atacadao.h1.maispremios.com.br Open in urlscan Pro
50.116.86.119 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://atacadao.h1.maispremios.com.br/security-code/
Submission Tags: falconsandbox
Submission: On August 16 via api (August 16th 2022, 5:00:42 pm UTC) from US — Scanned from DE

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 3 domains to perform 14 HTTP transactions. The main IP is 50.116.86.119, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is atacadao.h1.maispremios.com.br.
TLS certificate: Issued by R3 on August 16th 2022. Valid for: 3 months.

This is the only time atacadao.h1.maispremios.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	50.116.86.119 50.116.86.119	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
2	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
4	2a02:26f0:350... 2a02:26f0:3500:16::215:148f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:148b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	191.243.198.75 191.243.198.75	263511 (Saveinclo...) (Saveincloud Hospedagem na Internet Ltda)
14	5

4 50.116.86.119 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 50-116-86-119.unifiedlayer.com

atacadao.h1.maispremios.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:3500:16::215:148f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:148b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 191.243.198.75 (Brazil)

ASN263511 (Saveincloud Hospedagem na Internet Ltda, BR)
PTR: manduri.sp.gov.br

api.h1.maispremios.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	maispremios.com.br atacadao.h1.maispremios.com.br api.h1.maispremios.com.br	452 KB
5	typekit.net use.typekit.net — Cisco Umbrella Rank: 566 p.typekit.net — Cisco Umbrella Rank: 677	77 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67	2 KB
14	3

	Domain	Requested by
4	use.typekit.net	atacadao.h1.maispremios.com.br use.typekit.net
4	atacadao.h1.maispremios.com.br	atacadao.h1.maispremios.com.br
3	api.h1.maispremios.com.br	atacadao.h1.maispremios.com.br
2	fonts.googleapis.com	atacadao.h1.maispremios.com.br
1	p.typekit.net	use.typekit.net
14	5

This site contains no links.

Subject Issuer	Validity	Valid
atacadao.h1.maispremios.com.br R3	`2022-08-16` - `2022-11-14`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2022-03-07` - `2023-04-07`	a year	crt.sh
api.h1.maispremios.com.br R3	`2022-08-16` - `2022-11-14`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://atacadao.h1.maispremios.com.br/security-code/
Frame ID: BF424507D665C03BA142DBD1DA899BE3
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Gifterr

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

Page Statistics

14
Requests

100 %
HTTPS

60 %
IPv6

3
Domains

5
Subdomains

5
IPs

3
Countries

531 kB
Transfer

1218 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
atacadao.h1.maispremios.com.br/security-code/ 1 KB
651 B 912ms
162ms Document
text/html 50.116.86.119
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://atacadao.h1.maispremios.com.br/security-code/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.116.86.119 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-116-86-119.unifiedlayer.com
Software: Apache /
Resource Hash: 9d2022f443b8e47d26b63043839a38a0d245a4811572dd416e8abbf150017d78

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 535
content-type: text/html
date: Tue, 16 Aug 2022 17:00:36 GMT
last-modified: Tue, 16 Aug 2022 16:36:34 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 css2
fonts.googleapis.com/ 8 KB
731 B 133ms
49ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto+Mono:wght@300;400;500;700&display=swap

Requested by

Host: atacadao.h1.maispremios.com.br
URL: https://atacadao.h1.maispremios.com.br/security-code/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4a4430a92013b2f43df8c3a68c9c99eab143bfb73f19206bb12444f692a67686

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://atacadao.h1.maispremios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 16 Aug 2022 17:00:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 16 Aug 2022 17:00:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Aug 2022 17:00:37 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 131ms
46ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap

Requested by

Host: atacadao.h1.maispremios.com.br
URL: https://atacadao.h1.maispremios.com.br/security-code/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a0ae09929605e6f45470f62f9ec51e9ec846c70ba08947c673728468044ca1f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://atacadao.h1.maispremios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 16 Aug 2022 15:57:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 16 Aug 2022 17:00:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Aug 2022 17:00:37 GMT

GET
H2 200 bwk7flk.css
use.typekit.net/ 4 KB
1016 B 292ms
171ms Stylesheet
text/css 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/bwk7flk.css

Requested by

Host: atacadao.h1.maispremios.com.br
URL: https://atacadao.h1.maispremios.com.br/security-code/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

3fcf51b398f77aebaaf5b8c1ac312639bce9c22626499f0122081dad54bffa25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://atacadao.h1.maispremios.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Tue, 16 Aug 2022 17:00:37 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 784

GET
H2 200 main.13556dbe.js Show response
atacadao.h1.maispremios.com.br/static/js/ 1 MB
426 KB 170ms
170ms Script
application/javascript 50.116.86.119
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://atacadao.h1.maispremios.com.br/static/js/main.13556dbe.js
Requested by: Host: atacadao.h1.maispremios.com.br
URL: https://atacadao.h1.maispremios.com.br/security-code/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.116.86.119 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-116-86-119.unifiedlayer.com
Software: Apache /
Resource Hash: b2f7dcc8fb98454dfee9d96ea686042a0e457d63ec47b7dda65515c8f2565267

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://atacadao.h1.maispremios.com.br/security-code/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 17:00:37 GMT
content-encoding: gzip
last-modified: Tue, 16 Aug 2022 16:36:34 GMT
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 main.150955a9.css
atacadao.h1.maispremios.com.br/static/css/ 35 KB
10 KB 161ms
160ms Stylesheet
text/css 50.116.86.119
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://atacadao.h1.maispremios.com.br/static/css/main.150955a9.css
Requested by: Host: atacadao.h1.maispremios.com.br
URL: https://atacadao.h1.maispremios.com.br/security-code/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.116.86.119 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-116-86-119.unifiedlayer.com
Software: Apache /
Resource Hash: 26d7d96c26459450d438e6a02ae68bf9dc10627d000326247026ee7dc5d43867

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://atacadao.h1.maispremios.com.br/security-code/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 17:00:37 GMT
content-encoding: gzip
last-modified: Tue, 16 Aug 2022 16:36:34 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 10484

GET
H2 200 p.css
p.typekit.net/ 5 B
181 B 166ms
36ms Stylesheet
text/css 2a02:26f0:3500:16::215:148b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=bwk7flk&ht=tk&f=139.140.175.176.25136&a=75205565&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/bwk7flk.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 17:00:37 GMT
last-modified: Sat, 16 Oct 2021 08:18:43 GMT
server: nginx
etag: "616a8ae3-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 atacadao-logo.e1164b17a86e5fb148a780cb2caa13b5.svg
atacadao.h1.maispremios.com.br/static/media/ 13 KB
13 KB 163ms
163ms Image
image/svg+xml 50.116.86.119
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://atacadao.h1.maispremios.com.br/static/media/atacadao-logo.e1164b17a86e5fb148a780cb2caa13b5.svg
Requested by: Host: atacadao.h1.maispremios.com.br
URL: https://atacadao.h1.maispremios.com.br/security-code/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.116.86.119 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-116-86-119.unifiedlayer.com
Software: Apache /
Resource Hash: 34189427877eedcc3844e04af300110e452ca23b52ba4f46c2974b82e2ae4ec9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://atacadao.h1.maispremios.com.br/security-code/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 17:00:38 GMT
last-modified: Tue, 16 Aug 2022 16:36:34 GMT
server: Apache
accept-ranges: bytes
content-length: 13540
content-type: image/svg+xml

GET
H2 200 l
use.typekit.net/af/23e139/00000000000000007735e605/30/ 16 KB
17 KB 151ms
37ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/23e139/00000000000000007735e605/30/l?subset_id=2&fvd=n5&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/bwk7flk.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 58dc2f9ecbfa85accf8b5b67e283ba5b32fafc4769e6244a271ebb80d8a2efcf

Request headers

Referer: https://use.typekit.net/bwk7flk.css
Origin: https://atacadao.h1.maispremios.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 17:00:38 GMT
server: nginx
etag: "e14b3e1c538ef57e7a1dbd33c45600ad6ff14122"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16720

GET
H2 200 l
use.typekit.net/af/efe4a5/00000000000000007735e609/30/ 29 KB
29 KB 155ms
41ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/efe4a5/00000000000000007735e609/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/bwk7flk.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: c4d04d2b6a041dde11c80d8332f983a58c1031c663ab4f42230899cb82adf4a7

Request headers

Referer: https://use.typekit.net/bwk7flk.css
Origin: https://atacadao.h1.maispremios.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 17:00:38 GMT
server: nginx
etag: "6aeae62b893768150f3460329dc461358e8ab2f5"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 29820

GET
H2 200 l
use.typekit.net/af/2555e1/00000000000000007735e603/30/ 30 KB
30 KB 156ms
42ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/2555e1/00000000000000007735e603/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/bwk7flk.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: a33128c94dd3c425bc3f4a9ba389a1f3d7a75233e8cb788ea80f8f43a3d68423

Request headers

Referer: https://use.typekit.net/bwk7flk.css
Origin: https://atacadao.h1.maispremios.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 17:00:38 GMT
server: nginx
etag: "09d1a94c81035c62708e0a513ee76d7886d15a25"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 30704

OPTIONS
H2 204 request-access
api.h1.maispremios.com.br/client/ 0
0 944ms
227ms Preflight 191.243.198.75
Saveincloud Hospe...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.h1.maispremios.com.br/client/request-access

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

191.243.198.75 , Brazil, ASN263511 (Saveincloud Hospedagem na Internet Ltda, BR),

Reverse DNS

manduri.sp.gov.br

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://atacadao.h1.maispremios.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://atacadao.h1.maispremios.com.br
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Tue, 16 Aug 2022 17:00:38 GMT
expect-ct: max-age=0
origin-agent-cluster: ?1
referrer-policy: no-referrer
server: nginx
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin, Access-Control-Request-Headers
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

POST
H2 400 request-access Show response
api.h1.maispremios.com.br/client/ 39 B
777 B 235ms
233ms XHR
application/json 191.243.198.75
Saveincloud Hospe...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.h1.maispremios.com.br/client/request-access

Requested by

Host: atacadao.h1.maispremios.com.br
URL: https://atacadao.h1.maispremios.com.br/static/js/main.13556dbe.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

191.243.198.75 , Brazil, ASN263511 (Saveincloud Hospedagem na Internet Ltda, BR),

Reverse DNS

manduri.sp.gov.br

Software

nginx /

Resource Hash

7be812056db05a857d6ba2e7489e40d1770d82de82790530fac0c7723b21e8d1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://atacadao.h1.maispremios.com.br/
Authorization: 8293a0e2-4f56-4074-9053-0afbe79c21f5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
cross-origin-embedder-policy: require-corp
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
vary: Origin, Accept-Encoding
content-length: 39
x-xss-protection: 0
referrer-policy: no-referrer
server: nginx
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
date: Tue, 16 Aug 2022 17:00:39 GMT
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: https://atacadao.h1.maispremios.com.br
origin-agent-cluster: ?1
access-control-allow-credentials: true

GET
H2 401 client Show response
api.h1.maispremios.com.br/ 38 B
781 B 944ms
229ms XHR
application/json 191.243.198.75
Saveincloud Hospe...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.h1.maispremios.com.br/client

Requested by

Host: atacadao.h1.maispremios.com.br
URL: https://atacadao.h1.maispremios.com.br/static/js/main.13556dbe.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

191.243.198.75 , Brazil, ASN263511 (Saveincloud Hospedagem na Internet Ltda, BR),

Reverse DNS

manduri.sp.gov.br

Software

nginx /

Resource Hash

47c130a311d4340a2da10bc74467f43d114a3af0a9f96a96412ca8a0f06e506f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://atacadao.h1.maispremios.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
cross-origin-embedder-policy: require-corp
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
vary: Origin, Accept-Encoding
content-length: 38
x-xss-protection: 0
referrer-policy: no-referrer
server: nginx
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
date: Tue, 16 Aug 2022 17:00:38 GMT
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: https://atacadao.h1.maispremios.com.br
origin-agent-cluster: ?1
access-control-allow-credentials: true

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api.h1.maispremios.com.br/client Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://api.h1.maispremios.com.br/client/request-access Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.h1.maispremios.com.br
atacadao.h1.maispremios.com.br
fonts.googleapis.com
p.typekit.net
use.typekit.net
191.243.198.75
2a00:1450:4001:806::200a
2a02:26f0:3500:16::215:148b
2a02:26f0:3500:16::215:148f
50.116.86.119
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
26d7d96c26459450d438e6a02ae68bf9dc10627d000326247026ee7dc5d43867
34189427877eedcc3844e04af300110e452ca23b52ba4f46c2974b82e2ae4ec9
3fcf51b398f77aebaaf5b8c1ac312639bce9c22626499f0122081dad54bffa25
47c130a311d4340a2da10bc74467f43d114a3af0a9f96a96412ca8a0f06e506f
4a4430a92013b2f43df8c3a68c9c99eab143bfb73f19206bb12444f692a67686
58dc2f9ecbfa85accf8b5b67e283ba5b32fafc4769e6244a271ebb80d8a2efcf
7be812056db05a857d6ba2e7489e40d1770d82de82790530fac0c7723b21e8d1
9d2022f443b8e47d26b63043839a38a0d245a4811572dd416e8abbf150017d78
a0ae09929605e6f45470f62f9ec51e9ec846c70ba08947c673728468044ca1f0
a33128c94dd3c425bc3f4a9ba389a1f3d7a75233e8cb788ea80f8f43a3d68423
b2f7dcc8fb98454dfee9d96ea686042a0e457d63ec47b7dda65515c8f2565267
c4d04d2b6a041dde11c80d8332f983a58c1031c663ab4f42230899cb82adf4a7

atacadao.h1.maispremios.com.br Open in urlscan Pro 50.116.86.119 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

14 Requests

100 %HTTPS

60 %IPv6

3 Domains

5 Subdomains

5 IPs

3 Countries

531 kBTransfer

1218 kBSize

0 Cookies

0 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

0 Cookies

2 Console Messages

Indicators

atacadao.h1.maispremios.com.br Open in urlscan Pro
50.116.86.119 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

60 %
IPv6

3
Domains

5
Subdomains

5
IPs

3
Countries

531 kB
Transfer

1218 kB
Size

0
Cookies

14 HTTP transactions
0 data transactions