content-Length
4952
klavika
p1.trrsf.com/image/
2 KB
2 KB
Image
General
Full URL
http://p1.trrsf.com/image/klavika?c=sh&t=acesse%20seu%20terra%20mail
Requested by
Host: up-mail.clicketcloud.com
URL: http://up-mail.clicketcloud.com/index_files/context2.css
Protocol
HTTP/1.1
Server
2a02:26f0:3500:3::b818:4d08 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
5b55292cb19be85439b763dd346ac0e0304ea5f90f244660e554d9384c50bda3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://up-mail.clicketcloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Sat, 03 Jun 2023 21:50:54 GMT
Last-Modified
Wed, 31 May 2023 12:01:20 GMT
Server
cloudflare-nginx
Vary
Accept
X-CDNTerra-Cache-Status
HIT
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
2126
Expires
Tue, 31 May 2033 12:01:20 GMT
btn-terramail_v2.gif
s1.trrsf.com/terramail/capa/terra/_img/
5 KB
5 KB
Image
General
Full URL
http://s1.trrsf.com/terramail/capa/terra/_img/btn-terramail_v2.gif
Requested by
Host: up-mail.clicketcloud.com
URL: http://up-mail.clicketcloud.com/index_files/context2.css
Protocol
HTTP/1.1
Server
2a02:26f0:3500:3::b818:4d13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
57425ffa63cfde72a41bfccb7102329aa38d2702abc780e494dc07e87e902a9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://up-mail.clicketcloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Sat, 03 Jun 2023 21:50:54 GMT
Last-Modified
Fri, 06 Aug 2010 18:13:55 GMT
Server
cloudflare-nginx
X-CDNTerra-Cache-Status
MISS
Content-Type
image/gif
Cache-Control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000
Connection
keep-alive
Accept-Ranges
bytes
Server-Timing
ak_p; desc="1685829054137_389467923_468099767_15_763_5_0_-";dur=1
Content-Length
4958
ico-general.png
s1.trrsf.com/atm/3/core/_img/
8 KB
8 KB
Image
General
Full URL
http://s1.trrsf.com/atm/3/core/_img/ico-general.png
Requested by
Host: up-mail.clicketcloud.com
URL: http://up-mail.clicketcloud.com/index_files/context2.css
Protocol
HTTP/1.1
Server
2a02:26f0:3500:3::b818:4d13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
bc03d253ae8bd556dae288f329158a063063e30afa0e8ea7ea13edec2063dd76

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://up-mail.clicketcloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Sat, 03 Jun 2023 21:50:54 GMT
Last-Modified
Tue, 24 Jan 2023 18:50:45 GMT
Server
cloudflare-nginx
X-CDNTerra-Cache-Status
HIT
Content-Type
image/png
Cache-Control
max-age=3600, stale-while-revalidate=3600, stale-if-error=864000
Connection
keep-alive
Accept-Ranges
bytes
Server-Timing
ak_p; desc="1685829054137_389467923_468099770_13_558_6_0_-";dur=1
Content-Length
8240
txt-armazenamento-msg.jpg
s1.trrsf.com/terramail/capa/terra/_img/
5 KB
5 KB
Image
General
Full URL
http://s1.trrsf.com/terramail/capa/terra/_img/txt-armazenamento-msg.jpg
Requested by
Host: up-mail.clicketcloud.com
URL: http://up-mail.clicketcloud.com/index_files/context2.css
Protocol
HTTP/1.1
Server
2a02:26f0:3500:3::b818:4d13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
e5d85771b1d7819b5173f95fa79262187bfd076ffb273be015e774c747d4e112

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://up-mail.clicketcloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Sat, 03 Jun 2023 21:50:54 GMT
Last-Modified
Fri, 06 Aug 2010 18:13:55 GMT
Server
cloudflare-nginx
X-CDNTerra-Cache-Status
MISS
Content-Type
image/jpeg
Cache-Control
max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000
Connection
keep-alive
Accept-Ranges
bytes
Server-Timing
ak_p; desc="1685829054137_389467923_468099772_10_612_6_0_-";dur=1
Content-Length
5112
opensans-semibold-webfont.woff2
s1.trrsf.com/fe/zaz-morph/fonts/opensans/semibold/
10 KB
11 KB
Font
General
Full URL
http://s1.trrsf.com/fe/zaz-morph/fonts/opensans/semibold/opensans-semibold-webfont.woff2
Requested by
Host: up-mail.clicketcloud.com
URL: http://up-mail.clicketcloud.com/?278016
Protocol
HTTP/1.1
Server
2a02:26f0:3500:3::b818:4d13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
83113ce831f3f1ec8841232d895e17f722444b1939f5230891f7ff17a7c53618

Request headers

Referer
http://up-mail.clicketcloud.com/
Origin
http://up-mail.clicketcloud.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Sat, 03 Jun 2023 21:50:54 GMT
Last-Modified
Tue, 24 Jan 2023 18:51:56 GMT
Server
cloudflare-nginx
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
X-CDNTerra-Cache-Status
HIT
Cache-Control
max-age=31540000, stale-while-revalidate=3600, stale-if-error=864000
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
Content-Type
Content-Length
10404
Server-Timing
ak_p; desc="1685829054137_389467923_468099768_222_723_5_0_-";dur=1
opensans-regular.woff2
s1.trrsf.com/fe/zaz-morph/fonts/opensans/
18 KB
19 KB
Font
General
Full URL
http://s1.trrsf.com/fe/zaz-morph/fonts/opensans/opensans-regular.woff2
Requested by
Host: up-mail.clicketcloud.com
URL: http://up-mail.clicketcloud.com/?278016
Protocol
HTTP/1.1
Server
2a02:26f0:3500:3::b818:4d13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
513a6866e48ea8e16265464bf3f99aea0289c53007b57221dfd0dd5e64cb6985

Request headers

Referer
http://up-mail.clicketcloud.com/
Origin
http://up-mail.clicketcloud.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Sat, 03 Jun 2023 21:50:54 GMT
Last-Modified
Fri, 15 Oct 2021 15:07:21 GMT
Server
cloudflare-nginx
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
X-CDNTerra-Cache-Status
MISS
Cache-Control
max-age=31540000, stale-while-revalidate=3600, stale-if-error=864000
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
Content-Type
Content-Length
18708
Server-Timing
ak_p; desc="1685829054137_389467923_468099771_244_687_6_0_-";dur=1
opensans-bold-webfont.woff2
s1.trrsf.com/fe/zaz-morph/fonts/opensans/bold/
10 KB
11 KB
Font
General
Full URL
http://s1.trrsf.com/fe/zaz-morph/fonts/opensans/bold/opensans-bold-webfont.woff2
Requested by
Host: up-mail.clicketcloud.com
URL: http://up-mail.clicketcloud.com/?278016
Protocol
HTTP/1.1
Server
2a02:26f0:3500:3::b818:4d13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
7a223174668e40dccd38462d34304503b75e31e700bff92b7e9e8fdda3274670

Request headers

Referer
http://up-mail.clicketcloud.com/
Origin
http://up-mail.clicketcloud.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Sat, 03 Jun 2023 21:50:54 GMT
Last-Modified
Fri, 15 Oct 2021 15:07:20 GMT
Server
cloudflare-nginx
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
X-CDNTerra-Cache-Status
HIT
Cache-Control
max-age=31540000, stale-while-revalidate=3600, stale-if-error=864000
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
Content-Type
Content-Length
10304
Server-Timing
ak_p; desc="1685829054138_389467923_468099775_174_642_6_0_-";dur=1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
webb-link-ap.node.cloudlets.zone
URL
https://webb-link-ap.node.cloudlets.zone/inf.php
Domain
www.google.com
URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-18982026-1&cid=1265385389.1685829054&jid=194694850&_u=YCDAgEABAAAAAEAAI~&z=1680986289
Domain
www.google.de
URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-18982026-1&cid=1265385389.1685829054&jid=194694850&_u=YCDAgEABAAAAAEAAI~&z=1680986289
Domain
www.google.com
URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-18982026-3&cid=1265385389.1685829054&jid=2084566076&_u=YCDAgEABAAAAAEAAI~&z=552274861
Domain
www.google.de
URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-18982026-3&cid=1265385389.1685829054&jid=2084566076&_u=YCDAgEABAAAAAEAAI~&z=552274861

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend

9 Cookies

Domain/Path Name / Value
uqr.to/ Name: stat_session2590242
Value: 8c016f81-2f0c-43ca-81b1-ca7b9d54494c
uqr.to/ Name: device_view
Value: full
.uqr.to/ Name: _ga_0DWYM481N5
Value: GS1.1.1685829053.1.0.1685829053.0.0.0
.uqr.to/ Name: _ga
Value: GA1.2.1265385389.1685829054
.uqr.to/ Name: _gid
Value: GA1.2.101924047.1685829054
.uqr.to/ Name: _dc_gtm_UA-18982026-1
Value: 1
.uqr.to/ Name: _dc_gtm_UA-18982026-3
Value: 1
webb-link-ap.node.cloudlets.zone/ Name: SRVGROUP
Value: common
up-mail.clicketcloud.com/ Name: SRVGROUP
Value: common

2 Console Messages

Source Level URL
Text
other error URL: http://up-mail.clicketcloud.com/?278016
Message:
The Cross-Origin-Opener-Policy header has been ignored, because the URL's origin was untrustworthy. It was defined either in the final response or a redirect. Please deliver the response using the HTTPS protocol. You can also use the 'localhost' origin instead. See https://www.w3.org/TR/powerful-features/#potentially-trustworthy-origin and https://html.spec.whatwg.org/#the-cross-origin-opener-policy-header.
other error URL: http://up-mail.clicketcloud.com/index_files/normal_2.html
Message:
The Cross-Origin-Opener-Policy header has been ignored, because the URL's origin was untrustworthy. It was defined either in the final response or a redirect. Please deliver the response using the HTTPS protocol. You can also use the 'localhost' origin instead. See https://www.w3.org/TR/powerful-features/#potentially-trustworthy-origin and https://html.spec.whatwg.org/#the-cross-origin-opener-policy-header.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

p1.trrsf.com
region1.google-analytics.com
s1.trrsf.com
stats.g.doubleclick.net
up-mail.clicketcloud.com
uqr.to
webb-link-ap.node.cloudlets.zone
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.terra.com.br
webb-link-ap.node.cloudlets.zone
www.google.com
www.google.de
13.58.57.95
2001:4860:4802:32::36
212.127.94.2
2a00:1450:4001:803::2008
2a00:1450:4001:82a::200e
2a00:1450:400c:c0b::9d
2a02:26f0:3500:3::b818:4d08
2a02:26f0:3500:3::b818:4d13
2a02:26f0:480:e::210:f104
46.30.203.2
03065369b591168cdaea0fc4ad604fe29b6e83d0ca24c5759f19446df5272560
044ebbd0a887ffce575bef7a00aa81536aea2d1f8cfa7894c1618f6101067e72
3f4d2730874a002870d579a00b961e2eb1be10869fcaa3f8c26bceaa97d9da1e
513a6866e48ea8e16265464bf3f99aea0289c53007b57221dfd0dd5e64cb6985
57425ffa63cfde72a41bfccb7102329aa38d2702abc780e494dc07e87e902a9e
5b55292cb19be85439b763dd346ac0e0304ea5f90f244660e554d9384c50bda3
5c5a9efd1aaf8622dba343cc8a028336cddb7fed5c8ec2b4c6df1b918006f333
6c4ca36b34f5e1bbdde779c9fa7ea66c7ddbb5873b83f73f55b4df0e0f59e96c
7a223174668e40dccd38462d34304503b75e31e700bff92b7e9e8fdda3274670
7c77a879c840d5056487ab9ee5ca13cc1c8aae2593f0a99674a4f12cce7890b9
83113ce831f3f1ec8841232d895e17f722444b1939f5230891f7ff17a7c53618
a342613ee0097818cb1d7195811b84cce65d38b9b30850c844ce61f06935d8c5
a579f472163ee6dd5e1e2ba59388b9d1afb19283ff1ee9c41356d985dd09d435
abdfabd3bdc79d4892487c7a172e6081a2c240c50aa908799dea10f28eb7e428
bc03d253ae8bd556dae288f329158a063063e30afa0e8ea7ea13edec2063dd76
c3ef10afe36e1b37a78c10ec71f1367094711470f38210a44bb9bb64a9333334
c50dab21cc8d77be54e50ac80c4449c32fcbaab32ca8e0bfbde67b366fd733b4
cce5b207bafcac198b067c60c7899be700fc0780fa46b7d75773d0f360a45e9e
d386885215fb12d5b2b1d3f07a4691b5654476eae9fdb4ce2a29bba7d28d5462
dd8f593e202f80b15b06b224ce8793dcd0cd40a290892ef9a4a6006d58a0bb38
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5d85771b1d7819b5173f95fa79262187bfd076ffb273be015e774c747d4e112
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
f047d1f77bd359ce127ff16d4b9060fd692b7870ac1f77dc6b430d364bd53593
faa81bbe4fed04fbb1d13c3de548e096ad4597f004bdfb0b490e83a80877321b