uniaofundacoes.com.br Open in urlscan Pro
2400:cb00:2048:1::681b:94ed Public Scan

Go To Rescan
Add Verdict Report

URL:
http://uniaofundacoes.com.br/emailtransfer/e.html
Submission: On December 09 via api (December 9th 2017, 5:01:47 pm UTC) from CA

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 8 domains to perform 11 HTTP transactions. The main IP is 2400:cb00:2048:1::681b:94ed, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is uniaofundacoes.com.br.

This is the only time uniaofundacoes.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2400:cb00:204... 2400:cb00:2048:1::681b:94ed	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2400:cb00:204... 2400:cb00:2048:1::6813:c366	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	2400:cb00:204... 2400:cb00:2048:1::681b:95ed	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 1	2400:cb00:204... 2400:cb00:2048:1::681f:4876	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2400:cb00:204... 2400:cb00:2048:1::681f:4976	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	50.87.145.76 50.87.145.76	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1 - Unified Layer)
1	2605:de00:1:1... 2605:de00:1:1:4a:3c:0:82	30083 (HEG-US) (HEG-US - HEG US Inc.)
1	184.28.157.238 184.28.157.238	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	23.253.236.245 23.253.236.245	33070 (RMH-14) (RMH-14 - Rackspace Hosting)
1	104.154.250.30 104.154.250.30	15169 (GOOGLE) (GOOGLE - Google LLC)
11	9

2 2400:cb00:2048:1::681b:94ed (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

uniaofundacoes.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:cb00:2048:1::6813:c366 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2400:cb00:2048:1::681b:95ed (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

uniaofundacoes.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:cb00:2048:1::681f:4876 (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

portalbrasil10.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:cb00:2048:1::681f:4976 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

portalbrasil10.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.87.145.76 (Provo, United States)

ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US)
PTR: 50-87-145-76.unifiedlayer.com

www.the-boardwalk.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2605:de00:1:1:4a:3c:0:82 (United States)

ASN30083 (HEG-US - HEG US Inc., US)

downtownptbo.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.28.157.238 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a184-28-157-238.deploy.static.akamaitechnologies.com

www.rbcroyalbank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.253.236.245 (San Antonio, United States)

ASN33070 (RMH-14 - Rackspace Hosting, US)

www.calgarymarathon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.154.250.30 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 30.250.154.104.bc.googleusercontent.com

letstalkpayments.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	uniaofundacoes.com.br uniaofundacoes.com.br	56 KB
2	portalbrasil10.com.br 1 redirects portalbrasil10.com.br	85 KB
1	letstalkpayments.com letstalkpayments.com	31 KB
1	calgarymarathon.com www.calgarymarathon.com	55 KB
1	rbcroyalbank.com www.rbcroyalbank.com	40 KB
1	downtownptbo.ca downtownptbo.ca	13 KB
1	the-boardwalk.ca www.the-boardwalk.ca	4 KB
1	cloudflare.com ajax.cloudflare.com	31 KB
11	8

	Domain	Requested by
4	uniaofundacoes.com.br	uniaofundacoes.com.br
2	portalbrasil10.com.br	1 redirects uniaofundacoes.com.br
1	letstalkpayments.com	uniaofundacoes.com.br
1	www.calgarymarathon.com	uniaofundacoes.com.br
1	www.rbcroyalbank.com	uniaofundacoes.com.br
1	downtownptbo.ca	uniaofundacoes.com.br
1	www.the-boardwalk.ca	uniaofundacoes.com.br
1	ajax.cloudflare.com	uniaofundacoes.com.br
11	8

This site contains no links.

Subject Issuer	Validity	Valid
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2017-11-04` - `2018-05-13`	6 months	crt.sh
sni57525.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2017-12-03` - `2018-06-11`	6 months	crt.sh
www.letstalkpayments.com RapidSSL SHA256 CA	`2017-04-25` - `2018-05-25`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://uniaofundacoes.com.br/emailtransfer/e.html
Frame ID: (94426246E0F6E2F79920C75B8FBAC85D)
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /cloudflare/i

Page Statistics

11
Requests

27 %
HTTPS

60 %
IPv6

8
Domains

8
Subdomains

9
IPs

2
Countries

315 kB
Transfer

432 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

http://portalbrasil10.com.br/wp-content/uploads/2016/11/bmo-1.jpg HTTP 301
https://portalbrasil10.com.br/wp-content/uploads/2016/11/bmo-1.jpg

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set e.html Show response
uniaofundacoes.com.br/emailtransfer/ 9 KB
0 115ms
115ms Document
text/html 2400:cb00:2048:1::681b:94ed
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://uniaofundacoes.com.br/emailtransfer/e.html
Protocol: HTTP/1.1
Server: 2400:cb00:2048:1::681b:94ed , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 4b5b42ca08aa7669449867fb73b9e6f8950df8394de6b63c6e7bacc47079d2d6

Request headers

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Connection: keep-alive
Accept-Encoding: gzip, deflate
Host: uniaofundacoes.com.br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date: Sat, 09 Dec 2017 17:01:36 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Jul 2017 16:54:00 GMT
Server: cloudflare-nginx
Vary: Accept-Encoding
Content-Type: text/html
Set-Cookie: __cfduid=de4fb1332a53c75023995717752eb30f31512838896; expires=Sun, 09-Dec-18 17:01:36 GMT; path=/; domain=.uniaofundacoes.com.br; HttpOnly
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 3ca98700f5d99792-FRA
Expires: Mon, 08 Jan 2018 17:01:36 GMT

GET
H2 200 rocket.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/9014afdb/cloudflare-static/ 102 KB
31 KB 9ms
8ms Script
application/javascript 2400:cb00:2048:1::6813:c366
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/9014afdb/cloudflare-static/rocket.min.js

Requested by

Host: uniaofundacoes.com.br
URL: http://uniaofundacoes.com.br/emailtransfer/e.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2400:cb00:2048:1::6813:c366 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare-nginx /

Resource Hash

a39d851d9c1a63b6a4d5043cc315c74f6236e36f1b96b92f2c9ea31d72f91f76

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

:path: /cdn-cgi/scripts/9014afdb/cloudflare-static/rocket.min.js
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept: */*
cache-control: no-cache
:authority: ajax.cloudflare.com
referer: http://uniaofundacoes.com.br/emailtransfer/e.html
:scheme: https
:method: GET
Referer: http://uniaofundacoes.com.br/emailtransfer/e.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date: Sat, 09 Dec 2017 17:01:36 GMT
content-encoding: gzip
last-modified: Fri, 08 Dec 2017 13:21:21 GMT
server: cloudflare-nginx
etag: W/"5a2a91d1-197f7"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
set-cookie: __cfduid=d5d64c24152eb8f2574def84d903695111512838896; expires=Sun, 09-Dec-18 17:01:36 GMT; path=/; domain=.cloudflare.com; HttpOnly
cache-control: max-age=172800 public
strict-transport-security: max-age=15780000; includeSubDomains
cf-ray: 3ca98701be4c634f-FRA
expires: Mon, 11 Dec 2017 17:01:36 GMT

GET
H/1.1 200
OK generalCSS.css
uniaofundacoes.com.br/emailtransfer/INTERAC%20e-Transfer_files/ 17 KB
4 KB 190ms
190ms Stylesheet
text/css 2400:cb00:2048:1::681b:94ed
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://uniaofundacoes.com.br/emailtransfer/INTERAC%20e-Transfer_files/generalCSS.css
Requested by: Host: uniaofundacoes.com.br
URL: http://uniaofundacoes.com.br/emailtransfer/e.html
Protocol: HTTP/1.1
Server: 2400:cb00:2048:1::681b:94ed , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 7e3fcd5b03f53262e0f2293f73edf9cab099ab7f04781a7b23c3c05ba9581d47

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: uniaofundacoes.com.br
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://uniaofundacoes.com.br/emailtransfer/e.html
Cookie: __cfduid=de4fb1332a53c75023995717752eb30f31512838896
Connection: keep-alive
Cache-Control: no-cache
Referer: http://uniaofundacoes.com.br/emailtransfer/e.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date: Sat, 09 Dec 2017 17:01:37 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Wed, 08 Mar 2017 06:15:30 GMT
Server: cloudflare-nginx
ETag: W/"58bfa182-4242"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 3ca98701b62a9792-FRA
Expires: Mon, 08 Jan 2018 17:01:37 GMT

GET
H/1.1 200
OK GTIe8CSS.css
uniaofundacoes.com.br/emailtransfer/INTERAC%20e-Transfer_files/ 31 KB
6 KB 188ms
188ms Stylesheet
text/css 2400:cb00:2048:1::681b:95ed
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://uniaofundacoes.com.br/emailtransfer/INTERAC%20e-Transfer_files/GTIe8CSS.css
Requested by: Host: uniaofundacoes.com.br
URL: http://uniaofundacoes.com.br/emailtransfer/e.html
Protocol: HTTP/1.1
Server: 2400:cb00:2048:1::681b:95ed , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 86faae3fe3b29994c08cd1c78a70226740f950023aa7b4aa7e62ff3d7deb6dc0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: uniaofundacoes.com.br
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://uniaofundacoes.com.br/emailtransfer/e.html
Cookie: __cfduid=de4fb1332a53c75023995717752eb30f31512838896
Connection: keep-alive
Cache-Control: no-cache
Referer: http://uniaofundacoes.com.br/emailtransfer/e.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date: Sat, 09 Dec 2017 17:01:37 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Wed, 08 Mar 2017 06:15:30 GMT
Server: cloudflare-nginx
ETag: W/"58bfa182-7c9d"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 3ca98701b171234e-FRA
Expires: Mon, 08 Jan 2018 17:01:37 GMT

GET
H/1.1 200
OK top.jpg
uniaofundacoes.com.br/emailtransfer/INTERAC%20e-Transfer_files/ 47 KB
47 KB 276ms
276ms Image
image/jpeg 2400:cb00:2048:1::681b:95ed
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://uniaofundacoes.com.br/emailtransfer/INTERAC%20e-Transfer_files/top.jpg
Requested by: Host: uniaofundacoes.com.br
URL: http://uniaofundacoes.com.br/emailtransfer/e.html
Protocol: HTTP/1.1
Server: 2400:cb00:2048:1::681b:95ed , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: c807ba9d95e6b6ddf57bbbdf6bff71bc0bdb1d394005e7a64f79ef30f9b10a6c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: uniaofundacoes.com.br
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://uniaofundacoes.com.br/emailtransfer/e.html
Cookie: __cfduid=de4fb1332a53c75023995717752eb30f31512838896
Connection: keep-alive
Cache-Control: no-cache
Referer: http://uniaofundacoes.com.br/emailtransfer/e.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date: Sat, 09 Dec 2017 17:01:37 GMT
CF-Cache-Status: MISS
Last-Modified: Thu, 23 Nov 2017 12:03:54 GMT
Server: cloudflare-nginx
ETag: "5a16b92a-bb31"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: public, max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 3ca98702e20a234e-FRA
Content-Length: 47921
Expires: Mon, 08 Jan 2018 17:01:37 GMT

GET
H2

200

bmo-1.jpg
portalbrasil10.com.br/wp-content/uploads/2016/11/
Redirect Chain

http://portalbrasil10.com.br/wp-content/uploads/2016/11/bmo-1.jpg
https://portalbrasil10.com.br/wp-content/uploads/2016/11/bmo-1.jpg

84 KB
84 KB

201ms
179ms

Image
image/jpeg

2400:cb00:2048:1::681f:4976
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalbrasil10.com.br/wp-content/uploads/2016/11/bmo-1.jpg
Requested by: Host: uniaofundacoes.com.br
URL: http://uniaofundacoes.com.br/emailtransfer/e.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::681f:4976 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: eb7cf672bea32c87b331d18b4b63f75aef9db478cf6cc90d060843389c338c88

Request headers

:path: /wp-content/uploads/2016/11/bmo-1.jpg
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: portalbrasil10.com.br
referer: http://uniaofundacoes.com.br/emailtransfer/e.html
:scheme: https
:method: GET
Referer: http://uniaofundacoes.com.br/emailtransfer/e.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date: Sat, 09 Dec 2017 17:01:37 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 28 Nov 2016 11:50:02 GMT
server: cloudflare-nginx
etag: "150c1-5425b12778d89"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
set-cookie: __cfduid=d12ae3b14a69c11ae198335b8e5f888b91512838897; expires=Sun, 09-Dec-18 17:01:37 GMT; path=/; domain=.portalbrasil10.com.br; HttpOnly; Secure
accept-ranges: bytes
cf-ray: 3ca987034c6a644b-FRA
content-length: 86209

Redirect headers

Date: Sat, 09 Dec 2017 17:01:37 GMT
Server: cloudflare-nginx
Transfer-Encoding: chunked
Location: https://portalbrasil10.com.br/wp-content/uploads/2016/11/bmo-1.jpg
Cache-Control: max-age=3600
Connection: keep-alive
CF-RAY: 3ca9870317526445-FRA
Expires: Sat, 09 Dec 2017 18:01:37 GMT

GET
H/1.1 200
OK th_ddc772f125835b4ca64d4befb178b34b_tenants_logo_cibcbank98.jpg
www.the-boardwalk.ca/wp-content/files_mf/cache/ 4 KB
4 KB 370ms
188ms Image
image/jpeg 50.87.145.76
Unified Layer

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.the-boardwalk.ca/wp-content/files_mf/cache/th_ddc772f125835b4ca64d4befb178b34b_tenants_logo_cibcbank98.jpg
Requested by: Host: uniaofundacoes.com.br
URL: http://uniaofundacoes.com.br/emailtransfer/e.html
Protocol: HTTP/1.1
Server: 50.87.145.76 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS: 50-87-145-76.unifiedlayer.com
Software: nginx/1.12.2 /
Resource Hash: d00cf2734fc34ee323de7bb6a3add150e0021c03e344ef94aeb4122409e2f050

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.the-boardwalk.ca
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://uniaofundacoes.com.br/emailtransfer/e.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://uniaofundacoes.com.br/emailtransfer/e.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date: Sat, 09 Dec 2017 17:01:37 GMT
Last-Modified: Tue, 25 Jun 2013 14:34:03 GMT
Server: nginx/1.12.2
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3786
Content-Type: image/jpeg

GET
H/1.1 200
OK dbia_td.jpg
downtownptbo.ca/assets/img/uploads/ 13 KB
13 KB 432ms
128ms Image
image/jpeg 2605:de00:1:1:4a:3c:0:82
HEG US Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://downtownptbo.ca/assets/img/uploads/dbia_td.jpg?1405109643
Requested by: Host: uniaofundacoes.com.br
URL: http://uniaofundacoes.com.br/emailtransfer/e.html
Protocol: HTTP/1.1
Server: 2605:de00:1:1:4a:3c:0:82 , United States, ASN30083 (HEG-US - HEG US Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 8c35a549583baa99980f4c9dc146f44aedc8521d5f18dde5002be384c7bd3710

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: downtownptbo.ca
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://uniaofundacoes.com.br/emailtransfer/e.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://uniaofundacoes.com.br/emailtransfer/e.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date: Sat, 09 Dec 2017 17:01:37 GMT
Last-Modified: Fri, 11 Jul 2014 20:14:03 GMT
Server: nginx
ETag: "34f7-4fdf0952438c0"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13559

GET
H/1.1 200
OK PopUp_ModalWindow_logoTablet.png
www.rbcroyalbank.com/mobile/_assets-custom/images/ 40 KB
40 KB 64ms
17ms Image
image/png 184.28.157.238
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.rbcroyalbank.com/mobile/_assets-custom/images/PopUp_ModalWindow_logoTablet.png
Requested by: Host: uniaofundacoes.com.br
URL: http://uniaofundacoes.com.br/emailtransfer/e.html
Protocol: HTTP/1.1
Server: 184.28.157.238 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a184-28-157-238.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ad54ff7eb1aff99a1bbc35059cb82c599a59ef88f1da9a0063faded9fb3af935

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.rbcroyalbank.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://uniaofundacoes.com.br/emailtransfer/e.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://uniaofundacoes.com.br/emailtransfer/e.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date: Sat, 09 Dec 2017 17:01:37 GMT
Last-Modified: Mon, 19 Dec 2016 19:15:18 GMT
ETag: "54407bd7b7d80"
Content-Type: image/png
X-EdgeConnect-Cache-Status: 1
Cache-Control: max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 40934
Expires: Wed, 06 Dec 2017 00:04:47 GMT

GET
H/1.1 200
OK scotiabank.png
www.calgarymarathon.com/media/files/upload/ 55 KB
55 KB 373ms
132ms Image
image/png 23.253.236.245
Rackspace Hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.calgarymarathon.com/media/files/upload/scotiabank.png
Requested by: Host: uniaofundacoes.com.br
URL: http://uniaofundacoes.com.br/emailtransfer/e.html
Protocol: HTTP/1.1
Server: 23.253.236.245 San Antonio, United States, ASN33070 (RMH-14 - Rackspace Hosting, US),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips /
Resource Hash: 41b1b83898aeda82a350dae2ca735fb4d7048eaee4475cf7a3c8d2531eab92fd

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.calgarymarathon.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://uniaofundacoes.com.br/emailtransfer/e.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://uniaofundacoes.com.br/emailtransfer/e.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date: Sat, 09 Dec 2017 17:01:37 GMT
Last-Modified: Wed, 22 Jun 2016 19:48:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
ETag: "db71-535e337ed13d9"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=120
Content-Length: 56177

GET
H2 200 9127979.jpg
letstalkpayments.com/wp-content/uploads/2016/01/ 31 KB
31 KB 470ms
233ms Image
image/jpeg 104.154.250.30
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://letstalkpayments.com/wp-content/uploads/2016/01/9127979.jpg
Requested by: Host: uniaofundacoes.com.br
URL: http://uniaofundacoes.com.br/emailtransfer/e.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.154.250.30 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 30.250.154.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 287d767e8243adaad484218ddca546c7c95e28501d2f5f33b7aebcc51b434867

Request headers

:path: /wp-content/uploads/2016/01/9127979.jpg
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: letstalkpayments.com
referer: http://uniaofundacoes.com.br/emailtransfer/e.html
:scheme: https
:method: GET
Referer: http://uniaofundacoes.com.br/emailtransfer/e.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

x-type: static/known
date: Sat, 09 Dec 2017 17:01:37 GMT
last-modified: Sat, 27 May 2017 12:34:11 GMT
server: nginx
status: 200
etag: "59297243-7aa0"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 31392

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onafterprint object| onbeforeprint object| __cfRocketOptions object| __cfRl

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.uniaofundacoes.com.br/	1970-01-18 20:59:34	Name: __cfduid Value: de4fb1332a53c75023995717752eb30f31512838896

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.cloudflare.com
downtownptbo.ca
letstalkpayments.com
portalbrasil10.com.br
uniaofundacoes.com.br
www.calgarymarathon.com
www.rbcroyalbank.com
www.the-boardwalk.ca
104.154.250.30
184.28.157.238
23.253.236.245
2400:cb00:2048:1::6813:c366
2400:cb00:2048:1::681b:94ed
2400:cb00:2048:1::681b:95ed
2400:cb00:2048:1::681f:4876
2400:cb00:2048:1::681f:4976
2605:de00:1:1:4a:3c:0:82
50.87.145.76
287d767e8243adaad484218ddca546c7c95e28501d2f5f33b7aebcc51b434867
41b1b83898aeda82a350dae2ca735fb4d7048eaee4475cf7a3c8d2531eab92fd
4b5b42ca08aa7669449867fb73b9e6f8950df8394de6b63c6e7bacc47079d2d6
7e3fcd5b03f53262e0f2293f73edf9cab099ab7f04781a7b23c3c05ba9581d47
86faae3fe3b29994c08cd1c78a70226740f950023aa7b4aa7e62ff3d7deb6dc0
8c35a549583baa99980f4c9dc146f44aedc8521d5f18dde5002be384c7bd3710
a39d851d9c1a63b6a4d5043cc315c74f6236e36f1b96b92f2c9ea31d72f91f76
ad54ff7eb1aff99a1bbc35059cb82c599a59ef88f1da9a0063faded9fb3af935
c807ba9d95e6b6ddf57bbbdf6bff71bc0bdb1d394005e7a64f79ef30f9b10a6c
d00cf2734fc34ee323de7bb6a3add150e0021c03e344ef94aeb4122409e2f050
eb7cf672bea32c87b331d18b4b63f75aef9db478cf6cc90d060843389c338c88

uniaofundacoes.com.br Open in urlscan Pro 2400:cb00:2048:1::681b:94ed Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

11 Requests

27 %HTTPS

60 %IPv6

8 Domains

8 Subdomains

9 IPs

2 Countries

315 kBTransfer

432 kBSize

1 Cookies

0 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

1 Cookies

Indicators

uniaofundacoes.com.br Open in urlscan Pro
2400:cb00:2048:1::681b:94ed Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

27 %
HTTPS

60 %
IPv6

8
Domains

8
Subdomains

9
IPs

2
Countries

315 kB
Transfer

432 kB
Size

1
Cookies

11 HTTP transactions
0 data transactions