faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com Open in urlscan Pro
3.136.115.125 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.mapp.ufc.br/libraries/cms/help/cont/rrr.html
Effective URL:
http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/
Submission: On November 11 via api (November 11th 2020, 7:34:38 am UTC) from US

Summary HTTP 18 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 5 domains to perform 18 HTTP transactions. The main IP is 3.136.115.125, located in Seattle, United States and belongs to AMAZON-02, US. The main domain is faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com.

This is the only time faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Universo Online (UOL) (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 2	200.19.190.91 200.19.190.91	1916 (Associaca...) (Associacao Rede Nacional de Ensino e Pesquisa)
2 2	35.202.21.90 35.202.21.90	15169 (GOOGLE) (GOOGLE)
9	3.136.115.125 3.136.115.125	16509 (AMAZON-02) (AMAZON-02)
2 4	34.102.185.99 34.102.185.99	15169 (GOOGLE) (GOOGLE)
18	4

2 200.19.190.91 (Fortaleza, Brazil) 1 redirects

ASN1916 (Associacao Rede Nacional de Ensino e Pesquisa, BR)

www.mapp.ufc.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.202.21.90 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 90.21.202.35.bc.googleusercontent.com

sistemas.lpages.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 3.136.115.125 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-136-115-125.us-east-2.compute.amazonaws.com

faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.102.185.99 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 99.185.102.34.bc.googleusercontent.com

m.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	elasticbeanstalk.com faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com	361 KB
4	tailtarget.com 2 redirects m.t.tailtarget.com	977 B
2	lpages.co 2 redirects sistemas.lpages.co	278 B
2	ufc.br 1 redirects www.mapp.ufc.br	552 B
0	uol.com Failed stc.uol.com Failed
18	5

	Domain	Requested by
9	faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com	faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com
4	m.t.tailtarget.com	2 redirects faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com
2	sistemas.lpages.co	2 redirects
2	www.mapp.ufc.br	1 redirects
0	stc.uol.com Failed	faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com
18	5

This site contains links to these domains. Also see Links.

Domain
uolmailsecurity-001-site1.atempurl.com

Subject Issuer	Validity	Valid
*.tailtarget.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-30` - `2021-05-30`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/
Frame ID: 78BD25B0821082798DFD423BA0C1BDFD
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.mapp.ufc.br/libraries/cms/help/cont/rrr.html Page URL
http://www.mapp.ufc.br/libraries/cms/help/cont/index.php HTTP 302
https://sistemas.lpages.co/l0211 HTTP 302
https://sistemas.lpages.co/l0211/ HTTP 302
http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/ Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

18
Requests

11 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

4
IPs

2
Countries

361 kB
Transfer

364 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://uolmailsecurity-001-site1.atempurl.com/
Title: ASSINE JÁ

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.mapp.ufc.br/libraries/cms/help/cont/rrr.html Page URL
http://www.mapp.ufc.br/libraries/cms/help/cont/index.php HTTP 302
https://sistemas.lpages.co/l0211 HTTP 302
https://sistemas.lpages.co/l0211/ HTTP 302
http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://m.t.tailtarget.com/sync/TT-10162-1/1e9fc501db09a68e84c5cf23472df26f4ac90abbcb13db463f3ad2431b56e372 HTTP 302
https://m.t.tailtarget.com/sync/TT-10162-1/1e9fc501db09a68e84c5cf23472df26f4ac90abbcb13db463f3ad2431b56e372?check=1

Request Chain 10

https://m.t.tailtarget.com/sync/TT-10162-1/e93b709552e40dfb876f8e891d8c85b1222affe5fdbf21ac2543b07455a9d79a HTTP 302
https://m.t.tailtarget.com/sync/TT-10162-1/e93b709552e40dfb876f8e891d8c85b1222affe5fdbf21ac2543b07455a9d79a?check=1

18 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	rrr.html www.mapp.ufc.br/libraries/cms/help/cont/	62 B 331 B	1380ms 368ms	Document text/html	200.19.190.91 Associacao Rede N...
General Check archive.org Show headers Download Go to Full URL http://www.mapp.ufc.br/libraries/cms/help/cont/rrr.html Protocol HTTP/1.1 Server 200.19.190.91 Fortaleza, Brazil, ASN1916 (Associacao Rede Nacional de Ensino e Pesquisa, BR), Reverse DNS Software Apache / Resource Hash Request headers Host www.mapp.ufc.br Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 11 Nov 2020 07:34:22 GMT Server Apache Last-Modified Mon, 02 Nov 2020 09:14:13 GMT ETag "3e-5b31c2b738340" Accept-Ranges bytes Content-Length 62 Keep-Alive timeout=100, max=100 Connection Keep-Alive Content-Type text/html
GET H/1.1	200 OK	Primary Request / Show response faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/ Redirect Chain http://www.mapp.ufc.br/libraries/cms/help/cont/index.php https://sistemas.lpages.co/l0211 https://sistemas.lpages.co/l0211/ http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/	13 KB 13 KB	229ms 206ms	Document text/html	3.136.115.125 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/ Protocol HTTP/1.1 Server 3.136.115.125 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-136-115-125.us-east-2.compute.amazonaws.com Software nginx/1.18.0 / Resource Hash `9c8bd05190fa2ee7f5bc2b14bc0adcc1ba96d53873166fe84a49ad01e38e0228` Request headers Host faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://www.mapp.ufc.br/libraries/cms/help/cont/rrr.html Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://www.mapp.ufc.br/libraries/cms/help/cont/rrr.html Response headers Date Wed, 11 Nov 2020 07:34:23 GMT Content-Type text/html Content-Length 13373 Connection keep-alive Server nginx/1.18.0 Last-Modified Wed, 30 Sep 2020 12:04:40 GMT ETag "5f747458-343d" Accept-Ranges bytes Redirect headers status 302 date Wed, 11 Nov 2020 07:34:23 GMT content-type text/html content-length 142 location http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/ server Leadpages strict-transport-security max-age=15768000
GET H/1.1	200 OK	main.css faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/index_arquivos/	158 KB 158 KB	112ms 111ms	Stylesheet text/css	3.136.115.125 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/index_arquivos/main.css Requested by Host: faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com URL: http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/ Protocol HTTP/1.1 Server 3.136.115.125 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-136-115-125.us-east-2.compute.amazonaws.com Software nginx/1.18.0 / Resource Hash `2379d136b78de5869d1937d82bf940b355864749e989829f3ef49fa3c5095464` Request headers Referer http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 11 Nov 2020 07:34:23 GMT Last-Modified Wed, 30 Sep 2020 12:05:04 GMT Server nginx/1.18.0 ETag "5f747470-2777f" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 161663
GET H/1.1	200 OK	jquery.js Show response faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/index_arquivos/	82 KB 83 KB	232ms 218ms	Script application/javascript	3.136.115.125 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/index_arquivos/jquery.js Requested by Host: faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com URL: http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/ Protocol HTTP/1.1 Server 3.136.115.125 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-136-115-125.us-east-2.compute.amazonaws.com Software nginx/1.18.0 / Resource Hash `2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515` Request headers Referer http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 11 Nov 2020 07:34:23 GMT Last-Modified Wed, 30 Sep 2020 12:05:06 GMT Server nginx/1.18.0 ETag "5f747472-14983" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 84355
GET H/1.1	200 OK	partner Show response faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/index_arquivos/	827 B 1 KB	221ms 206ms	Script application/octet-stream	3.136.115.125 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/index_arquivos/partner Requested by Host: faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com URL: http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/ Protocol HTTP/1.1 Server 3.136.115.125 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-136-115-125.us-east-2.compute.amazonaws.com Software nginx/1.18.0 / Resource Hash `9369e6384596ebc8c7bfc024dca2876deaa3c452b8e22252ce730845f4d44b71` Request headers Referer http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 11 Nov 2020 07:34:23 GMT Last-Modified Wed, 30 Sep 2020 12:05:04 GMT Server nginx/1.18.0 ETag "5f747470-33b" Content-Type application/octet-stream Connection keep-alive Accept-Ranges bytes Content-Length 827
GET H/1.1	200 OK	logo_uolmail.png faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/index_arquivos/	7 KB 7 KB	117ms 116ms	Image image/png	3.136.115.125 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/index_arquivos/logo_uolmail.png Requested by Host: faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com URL: http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/ Protocol HTTP/1.1 Server 3.136.115.125 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-136-115-125.us-east-2.compute.amazonaws.com Software nginx/1.18.0 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 11 Nov 2020 07:34:24 GMT Last-Modified Wed, 30 Sep 2020 12:05:04 GMT Server nginx/1.18.0 ETag "5f747470-1dc4" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 7620
GET H/1.1	200 OK	logo-uol.svg faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/index_arquivos/	17 KB 18 KB	111ms 110ms	Image image/svg+xml	3.136.115.125 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/index_arquivos/logo-uol.svg Requested by Host: faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com URL: http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/ Protocol HTTP/1.1 Server 3.136.115.125 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-136-115-125.us-east-2.compute.amazonaws.com Software nginx/1.18.0 / Resource Hash `8d828650afa0e87b3ece850b6be4d2eaded63e4e4424a190f1ce39f62460f625` Request headers Referer http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 11 Nov 2020 07:34:24 GMT Last-Modified Wed, 30 Sep 2020 12:05:04 GMT Server nginx/1.18.0 ETag "5f747470-45d1" Content-Type image/svg+xml Connection keep-alive Accept-Ranges bytes Content-Length 17873
GET H/1.1	200 OK	logo-pagseguro.svg faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/index_arquivos/	5 KB 6 KB	112ms 110ms	Image image/svg+xml	3.136.115.125 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/index_arquivos/logo-pagseguro.svg Requested by Host: faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com URL: http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/ Protocol HTTP/1.1 Server 3.136.115.125 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-136-115-125.us-east-2.compute.amazonaws.com Software nginx/1.18.0 / Resource Hash `4cc86e7e65f1f8332228e8d1735ba8b7e82367c6e93d644c3d41c473891b6c2d` Request headers Referer http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 11 Nov 2020 07:34:24 GMT Last-Modified Wed, 30 Sep 2020 12:05:04 GMT Server nginx/1.18.0 ETag "5f747470-15de" Content-Type image/svg+xml Connection keep-alive Accept-Ranges bytes Content-Length 5598
GET H/1.1	200 OK	logo-uolhost.svg faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/index_arquivos/	18 KB 19 KB	221ms 206ms	Image image/svg+xml	3.136.115.125 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/index_arquivos/logo-uolhost.svg Requested by Host: faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com URL: http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/ Protocol HTTP/1.1 Server 3.136.115.125 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-136-115-125.us-east-2.compute.amazonaws.com Software nginx/1.18.0 / Resource Hash `0b931dd83952d1b448e6afb2520ca01091274b875839e4134e6c0bf433b61587` Request headers Referer http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 11 Nov 2020 07:34:24 GMT Last-Modified Wed, 30 Sep 2020 12:05:04 GMT Server nginx/1.18.0 ETag "5f747470-498b" Content-Type image/svg+xml Connection keep-alive Accept-Ranges bytes Content-Length 18827
GET H/1.1	200 OK	main.js Show response faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/index_arquivos/	56 KB 56 KB	117ms 116ms	Script application/javascript	3.136.115.125 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/index_arquivos/main.js Requested by Host: faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com URL: http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/ Protocol HTTP/1.1 Server 3.136.115.125 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-136-115-125.us-east-2.compute.amazonaws.com Software nginx/1.18.0 / Resource Hash `6f1d74f97d22f131acfa463839affc314352a452eb6649b8d9fd181e1b83d487` Request headers Referer http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 11 Nov 2020 07:34:24 GMT Last-Modified Wed, 30 Sep 2020 12:05:04 GMT Server nginx/1.18.0 ETag "5f747470-df79" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 57209
GET H2	200	1e9fc501db09a68e84c5cf23472df26f4ac90abbcb13db463f3ad2431b56e372 m.t.tailtarget.com/sync/TT-10162-1/ Redirect Chain https://m.t.tailtarget.com/sync/TT-10162-1/1e9fc501db09a68e84c5cf23472df26f4ac90abbcb13db463f3ad2431b56e372 https://m.t.tailtarget.com/sync/TT-10162-1/1e9fc501db09a68e84c5cf23472df26f4ac90abbcb13db463f3ad2431b56e372?check=1	43 B 138 B	122ms 121ms	Image image/gif	34.102.185.99 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://m.t.tailtarget.com/sync/TT-10162-1/1e9fc501db09a68e84c5cf23472df26f4ac90abbcb13db463f3ad2431b56e372?check=1 Requested by Host: faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com URL: http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.102.185.99 , United States, ASN15169 (GOOGLE, US), Reverse DNS 99.185.102.34.bc.googleusercontent.com Software nginx/1.17.8 / Resource Hash `cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda` Request headers Referer http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 11 Nov 2020 07:34:24 GMT via 1.1 google last-modified Mon, 28 Sep 1970 06:00:00 GMT server nginx/1.17.8 content-type image/gif status 200 cache-control private, proxy-revalidate alt-svc clear content-length 43 Redirect headers date Wed, 11 Nov 2020 07:34:24 GMT via 1.1 google server nginx/1.17.8 status 302 p3p CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://m.t.tailtarget.com/sync/TT-10162-1/1e9fc501db09a68e84c5cf23472df26f4ac90abbcb13db463f3ad2431b56e372?check=1 cache-control private, proxy-revalidate content-type text/html alt-svc clear content-length 145
GET H2	200	e93b709552e40dfb876f8e891d8c85b1222affe5fdbf21ac2543b07455a9d79a m.t.tailtarget.com/sync/TT-10162-1/ Redirect Chain https://m.t.tailtarget.com/sync/TT-10162-1/e93b709552e40dfb876f8e891d8c85b1222affe5fdbf21ac2543b07455a9d79a https://m.t.tailtarget.com/sync/TT-10162-1/e93b709552e40dfb876f8e891d8c85b1222affe5fdbf21ac2543b07455a9d79a?check=1	43 B 104 B	122ms 121ms	Image image/gif	34.102.185.99 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://m.t.tailtarget.com/sync/TT-10162-1/e93b709552e40dfb876f8e891d8c85b1222affe5fdbf21ac2543b07455a9d79a?check=1 Requested by Host: faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com URL: http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.102.185.99 , United States, ASN15169 (GOOGLE, US), Reverse DNS 99.185.102.34.bc.googleusercontent.com Software nginx/1.17.8 / Resource Hash `cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda` Request headers Referer http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 11 Nov 2020 07:34:24 GMT via 1.1 google last-modified Mon, 28 Sep 1970 06:00:00 GMT server nginx/1.17.8 content-type image/gif status 200 cache-control private, proxy-revalidate alt-svc clear content-length 43 Redirect headers date Wed, 11 Nov 2020 07:34:24 GMT via 1.1 google server nginx/1.17.8 status 302 p3p CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://m.t.tailtarget.com/sync/TT-10162-1/e93b709552e40dfb876f8e891d8c85b1222affe5fdbf21ac2543b07455a9d79a?check=1 cache-control private, proxy-revalidate content-type text/html alt-svc clear content-length 145
GET DATA	200 OK	truncated /	5 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `2f4b9a3be52d80dd59388d146339f46a80ef948f5e98b960dd99b2ebd4bbe56a` Request headers Referer http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/index_arquivos/main.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/png
GET		uol-text-regular.woff stc.uol.com/c/webfont/projeto-grafico/uol-font/	0 0

GET		uol-text-bold.woff stc.uol.com/c/webfont/projeto-grafico/uol-font/	0 0

GET		uol-text-lighter.woff stc.uol.com/c/webfont/projeto-grafico/uol-font/	0 0

GET		uol-text-regular.ttf stc.uol.com/c/webfont/projeto-grafico/uol-font/	0 0

GET		uol-text-bold.ttf stc.uol.com/c/webfont/projeto-grafico/uol-font/	0 0

GET		uol-text-lighter.ttf stc.uol.com/c/webfont/projeto-grafico/uol-font/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: stc.uol.com
URL: http://stc.uol.com/c/webfont/projeto-grafico/uol-font/uol-text-regular.woff

Domain: stc.uol.com
URL: http://stc.uol.com/c/webfont/projeto-grafico/uol-font/uol-text-bold.woff

Domain: stc.uol.com
URL: http://stc.uol.com/c/webfont/projeto-grafico/uol-font/uol-text-lighter.woff

Domain: stc.uol.com
URL: http://stc.uol.com/c/webfont/projeto-grafico/uol-font/uol-text-regular.ttf

Domain: stc.uol.com
URL: http://stc.uol.com/c/webfont/projeto-grafico/uol-font/uol-text-bold.ttf

Domain: stc.uol.com
URL: http://stc.uol.com/c/webfont/projeto-grafico/uol-font/uol-text-lighter.ttf

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Universo Online (UOL) (Banking)

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com
m.t.tailtarget.com
sistemas.lpages.co
stc.uol.com
www.mapp.ufc.br
stc.uol.com
200.19.190.91
3.136.115.125
34.102.185.99
35.202.21.90
0b931dd83952d1b448e6afb2520ca01091274b875839e4134e6c0bf433b61587
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515
2379d136b78de5869d1937d82bf940b355864749e989829f3ef49fa3c5095464
2f4b9a3be52d80dd59388d146339f46a80ef948f5e98b960dd99b2ebd4bbe56a
4cc86e7e65f1f8332228e8d1735ba8b7e82367c6e93d644c3d41c473891b6c2d
6f1d74f97d22f131acfa463839affc314352a452eb6649b8d9fd181e1b83d487
8d828650afa0e87b3ece850b6be4d2eaded63e4e4424a190f1ce39f62460f625
9369e6384596ebc8c7bfc024dca2876deaa3c452b8e22252ce730845f4d44b71
9c8bd05190fa2ee7f5bc2b14bc0adcc1ba96d53873166fe84a49ad01e38e0228
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com Open in urlscan Pro 3.136.115.125 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

18 Requests

11 %HTTPS

0 %IPv6

5 Domains

5 Subdomains

4 IPs

2 Countries

361 kBTransfer

364 kBSize

0 Cookies

1 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

19 JavaScript Global Variables

0 Cookies

Indicators

faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com Open in urlscan Pro
3.136.115.125 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

11 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

4
IPs

2
Countries

361 kB
Transfer

364 kB
Size

0
Cookies

18 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!