faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com Open in urlscan Pro
3.136.115.125  Malicious Activity! Public Scan

Submitted URL: https://bit.ly/32aNgOa?198612%2A&%25%25%25%25&%25%25%25%25&%25%25%25%25&%7D%2A&%7D%2A&amps#%24%3B198612%26%26%2...
Effective URL: http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/
Submission Tags: falconsandbox
Submission: On November 08 via api from US

Summary

This website contacted 4 IPs in 2 countries across 6 domains to perform 18 HTTP transactions. The main IP is 3.136.115.125, located in Seattle, United States and belongs to AMAZON-02, US. The main domain is faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com.
This is the only time faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Universo Online (UOL) (Banking)

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.10 396982 (GOOGLE-PR...)
1 2 200.19.190.91 1916 (Associaca...)
2 2 35.202.21.90 15169 (GOOGLE)
9 3.136.115.125 16509 (AMAZON-02)
2 4 34.102.185.99 15169 (GOOGLE)
18 4
Apex Domain
Subdomains
Transfer
9 elasticbeanstalk.com
faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com
361 KB
4 tailtarget.com
m.t.tailtarget.com
978 B
2 lpages.co
sistemas.lpages.co
278 B
2 ufc.br
www.mapp.ufc.br
552 B
1 bit.ly
bit.ly
283 B
0 uol.com Failed
stc.uol.com Failed
18 6
Domain Requested by
9 faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com
4 m.t.tailtarget.com 2 redirects faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com
2 sistemas.lpages.co 2 redirects
2 www.mapp.ufc.br 1 redirects
1 bit.ly 1 redirects
0 stc.uol.com Failed faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com
18 6

This site contains links to these domains. Also see Links.

Domain
uolmailsecurity-001-site1.atempurl.com
Subject Issuer Validity Valid
*.tailtarget.com
Sectigo RSA Domain Validation Secure Server CA
2020-05-30 -
2021-05-30
a year crt.sh

This page contains 1 frames:

Primary Page: http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/
Frame ID: F949BF9AEE9A48C7B2BF6E8314CBE3C0
Requests: 19 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://bit.ly/32aNgOa?198612%2A&%25%25%25%25&%25%25%25%25&%25%25%25%25&%7D%2A&%7D%2A&amps HTTP 301
    http://www.mapp.ufc.br/libraries/cms/help/cont/rrr.html?5as64ffas56fas Page URL
  2. http://www.mapp.ufc.br/libraries/cms/help/cont/index.php HTTP 302
    https://sistemas.lpages.co/l0211 HTTP 302
    https://sistemas.lpages.co/l0211/ HTTP 302
    http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/ Page URL

Page Statistics

18
Requests

11 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

4
IPs

2
Countries

361 kB
Transfer

364 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bit.ly/32aNgOa?198612%2A&%25%25%25%25&%25%25%25%25&%25%25%25%25&%7D%2A&%7D%2A&amps HTTP 301
    http://www.mapp.ufc.br/libraries/cms/help/cont/rrr.html?5as64ffas56fas Page URL
  2. http://www.mapp.ufc.br/libraries/cms/help/cont/index.php HTTP 302
    https://sistemas.lpages.co/l0211 HTTP 302
    https://sistemas.lpages.co/l0211/ HTTP 302
    http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://bit.ly/32aNgOa?198612%2A&%25%25%25%25&%25%25%25%25&%25%25%25%25&%7D%2A&%7D%2A&amps HTTP 301
  • http://www.mapp.ufc.br/libraries/cms/help/cont/rrr.html?5as64ffas56fas
Request Chain 9
  • https://m.t.tailtarget.com/sync/TT-10162-1/1e9fc501db09a68e84c5cf23472df26f4ac90abbcb13db463f3ad2431b56e372 HTTP 302
  • https://m.t.tailtarget.com/sync/TT-10162-1/1e9fc501db09a68e84c5cf23472df26f4ac90abbcb13db463f3ad2431b56e372?check=1
Request Chain 10
  • https://m.t.tailtarget.com/sync/TT-10162-1/e93b709552e40dfb876f8e891d8c85b1222affe5fdbf21ac2543b07455a9d79a HTTP 302
  • https://m.t.tailtarget.com/sync/TT-10162-1/e93b709552e40dfb876f8e891d8c85b1222affe5fdbf21ac2543b07455a9d79a?check=1

18 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
rrr.html
www.mapp.ufc.br/libraries/cms/help/cont/
Redirect Chain
  • https://bit.ly/32aNgOa?198612%2A&%25%25%25%25&%25%25%25%25&%25%25%25%25&%7D%2A&%7D%2A&amps
  • http://www.mapp.ufc.br/libraries/cms/help/cont/rrr.html?5as64ffas56fas
62 B
331 B
Document
General
Full URL
http://www.mapp.ufc.br/libraries/cms/help/cont/rrr.html?5as64ffas56fas
Protocol
HTTP/1.1
Server
200.19.190.91 Fortaleza, Brazil, ASN1916 (Associacao Rede Nacional de Ensino e Pesquisa, BR),
Reverse DNS
Software
Apache /
Resource Hash
ac164af5d54b0b092e11a630215b478ae38483688b8b8324e2ecfccba0d48ca1

Request headers

Host
www.mapp.ufc.br
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 01:26:53 GMT
Server
Apache
Last-Modified
Mon, 02 Nov 2020 09:14:13 GMT
ETag
"3e-5b31c2b738340"
Accept-Ranges
bytes
Content-Length
62
Keep-Alive
timeout=100, max=100
Connection
Keep-Alive
Content-Type
text/html

Redirect headers

status
301
server
nginx
date
Sun, 08 Nov 2020 01:26:52 GMT
content-type
text/html; charset=utf-8
content-length
157
cache-control
private, max-age=90
content-security-policy
referrer always;
location
http://www.mapp.ufc.br/libraries/cms/help/cont/rrr.html?5as64ffas56fas
referrer-policy
unsafe-url
set-cookie
_bit=ka81qQ-e096bffaec0d6df478-00R; Domain=bit.ly; Expires=Fri, 07 May 2021 01:26:52 GMT
via
1.1 google
alt-svc
clear
Primary Request /
faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/
Redirect Chain
  • http://www.mapp.ufc.br/libraries/cms/help/cont/index.php
  • https://sistemas.lpages.co/l0211
  • https://sistemas.lpages.co/l0211/
  • http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/
13 KB
13 KB
Document
General
Full URL
http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/
Protocol
HTTP/1.1
Server
3.136.115.125 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-136-115-125.us-east-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
9c8bd05190fa2ee7f5bc2b14bc0adcc1ba96d53873166fe84a49ad01e38e0228

Request headers

Host
faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://www.mapp.ufc.br/libraries/cms/help/cont/rrr.html?5as64ffas56fas
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.mapp.ufc.br/libraries/cms/help/cont/rrr.html?5as64ffas56fas#%24%3B198612%26%26%26kajsf%25%25%25%24asf198612

Response headers

Date
Sun, 08 Nov 2020 01:26:55 GMT
Content-Type
text/html
Content-Length
13373
Connection
keep-alive
Server
nginx/1.18.0
Last-Modified
Wed, 30 Sep 2020 12:04:40 GMT
ETag
"5f747458-343d"
Accept-Ranges
bytes

Redirect headers

status
302
date
Sun, 08 Nov 2020 01:26:54 GMT
content-type
text/html
content-length
142
location
http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/
server
Leadpages
strict-transport-security
max-age=15768000
main.css
faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/index_arquivos/
158 KB
158 KB
Stylesheet
General
Full URL
http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/index_arquivos/main.css
Requested by
Host: faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com
URL: http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/
Protocol
HTTP/1.1
Server
3.136.115.125 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-136-115-125.us-east-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2379d136b78de5869d1937d82bf940b355864749e989829f3ef49fa3c5095464

Request headers

Referer
http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 01:26:55 GMT
Last-Modified
Wed, 30 Sep 2020 12:05:04 GMT
Server
nginx/1.18.0
ETag
"5f747470-2777f"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
161663
jquery.js
faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/index_arquivos/
82 KB
83 KB
Script
General
Full URL
http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/index_arquivos/jquery.js
Requested by
Host: faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com
URL: http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/
Protocol
HTTP/1.1
Server
3.136.115.125 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-136-115-125.us-east-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515

Request headers

Referer
http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 01:26:55 GMT
Last-Modified
Wed, 30 Sep 2020 12:05:06 GMT
Server
nginx/1.18.0
ETag
"5f747472-14983"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
84355
partner
faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/index_arquivos/
827 B
1 KB
Script
General
Full URL
http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/index_arquivos/partner
Requested by
Host: faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com
URL: http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/
Protocol
HTTP/1.1
Server
3.136.115.125 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-136-115-125.us-east-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
9369e6384596ebc8c7bfc024dca2876deaa3c452b8e22252ce730845f4d44b71

Request headers

Referer
http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 01:26:55 GMT
Last-Modified
Wed, 30 Sep 2020 12:05:04 GMT
Server
nginx/1.18.0
ETag
"5f747470-33b"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
827
logo_uolmail.png
faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/index_arquivos/
7 KB
7 KB
Image
General
Full URL
http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/index_arquivos/logo_uolmail.png
Requested by
Host: faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com
URL: http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/
Protocol
HTTP/1.1
Server
3.136.115.125 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-136-115-125.us-east-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 01:26:55 GMT
Last-Modified
Wed, 30 Sep 2020 12:05:04 GMT
Server
nginx/1.18.0
ETag
"5f747470-1dc4"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7620
logo-uol.svg
faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/index_arquivos/
17 KB
18 KB
Image
General
Full URL
http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/index_arquivos/logo-uol.svg
Requested by
Host: faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com
URL: http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/
Protocol
HTTP/1.1
Server
3.136.115.125 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-136-115-125.us-east-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
8d828650afa0e87b3ece850b6be4d2eaded63e4e4424a190f1ce39f62460f625

Request headers

Referer
http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 01:26:55 GMT
Last-Modified
Wed, 30 Sep 2020 12:05:04 GMT
Server
nginx/1.18.0
ETag
"5f747470-45d1"
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17873
logo-pagseguro.svg
faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/index_arquivos/
5 KB
6 KB
Image
General
Full URL
http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/index_arquivos/logo-pagseguro.svg
Requested by
Host: faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com
URL: http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/
Protocol
HTTP/1.1
Server
3.136.115.125 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-136-115-125.us-east-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
4cc86e7e65f1f8332228e8d1735ba8b7e82367c6e93d644c3d41c473891b6c2d

Request headers

Referer
http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 01:26:55 GMT
Last-Modified
Wed, 30 Sep 2020 12:05:04 GMT
Server
nginx/1.18.0
ETag
"5f747470-15de"
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5598
logo-uolhost.svg
faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/index_arquivos/
18 KB
19 KB
Image
General
Full URL
http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/index_arquivos/logo-uolhost.svg
Requested by
Host: faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com
URL: http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/
Protocol
HTTP/1.1
Server
3.136.115.125 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-136-115-125.us-east-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
0b931dd83952d1b448e6afb2520ca01091274b875839e4134e6c0bf433b61587

Request headers

Referer
http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 01:26:55 GMT
Last-Modified
Wed, 30 Sep 2020 12:05:04 GMT
Server
nginx/1.18.0
ETag
"5f747470-498b"
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18827
main.js
faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/index_arquivos/
56 KB
56 KB
Script
General
Full URL
http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/index_arquivos/main.js
Requested by
Host: faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com
URL: http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/
Protocol
HTTP/1.1
Server
3.136.115.125 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-136-115-125.us-east-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
6f1d74f97d22f131acfa463839affc314352a452eb6649b8d9fd181e1b83d487

Request headers

Referer
http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 01:26:55 GMT
Last-Modified
Wed, 30 Sep 2020 12:05:04 GMT
Server
nginx/1.18.0
ETag
"5f747470-df79"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
57209
1e9fc501db09a68e84c5cf23472df26f4ac90abbcb13db463f3ad2431b56e372
m.t.tailtarget.com/sync/TT-10162-1/
Redirect Chain
  • https://m.t.tailtarget.com/sync/TT-10162-1/1e9fc501db09a68e84c5cf23472df26f4ac90abbcb13db463f3ad2431b56e372
  • https://m.t.tailtarget.com/sync/TT-10162-1/1e9fc501db09a68e84c5cf23472df26f4ac90abbcb13db463f3ad2431b56e372?check=1
43 B
104 B
Image
General
Full URL
https://m.t.tailtarget.com/sync/TT-10162-1/1e9fc501db09a68e84c5cf23472df26f4ac90abbcb13db463f3ad2431b56e372?check=1
Requested by
Host: faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com
URL: http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 01:26:55 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.17.8
content-type
image/gif
status
200
cache-control
private, proxy-revalidate
alt-svc
clear
content-length
43

Redirect headers

date
Sun, 08 Nov 2020 01:26:55 GMT
via
1.1 google
server
nginx/1.17.8
status
302
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://m.t.tailtarget.com/sync/TT-10162-1/1e9fc501db09a68e84c5cf23472df26f4ac90abbcb13db463f3ad2431b56e372?check=1
cache-control
private, proxy-revalidate
content-type
text/html
alt-svc
clear
content-length
145
e93b709552e40dfb876f8e891d8c85b1222affe5fdbf21ac2543b07455a9d79a
m.t.tailtarget.com/sync/TT-10162-1/
Redirect Chain
  • https://m.t.tailtarget.com/sync/TT-10162-1/e93b709552e40dfb876f8e891d8c85b1222affe5fdbf21ac2543b07455a9d79a
  • https://m.t.tailtarget.com/sync/TT-10162-1/e93b709552e40dfb876f8e891d8c85b1222affe5fdbf21ac2543b07455a9d79a?check=1
43 B
138 B
Image
General
Full URL
https://m.t.tailtarget.com/sync/TT-10162-1/e93b709552e40dfb876f8e891d8c85b1222affe5fdbf21ac2543b07455a9d79a?check=1
Requested by
Host: faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com
URL: http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 01:26:55 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.17.8
content-type
image/gif
status
200
cache-control
private, proxy-revalidate
alt-svc
clear
content-length
43

Redirect headers

date
Sun, 08 Nov 2020 01:26:55 GMT
via
1.1 google
server
nginx/1.17.8
status
302
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://m.t.tailtarget.com/sync/TT-10162-1/e93b709552e40dfb876f8e891d8c85b1222affe5fdbf21ac2543b07455a9d79a?check=1
cache-control
private, proxy-revalidate
content-type
text/html
alt-svc
clear
content-length
145
truncated
/
5 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2f4b9a3be52d80dd59388d146339f46a80ef948f5e98b960dd99b2ebd4bbe56a

Request headers

Referer
http://faturamentocliente-env.eba-h9qa6nww.us-east-2.elasticbeanstalk.com/index_arquivos/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
uol-text-regular.woff
stc.uol.com/c/webfont/projeto-grafico/uol-font/
0
0

uol-text-bold.woff
stc.uol.com/c/webfont/projeto-grafico/uol-font/
0
0

uol-text-lighter.woff
stc.uol.com/c/webfont/projeto-grafico/uol-font/
0
0

uol-text-bold.ttf
stc.uol.com/c/webfont/projeto-grafico/uol-font/
0
0

uol-text-lighter.ttf
stc.uol.com/c/webfont/projeto-grafico/uol-font/
0
0

uol-text-regular.ttf
stc.uol.com/c/webfont/projeto-grafico/uol-font/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
stc.uol.com
URL
http://stc.uol.com/c/webfont/projeto-grafico/uol-font/uol-text-regular.woff
Domain
stc.uol.com
URL
http://stc.uol.com/c/webfont/projeto-grafico/uol-font/uol-text-bold.woff
Domain
stc.uol.com
URL
http://stc.uol.com/c/webfont/projeto-grafico/uol-font/uol-text-lighter.woff
Domain
stc.uol.com
URL
http://stc.uol.com/c/webfont/projeto-grafico/uol-font/uol-text-bold.ttf
Domain
stc.uol.com
URL
http://stc.uol.com/c/webfont/projeto-grafico/uol-font/uol-text-lighter.ttf
Domain
stc.uol.com
URL
http://stc.uol.com/c/webfont/projeto-grafico/uol-font/uol-text-regular.ttf

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Universo Online (UOL) (Banking)

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes function| $ function| jQuery function| mostrar function| esconder string| id string| urlCookie string| type object| btdata object| ifrm function| onSubmit function| onloadCallback object| osirisUai function| uolAnalytics object| universal_variable object| uolads object| dnaReady undefined| dnaRun object| webpackJsonposiris-frontend

0 Cookies