suevenlojcltda.jelastic.dogado.eu Open in urlscan Pro
185.80.93.249  Malicious Activity! Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://suevenlojcltda.jelastic.dogado.eu/ Page URL
2. http://suevenlojcltda.jelastic.dogado.eu/acesso/ Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ suevenlojcltda.jelastic.dogado.eu/	77 B 738 B	73ms 31ms	Document text/html	185.80.93.249 PROVIDERBOX IPv4 ...
General Check archive.org Show headers Download Go to Full URL http://suevenlojcltda.jelastic.dogado.eu/ Protocol HTTP/1.1 Server 185.80.93.249 , Germany, ASN45031 (PROVIDERBOX IPv4 & IPv6 DUS1, DE), Reverse DNS Software openresty / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block; Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Length 89 Content-Type text/html; charset=UTF-8 Cross-Origin-Embedder-Policy unsafe-none Cross-Origin-Opener-Policy same-origin-allow-popups Cross-Origin-Resource-Policy same-origin Date Mon, 20 Jun 2022 14:17:48 GMT Permissions-Policy geolocation=(self), payment=(self) Referrer-Policy strict-origin-when-cross-origin Server openresty Vary Accept-Encoding X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Permitted-Cross-Domain-Policies none X-Resolver-IP 185.80.93.249 185.80.93.249 X-XSS-Protection 1; mode=block;
GET H/1.1	200 OK	Primary Request / Show response suevenlojcltda.jelastic.dogado.eu/acesso/	9 KB 4 KB	29ms 29ms	Document text/html	185.80.93.249 PROVIDERBOX IPv4 ...
General Check archive.org Show headers Download Go to Full URL http://suevenlojcltda.jelastic.dogado.eu/acesso/ Requested by Host: suevenlojcltda.jelastic.dogado.eu URL: http://suevenlojcltda.jelastic.dogado.eu/ Protocol HTTP/1.1 Server 185.80.93.249 , Germany, ASN45031 (PROVIDERBOX IPv4 & IPv6 DUS1, DE), Reverse DNS Software openresty / Resource Hash 0169058a03013a9c3718d7549f34b998db5baa46f7fe415137cc893d3b1005b9 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block; Request headers Referer http://suevenlojcltda.jelastic.dogado.eu/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Length 3098 Content-Type text/html; charset=UTF-8 Cross-Origin-Embedder-Policy unsafe-none Cross-Origin-Opener-Policy same-origin-allow-popups Cross-Origin-Resource-Policy same-origin Date Mon, 20 Jun 2022 14:17:48 GMT Permissions-Policy geolocation=(self), payment=(self) Referrer-Policy strict-origin-when-cross-origin Server openresty Vary Accept-Encoding X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Permitted-Cross-Domain-Policies none X-Resolver-IP 185.80.93.249 185.80.93.249 X-XSS-Protection 1; mode=block;
GET H/1.1	200 OK	main.943c4b5a.chunk.css conta.uol.com.br/static/css/	154 KB 27 KB	1653ms 250ms	Stylesheet text/css	186.234.131.143 Universo Online S.A.
General Check archive.org Show headers Download Go to Full URL https://conta.uol.com.br/static/css/main.943c4b5a.chunk.css Requested by Host: suevenlojcltda.jelastic.dogado.eu URL: http://suevenlojcltda.jelastic.dogado.eu/acesso/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 186.234.131.143 Goiânia, Brazil, ASN7162 (Universo Online S.A., BR), Reverse DNS Software / Resource Hash cddbde2e191a5241a22ce9a49b08a416ea2d1f3606d9f03a90524ada5256aec9 Security Headers Name Value Content-Security-Policy frame-ancestors http://*.uol.com.br https://*.uol.com.br Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer http://suevenlojcltda.jelastic.dogado.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers Date Mon, 20 Jun 2022 14:17:50 GMT Content-Encoding gzip X-Content-Type-Options nosniff Last-Modified Tue, 10 May 2022 13:40:03 GMT X-Frame-Options SAMEORIGIN ETag W/"627a6b33-26997" Strict-Transport-Security max-age=63072000; includeSubdomains; preload Content-Type text/css Cache-Control max-age=315360000 Transfer-Encoding chunked Content-Security-Policy frame-ancestors http://*.uol.com.br https://*.uol.com.br Connection keep-alive Vary Accept-Encoding X-XSS-Protection 1; mode=block Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	logo_uolmail2.png imguol.com/p/g/logos/	5 KB 5 KB	1046ms 420ms	Image image/png	2804:49c:3101:405:ffff:ffff:ffff:20 Universo Online S.A.
General Check archive.org Show headers Download Go to Show image Full URL https://imguol.com/p/g/logos/logo_uolmail2.png Requested by Host: suevenlojcltda.jelastic.dogado.eu URL: http://suevenlojcltda.jelastic.dogado.eu/acesso/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2804:49c:3101:405:ffff:ffff:ffff:20 , Brazil, ASN15201 (Universo Online S.A., BR), Reverse DNS Software nginx / Resource Hash b75d97768deedde2829838149f82856789465d957771f78e54644a876626d262 Request headers accept-language de-DE,de;q=0.9 Referer http://suevenlojcltda.jelastic.dogado.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Mon, 20 Jun 2022 14:17:49 GMT last-modified Wed, 28 Apr 2021 14:47:08 GMT server nginx age 1630924 etag "8b870a78dd6243d8cd57b8a7aa18351d" access-control-allow-methods GET, HEAD content-type image/png access-control-allow-origin * cache-control max-age=604800 access-control-allow-credentials true x-varnish 2391409276 2384286071 x-cache HIT access-control-allow-headers X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag content-length 5247 expires Wed, 08 Jun 2022 17:15:45 GMT
GET H2	200	uol-minimalist-logo.svg imguol.com/uol-osiris-frontend/	915 B 1 KB	824ms 211ms	Image image/svg+xml	2804:49c:3101:405:ffff:ffff:ffff:20 Universo Online S.A.
General Check archive.org Show headers Download Go to Show image Full URL https://imguol.com/uol-osiris-frontend/uol-minimalist-logo.svg Requested by Host: suevenlojcltda.jelastic.dogado.eu URL: http://suevenlojcltda.jelastic.dogado.eu/acesso/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2804:49c:3101:405:ffff:ffff:ffff:20 , Brazil, ASN15201 (Universo Online S.A., BR), Reverse DNS Software nginx / Resource Hash 08107f8fcfab99c13bbcb5684f5e9759784c7d41bda3d3ad5b845a114e95eb78 Request headers accept-language de-DE,de;q=0.9 Referer http://suevenlojcltda.jelastic.dogado.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Mon, 20 Jun 2022 14:17:49 GMT last-modified Thu, 15 Jul 2021 10:00:38 GMT server nginx age 27716860 etag "393-5c7268afbe215" access-control-allow-methods GET, HEAD content-type image/svg+xml access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true x-varnish 2391409277 2385810523 x-cache HIT access-control-allow-headers X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag content-length 915 expires Wed, 03 Aug 2022 19:10:07 GMT
GET H2	200	uol-meunegocio-minimalist-logo.svg imguol.com/uol-osiris-frontend/	8 KB 8 KB	1034ms 421ms	Image image/svg+xml	2804:49c:3101:405:ffff:ffff:ffff:20 Universo Online S.A.
General Check archive.org Show headers Download Go to Show image Full URL https://imguol.com/uol-osiris-frontend/uol-meunegocio-minimalist-logo.svg Requested by Host: suevenlojcltda.jelastic.dogado.eu URL: http://suevenlojcltda.jelastic.dogado.eu/acesso/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2804:49c:3101:405:ffff:ffff:ffff:20 , Brazil, ASN15201 (Universo Online S.A., BR), Reverse DNS Software nginx / Resource Hash cc61ffc97c92ee5ab1a84a7a747f958d274c29cbfb3f6fbac88f21760fef3ce0 Request headers accept-language de-DE,de;q=0.9 Referer http://suevenlojcltda.jelastic.dogado.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Mon, 20 Jun 2022 14:17:49 GMT last-modified Fri, 16 Jul 2021 17:14:25 GMT server nginx age 27548804 etag "1f12-5c740b827be4d" access-control-allow-methods GET, HEAD content-type image/svg+xml access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true x-varnish 2391409276 2384788221 x-cache HIT access-control-allow-headers X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag content-length 7954 expires Fri, 05 Aug 2022 17:51:13 GMT
GET H2	200	anchor Show response www.google.com/recaptcha/enterprise/ Frame 635E	43 KB 22 KB	96ms 47ms	Document text/html	2a00:1450:4001:808::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LcG2qYaAAAAAMYVEA1BnpZFbv76wOnQ8SqmdYfT&co=aHR0cHM6Ly9jb250YS51b2wuY29tLmJyOjQ0Mw..&hl=pt&v=0aeEuuJmrVqDrEL39Fsg5-UJ&size=invisible&cb=3hrunu2gw4uq Requested by Host: suevenlojcltda.jelastic.dogado.eu URL: http://suevenlojcltda.jelastic.dogado.eu/acesso/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 4746225a195afefc8e4f6f7fc7fe89d554ca0e8f41d035648d7b4f8bfcef7660 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-DX3WXGRS8CbX6Un4VYXWPg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer http://suevenlojcltda.jelastic.dogado.eu/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-length 22710 content-security-policy script-src 'report-sample' 'nonce-DX3WXGRS8CbX6Un4VYXWPg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Mon, 20 Jun 2022 14:17:49 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	bframe Show response www.google.com/recaptcha/enterprise/ Frame 64E1	7 KB 2 KB	71ms 34ms	Document text/html	2a00:1450:4001:808::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/enterprise/bframe?hl=pt&v=0aeEuuJmrVqDrEL39Fsg5-UJ&k=6LcG2qYaAAAAAMYVEA1BnpZFbv76wOnQ8SqmdYfT Requested by Host: suevenlojcltda.jelastic.dogado.eu URL: http://suevenlojcltda.jelastic.dogado.eu/acesso/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash c98e8aee26e6315ac5343c67976186d2e231bc1c5c2450dc142d29733a1b5885 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-dbEG7ZIViDcke0HXdDbwng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer http://suevenlojcltda.jelastic.dogado.eu/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-length 1118 content-security-policy script-src 'report-sample' 'nonce-dbEG7ZIViDcke0HXdDbwng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Mon, 20 Jun 2022 14:17:49 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	purge-clients.html Show response tm.uol.com.br/ Frame C9D3	213 B 711 B	493ms 226ms	Document text/html	2600:9000:224a:f200:6:5b96:3f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tm.uol.com.br/purge-clients.html?name=DEretargeting&expname=DEretargetingExp&expdomain=1 Requested by Host: suevenlojcltda.jelastic.dogado.eu URL: http://suevenlojcltda.jelastic.dogado.eu/acesso/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:224a:f200:6:5b96:3f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software marrakesh 1.16.6 / Resource Hash 6a93c477127bad12d08a779a445d4c5962578f57d4171aee20df69a2b3e8c349 Request headers Referer http://suevenlojcltda.jelastic.dogado.eu/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-transform, max-age=600, must-revalidate, proxy-revalidate must-revalidate, proxy-revalidate, no-transform content-encoding gzip content-length 182 content-type text/html;charset=UTF-8 date Mon, 20 Jun 2022 14:17:49 GMT etag 8b30191927f0982283d45c76292da712 expires Mon, 20 Jun 2022 14:27:49 GMT last-modified Tue, 05 Jan 2021 18:00:11 GMT p3p CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT" server marrakesh 1.16.6 vary Accept-Encoding via 1.1 809c299e67c4ffca3db95351c7287bd8.cloudfront.net (CloudFront) x-amz-cf-id IPKeI4omtDK_JeQ8lqicrLNT7fC88xY921Rlw6d9Lveg5LoTFkkAUA== x-amz-cf-pop DUS51-P1 x-cache Miss from cloudfront
GET H2	200	purge-clients.html Show response tm.uol.com.br/ Frame D1CB	213 B 712 B	493ms 226ms	Document text/html	2600:9000:224a:f200:6:5b96:3f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tm.uol.com.br/purge-clients.html?name=dynad_rt&expname=dynad_rt_exp&expdomain=1 Requested by Host: suevenlojcltda.jelastic.dogado.eu URL: http://suevenlojcltda.jelastic.dogado.eu/acesso/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:224a:f200:6:5b96:3f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software marrakesh 1.16.6 / Resource Hash 6a93c477127bad12d08a779a445d4c5962578f57d4171aee20df69a2b3e8c349 Request headers Referer http://suevenlojcltda.jelastic.dogado.eu/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-transform, max-age=600, must-revalidate, proxy-revalidate must-revalidate, proxy-revalidate, no-transform content-encoding gzip content-length 182 content-type text/html;charset=UTF-8 date Mon, 20 Jun 2022 14:17:49 GMT etag 8b30191927f0982283d45c76292da712 expires Mon, 20 Jun 2022 14:27:49 GMT last-modified Tue, 05 Jan 2021 19:37:59 GMT p3p CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT" server marrakesh 1.16.6 vary Accept-Encoding via 1.1 809c299e67c4ffca3db95351c7287bd8.cloudfront.net (CloudFront) x-amz-cf-id Vz13XZiExO4de7599dL48pBH7QuATmIwBMaoxCW37LbZN3URFA1OgQ== x-amz-cf-pop DUS51-P1 x-cache Miss from cloudfront
GET H2	200	styles__ltr.css www.gstatic.com/recaptcha/releases/0aeEuuJmrVqDrEL39Fsg5-UJ/ Frame 64E1	51 KB 24 KB	76ms 24ms	Stylesheet text/css	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/0aeEuuJmrVqDrEL39Fsg5-UJ/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/enterprise/bframe?hl=pt&v=0aeEuuJmrVqDrEL39Fsg5-UJ&k=6LcG2qYaAAAAAMYVEA1BnpZFbv76wOnQ8SqmdYfT Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Fri, 17 Jun 2022 10:37:59 GMT content-encoding gzip x-content-type-options nosniff age 272390 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 24237 x-xss-protection 0 last-modified Mon, 09 May 2022 19:02:03 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 17 Jun 2023 10:37:59 GMT
GET H2	200	recaptcha__pt.js Show response www.gstatic.com/recaptcha/releases/0aeEuuJmrVqDrEL39Fsg5-UJ/ Frame 64E1	364 KB 144 KB	108ms 57ms	Script text/javascript	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/0aeEuuJmrVqDrEL39Fsg5-UJ/recaptcha__pt.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/enterprise/bframe?hl=pt&v=0aeEuuJmrVqDrEL39Fsg5-UJ&k=6LcG2qYaAAAAAMYVEA1BnpZFbv76wOnQ8SqmdYfT Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ae48c27c3e30857d36e44ffadcb6c6aa7149e69b07a1e763a828bcdfec07f13f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Mon, 20 Jun 2022 14:17:49 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 147142 x-xss-protection 0 last-modified Mon, 09 May 2022 19:02:03 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 20 Jun 2023 14:17:49 GMT
GET H2	200	styles__ltr.css www.gstatic.com/recaptcha/releases/0aeEuuJmrVqDrEL39Fsg5-UJ/ Frame 635E	51 KB 24 KB	84ms 43ms	Stylesheet text/css	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/0aeEuuJmrVqDrEL39Fsg5-UJ/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LcG2qYaAAAAAMYVEA1BnpZFbv76wOnQ8SqmdYfT&co=aHR0cHM6Ly9jb250YS51b2wuY29tLmJyOjQ0Mw..&hl=pt&v=0aeEuuJmrVqDrEL39Fsg5-UJ&size=invisible&cb=3hrunu2gw4uq Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Fri, 17 Jun 2022 10:37:59 GMT content-encoding gzip x-content-type-options nosniff age 272390 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 24237 x-xss-protection 0 last-modified Mon, 09 May 2022 19:02:03 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 17 Jun 2023 10:37:59 GMT
GET H2	200	recaptcha__pt.js Show response www.gstatic.com/recaptcha/releases/0aeEuuJmrVqDrEL39Fsg5-UJ/ Frame 635E	364 KB 144 KB	136ms 95ms	Script text/javascript	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/0aeEuuJmrVqDrEL39Fsg5-UJ/recaptcha__pt.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LcG2qYaAAAAAMYVEA1BnpZFbv76wOnQ8SqmdYfT&co=aHR0cHM6Ly9jb250YS51b2wuY29tLmJyOjQ0Mw..&hl=pt&v=0aeEuuJmrVqDrEL39Fsg5-UJ&size=invisible&cb=3hrunu2gw4uq Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ae48c27c3e30857d36e44ffadcb6c6aa7149e69b07a1e763a828bcdfec07f13f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Mon, 20 Jun 2022 14:17:49 GMT content-encoding gzip x-content-type-options nosniff age 0 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 147142 x-xss-protection 0 last-modified Mon, 09 May 2022 19:02:03 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 20 Jun 2023 14:17:49 GMT
GET H2	200	logo_48.png www.gstatic.com/recaptcha/api2/ Frame 635E	2 KB 2 KB	21ms 20ms	Image image/png	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/logo_48.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/0aeEuuJmrVqDrEL39Fsg5-UJ/styles__ltr.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/0aeEuuJmrVqDrEL39Fsg5-UJ/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Tue, 14 Jun 2022 18:59:48 GMT x-content-type-options nosniff age 501481 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2228 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes expires Tue, 21 Jun 2022 18:59:48 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 635E	15 KB 16 KB	69ms 20ms	Font font/woff2	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LcG2qYaAAAAAMYVEA1BnpZFbv76wOnQ8SqmdYfT&co=aHR0cHM6Ly9jb250YS51b2wuY29tLmJyOjQ0Mw..&hl=pt&v=0aeEuuJmrVqDrEL39Fsg5-UJ&size=invisible&cb=3hrunu2gw4uq Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Tue, 14 Jun 2022 17:06:41 GMT x-content-type-options nosniff age 508268 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 14 Jun 2023 17:06:41 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 635E	15 KB 15 KB	74ms 25ms	Font font/woff2	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LcG2qYaAAAAAMYVEA1BnpZFbv76wOnQ8SqmdYfT&co=aHR0cHM6Ly9jb250YS51b2wuY29tLmJyOjQ0Mw..&hl=pt&v=0aeEuuJmrVqDrEL39Fsg5-UJ&size=invisible&cb=3hrunu2gw4uq Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Tue, 14 Jun 2022 08:48:37 GMT x-content-type-options nosniff age 538152 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15552 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:33:02 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 14 Jun 2023 08:48:37 GMT
GET H2	200	webworker.js www.google.com/recaptcha/enterprise/ Frame 635E	102 B 284 B	30ms 30ms	Other text/javascript	2a00:1450:4001:808::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/enterprise/webworker.js?hl=pt&v=0aeEuuJmrVqDrEL39Fsg5-UJ Requested by Host: www.google.com URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LcG2qYaAAAAAMYVEA1BnpZFbv76wOnQ8SqmdYfT&co=aHR0cHM6Ly9jb250YS51b2wuY29tLmJyOjQ0Mw..&hl=pt&v=0aeEuuJmrVqDrEL39Fsg5-UJ&size=invisible&cb=3hrunu2gw4uq Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash b51422fe003bfe8d2bbb2dd1f367c12af1aeec87990f89c09fb67346a2df5b55 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LcG2qYaAAAAAMYVEA1BnpZFbv76wOnQ8SqmdYfT&co=aHR0cHM6Ly9jb250YS51b2wuY29tLmJyOjQ0Mw..&hl=pt&v=0aeEuuJmrVqDrEL39Fsg5-UJ&size=invisible&cb=3hrunu2gw4uq User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Mon, 20 Jun 2022 14:17:49 GMT content-encoding gzip x-content-type-options nosniff server GSE cross-origin-embedder-policy require-corp x-frame-options SAMEORIGIN report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 112 x-xss-protection 1; mode=block expires Mon, 20 Jun 2022 14:17:49 GMT
GET H2	200	client-purge.js Show response tm.jsuol.com.br/modules/ Frame C9D3	43 KB 10 KB	281ms 23ms	Script application/javascript	2600:9000:224a:de00:6:9eb2:5cc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tm.jsuol.com.br/modules/client-purge.js Requested by Host: tm.uol.com.br URL: https://tm.uol.com.br/purge-clients.html?name=DEretargeting&expname=DEretargetingExp&expdomain=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:224a:de00:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software marrakesh 1.16.6 / Resource Hash 8edf79f31f38afd348cd93ad56ae7df804394b8a403191af474496823161bdc8 Request headers accept-language de-DE,de;q=0.9 Referer https://tm.uol.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Mon, 20 Jun 2022 14:09:57 GMT content-encoding gzip age 472 x-cache Hit from cloudfront p3p CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT" content-length 9152 access-control-allow-origin * last-modified Thu, 17 Mar 2022 17:50:23 GMT server marrakesh 1.16.6 etag 827b2a3854d3757c0264519acafab901 vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript; charset=UTF-8 via 1.1 9135737f9852a1a33e45e8c90861e8be.cloudfront.net (CloudFront) cache-control no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform access-control-allow-credentials true x-amz-cf-pop DUS51-P1 access-control-allow-headers X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag x-amz-cf-id RHJIn8KaKIMqfpd_TS7KdwvDJj1g1vMegj7vXTiNKZHv0wIXLlOEbQ== expires Mon, 20 Jun 2022 15:09:57 GMT
GET H2	200	client-purge.js Show response tm.jsuol.com.br/modules/ Frame D1CB	43 KB 10 KB	283ms 25ms	Script application/javascript	2600:9000:224a:de00:6:9eb2:5cc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tm.jsuol.com.br/modules/client-purge.js Requested by Host: tm.uol.com.br URL: https://tm.uol.com.br/purge-clients.html?name=dynad_rt&expname=dynad_rt_exp&expdomain=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:224a:de00:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software marrakesh 1.16.6 / Resource Hash 8edf79f31f38afd348cd93ad56ae7df804394b8a403191af474496823161bdc8 Request headers accept-language de-DE,de;q=0.9 Referer https://tm.uol.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Mon, 20 Jun 2022 14:09:57 GMT content-encoding gzip age 472 x-cache Hit from cloudfront p3p CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT" content-length 9152 access-control-allow-origin * last-modified Thu, 17 Mar 2022 17:50:23 GMT server marrakesh 1.16.6 etag 827b2a3854d3757c0264519acafab901 vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript; charset=UTF-8 via 1.1 9135737f9852a1a33e45e8c90861e8be.cloudfront.net (CloudFront) cache-control no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform access-control-allow-credentials true x-amz-cf-pop DUS51-P1 access-control-allow-headers X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag x-amz-cf-id LYsMu4mOxDu0aeotlI9zbImPyz99QZ3IumTckBtpxHP-thvkhZCj1A== expires Mon, 20 Jun 2022 15:09:57 GMT
GET H2	200	uol-text-regular.woff stc.uol.com/c/webfont/projeto-grafico/uol-font/	26 KB 26 KB	1601ms 422ms	Font application/font-woff	2804:49c:3102:405:ffff:ffff:ffff:7 Universo Online S.A.
General Check archive.org Show headers Download Go to Full URL https://stc.uol.com/c/webfont/projeto-grafico/uol-font/uol-text-regular.woff Requested by Host: conta.uol.com.br URL: https://conta.uol.com.br/static/css/main.943c4b5a.chunk.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2804:49c:3102:405:ffff:ffff:ffff:7 , Brazil, ASN15201 (Universo Online S.A., BR), Reverse DNS Software nginx / Resource Hash c63635ffe1ea1c4731169ccfa13c0499174c7634d264beb4fca4809b7e75c0ee Request headers Referer https://conta.uol.com.br/ Origin http://suevenlojcltda.jelastic.dogado.eu accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Mon, 20 Jun 2022 14:17:52 GMT last-modified Tue, 03 Nov 2020 20:43:53 GMT server nginx age 60591 etag "663f-5b339ebbb947f" access-control-allow-methods GET, HEAD x-varnish 2527370639 2522467048 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true x-cache HIT content-type application/font-woff access-control-allow-headers X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag content-length 26175 expires Mon, 19 Jun 2023 21:28:01 GMT
GET		uol-text-bold.dd0cb7aa.woff conta.uol.com.br/static/media/	0 0
GET		uol-text-lighter.9b9f69f8.woff conta.uol.com.br/static/media/	0 0
GET		uol-text-bold.6dd375e1.ttf conta.uol.com.br/static/media/	0 0
GET		uol-text-lighter.c6c518c3.ttf conta.uol.com.br/static/media/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

conta.uol.com.br

URL

https://conta.uol.com.br/static/media/uol-text-bold.dd0cb7aa.woff

Domain

conta.uol.com.br

URL

https://conta.uol.com.br/static/media/uol-text-lighter.9b9f69f8.woff

Domain

conta.uol.com.br

URL

https://conta.uol.com.br/static/media/uol-text-bold.6dd375e1.ttf

Domain

conta.uol.com.br

URL

https://conta.uol.com.br/static/media/uol-text-lighter.c6c518c3.ttf

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Universo Online (UOL) (Banking)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: http://suevenlojcltda.jelastic.dogado.eu/ Message: The Cross-Origin-Opener-Policy header has been ignored, because the URL's origin was untrustworthy. It was defined either in the final response or a redirect. Please deliver the response using the HTTPS protocol. You can also use the 'localhost' origin instead. See https://www.w3.org/TR/powerful-features/#potentially-trustworthy-origin and https://html.spec.whatwg.org/#the-cross-origin-opener-policy-header.
other	error	URL: http://suevenlojcltda.jelastic.dogado.eu/acesso/ Message: The Cross-Origin-Opener-Policy header has been ignored, because the URL's origin was untrustworthy. It was defined either in the final response or a redirect. Please deliver the response using the HTTPS protocol. You can also use the 'localhost' origin instead. See https://www.w3.org/TR/powerful-features/#potentially-trustworthy-origin and https://html.spec.whatwg.org/#the-cross-origin-opener-policy-header.
security	error	URL: https://www.gstatic.com/recaptcha/releases/0aeEuuJmrVqDrEL39Fsg5-UJ/recaptcha__pt.js(Line 319) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://conta.uol.com.br') does not match the recipient window's origin ('http://suevenlojcltda.jelastic.dogado.eu').
javascript	error	URL: http://suevenlojcltda.jelastic.dogado.eu/acesso/ Message: Access to font at 'https://conta.uol.com.br/static/media/uol-text-bold.dd0cb7aa.woff' from origin 'http://suevenlojcltda.jelastic.dogado.eu' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://conta.uol.com.br/static/media/uol-text-bold.dd0cb7aa.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://suevenlojcltda.jelastic.dogado.eu/acesso/ Message: Access to font at 'https://conta.uol.com.br/static/media/uol-text-lighter.9b9f69f8.woff' from origin 'http://suevenlojcltda.jelastic.dogado.eu' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://conta.uol.com.br/static/media/uol-text-lighter.9b9f69f8.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://suevenlojcltda.jelastic.dogado.eu/acesso/ Message: Access to font at 'https://conta.uol.com.br/static/media/uol-text-lighter.c6c518c3.ttf' from origin 'http://suevenlojcltda.jelastic.dogado.eu' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://conta.uol.com.br/static/media/uol-text-lighter.c6c518c3.ttf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://suevenlojcltda.jelastic.dogado.eu/acesso/ Message: Access to font at 'https://conta.uol.com.br/static/media/uol-text-bold.6dd375e1.ttf' from origin 'http://suevenlojcltda.jelastic.dogado.eu' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://conta.uol.com.br/static/media/uol-text-bold.6dd375e1.ttf Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

conta.uol.com.br
fonts.gstatic.com
imguol.com
stc.uol.com
suevenlojcltda.jelastic.dogado.eu
tm.jsuol.com.br
tm.uol.com.br
www.google.com
www.gstatic.com
conta.uol.com.br
185.80.93.249
186.234.131.143
2600:9000:224a:de00:6:9eb2:5cc0:93a1
2600:9000:224a:f200:6:5b96:3f00:93a1
2804:49c:3101:405:ffff:ffff:ffff:20
2804:49c:3102:405:ffff:ffff:ffff:7
2a00:1450:4001:800::2003
2a00:1450:4001:808::2004
2a00:1450:4001:827::2003
0169058a03013a9c3718d7549f34b998db5baa46f7fe415137cc893d3b1005b9
08107f8fcfab99c13bbcb5684f5e9759784c7d41bda3d3ad5b845a114e95eb78
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4746225a195afefc8e4f6f7fc7fe89d554ca0e8f41d035648d7b4f8bfcef7660
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
6a93c477127bad12d08a779a445d4c5962578f57d4171aee20df69a2b3e8c349
8edf79f31f38afd348cd93ad56ae7df804394b8a403191af474496823161bdc8
ae48c27c3e30857d36e44ffadcb6c6aa7149e69b07a1e763a828bcdfec07f13f
b51422fe003bfe8d2bbb2dd1f367c12af1aeec87990f89c09fb67346a2df5b55
b75d97768deedde2829838149f82856789465d957771f78e54644a876626d262
c63635ffe1ea1c4731169ccfa13c0499174c7634d264beb4fca4809b7e75c0ee
c98e8aee26e6315ac5343c67976186d2e231bc1c5c2450dc142d29733a1b5885
cc61ffc97c92ee5ab1a84a7a747f958d274c29cbfb3f6fbac88f21760fef3ce0
cddbde2e191a5241a22ce9a49b08a416ea2d1f3606d9f03a90524ada5256aec9
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48