prod.d3teuengp8kzf1.amplifyapp.com Open in urlscan Pro
13.227.62.85 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://prod.d3teuengp8kzf1.amplifyapp.com/?gclid=EAIaIQobChMIuY62pPWYgAMVb1hIAB02JQdoEAAYASAAEgKxx_D_BwE
Submission: On July 19 via api (July 19th 2023, 7:03:31 pm UTC) from JP — Scanned from JP

Summary HTTP 74 Redirects Links 60 Behaviour Indicators

Summary

This website contacted 16 IPs in 5 countries across 13 domains to perform 74 HTTP transactions. The main IP is 13.227.62.85, located in United States and belongs to AMAZON-02, US. The main domain is prod.d3teuengp8kzf1.amplifyapp.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on July 15th 2023. Valid for: a year.

This is the only time prod.d3teuengp8kzf1.amplifyapp.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Terra (Telecommunication)

Domain & IP information

	IP Address	AS Autonomous System
4	13.227.62.85 13.227.62.85	16509 (AMAZON-02) (AMAZON-02)
4	208.84.244.116 208.84.244.116	40260 (TERRA-NET...) (TERRA-NETWORKS-MIAMI)
12	2600:140b:a00... 2600:140b:a00:8::b81a:2b47	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
23	2600:140b:a00... 2600:140b:a00:8::b81a:2b4c	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
9	208.84.244.97 208.84.244.97	40260 (TERRA-NET...) (TERRA-NETWORKS-MIAMI)
4	2a03:2880:f10... 2a03:2880:f10f:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2600:140b:a00... 2600:140b:a00:8::b81a:2b55	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	35.201.123.184 35.201.123.184	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2404:6800:400... 2404:6800:4004:81d::2001	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:821::200e	15169 (GOOGLE) (GOOGLE)
1 1	2404:6800:400... 2404:6800:4008:c15::9c	15169 (GOOGLE) (GOOGLE)
1 2	2404:6800:400... 2404:6800:4004:810::2004	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:820::2003	15169 (GOOGLE) (GOOGLE)
1 2	99.84.50.21 99.84.50.21	16509 (AMAZON-02) (AMAZON-02)
1 2	2406:2600:4::b 2406:2600:4::b	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	182.161.74.11 182.161.74.11	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
5	34.102.185.99 34.102.185.99	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
74	16

4 13.227.62.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-62-85.nrt20.r.cloudfront.net

prod.d3teuengp8kzf1.amplifyapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 208.84.244.116 (United States)

ASN40260 (TERRA-NETWORKS-MIAMI, US)
PTR: www.terra.com.br

svadata.terra.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2600:140b:a00:8::b81a:2b47 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)

p1.trrsf.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s1.trrsf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2600:140b:a00:8::b81a:2b4c (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)

p1.trrsf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s1.trrsf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 208.84.244.97 (United States)

ASN40260 (TERRA-NETWORKS-MIAMI, US)
PTR: mia-cdn.trrsf.com

s1.trrsf.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f10f:83:face:b00c:0:25de (Tokyo, Japan)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:140b:a00:8::b81a:2b55 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)

www.terra.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.201.123.184 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 184.123.201.35.bc.googleusercontent.com

tags.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:81d::2001 (Australia)

ASN15169 (GOOGLE, US)

70fcd5f949e540d8b74484669d720688.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:821::200e (Australia)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4008:c15::9c (Taipei, Taiwan) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:810::2004 (Australia) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:820::2003 (Australia)

ASN15169 (GOOGLE, US)

www.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.84.50.21 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-84-50-21.nrt20.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2406:2600:4::b (Japan) 1 redirects

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.74.11 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.102.185.99 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 99.185.102.34.bc.googleusercontent.com

tt-10969-0.seg.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	trrsf.com s1.trrsf.com — Cisco Umbrella Rank: 373568 p1.trrsf.com — Cisco Umbrella Rank: 355897	286 KB
10	trrsf.com.br p1.trrsf.com.br — Cisco Umbrella Rank: 928818 s1.trrsf.com.br	395 KB
8	tailtarget.com tags.t.tailtarget.com — Cisco Umbrella Rank: 67310 d.tailtarget.com — Cisco Umbrella Rank: 79465 tt-10969-0.seg.t.tailtarget.com — Cisco Umbrella Rank: 569233 b.t.tailtarget.com — Cisco Umbrella Rank: 60855 t.tailtarget.com — Cisco Umbrella Rank: 8223	44 KB
5	terra.com.br svadata.terra.com.br www.terra.com.br — Cisco Umbrella Rank: 236299	29 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	278 B
4	amplifyapp.com prod.d3teuengp8kzf1.amplifyapp.com	34 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 425 mug.criteo.com — Cisco Umbrella Rank: 2424	7 KB
3	googlesyndication.com 70fcd5f949e540d8b74484669d720688.safeframe.googlesyndication.com	8 KB
2	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 152	709 B
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 3	1 KB
1	google.co.jp www.google.co.jp — Cisco Umbrella Rank: 21526	408 B
1	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 116	377 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 56	300 B
74	13

	Domain	Requested by
30	s1.trrsf.com	prod.d3teuengp8kzf1.amplifyapp.com p1.trrsf.com s1.trrsf.com
9	s1.trrsf.com.br	prod.d3teuengp8kzf1.amplifyapp.com s1.trrsf.com.br
4	www.facebook.com	prod.d3teuengp8kzf1.amplifyapp.com
4	p1.trrsf.com	prod.d3teuengp8kzf1.amplifyapp.com s1.trrsf.com
4	svadata.terra.com.br	prod.d3teuengp8kzf1.amplifyapp.com
4	prod.d3teuengp8kzf1.amplifyapp.com	prod.d3teuengp8kzf1.amplifyapp.com
3	70fcd5f949e540d8b74484669d720688.safeframe.googlesyndication.com	prod.d3teuengp8kzf1.amplifyapp.com
2	b.t.tailtarget.com	d.tailtarget.com
2	tt-10969-0.seg.t.tailtarget.com	d.tailtarget.com
2	d.tailtarget.com	prod.d3teuengp8kzf1.amplifyapp.com d.tailtarget.com
2	gum.criteo.com	1 redirects prod.d3teuengp8kzf1.amplifyapp.com
2	sb.scorecardresearch.com	1 redirects prod.d3teuengp8kzf1.amplifyapp.com
2	www.google.com	1 redirects prod.d3teuengp8kzf1.amplifyapp.com
1	t.tailtarget.com
1	mug.criteo.com	prod.d3teuengp8kzf1.amplifyapp.com
1	www.google.co.jp	prod.d3teuengp8kzf1.amplifyapp.com
1	stats.g.doubleclick.net	1 redirects
1	www.google-analytics.com	prod.d3teuengp8kzf1.amplifyapp.com
1	tags.t.tailtarget.com	s1.trrsf.com
1	www.terra.com.br	prod.d3teuengp8kzf1.amplifyapp.com
1	p1.trrsf.com.br	prod.d3teuengp8kzf1.amplifyapp.com
74	21

This site contains links to these domains. Also see Links.

Domain
servicos.terra.com.br
central.terra.com.br
www.terra.com.br
mail.terra.com.br
www.terrafibra.com.br
www.terraempresas.com.br
terraempresas.com.br
webmail.terraempresas.com.br
www.vivo.com.br
appstore.vivo.com.br
www.loja.vivo.com.br
www.vivomoney.com.br
www.vivogestaodeequipe.com.br
www.vivoplataformadigital.com.br
duvidas.terra.com.br

Subject Issuer	Validity	Valid
*.d3teuengp8kzf1.amplifyapp.com Amazon RSA 2048 M02	`2023-07-15` - `2024-08-13`	a year	crt.sh
*.terra.com.br Valid Certificadora Digital SSL OV CA 2018	`2022-06-29` - `2023-07-24`	a year	crt.sh
terra.com.br DigiCert TLS RSA SHA256 2020 CA1	`2022-11-17` - `2023-11-17`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-04-28` - `2023-07-27`	3 months	crt.sh
*.tailtarget.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-08-09`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://prod.d3teuengp8kzf1.amplifyapp.com/?gclid=EAIaIQobChMIuY62pPWYgAMVb1hIAB02JQdoEAAYASAAEgKxx_D_BwE
Frame ID: D300E2756FA1B9BCF0929F67E3497DE0
Requests: 60 HTTP requests in this frame

Frame: https://70fcd5f949e540d8b74484669d720688.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 55357A1EB3670D79F608122A64995B55
Requests: 1 HTTP requests in this frame

Frame: https://s1.trrsf.com.br/slide-mail/normal_2.html
Frame ID: 4E3C468A5FA7F9D64D1B1F21067BBBC9
Requests: 8 HTTP requests in this frame

Frame: https://70fcd5f949e540d8b74484669d720688.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 35A0AE27CCBBFE7DFE587B17F3E545C7
Requests: 1 HTTP requests in this frame

Frame: https://70fcd5f949e540d8b74484669d720688.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 644888B5BE1D856B6F6486459AE1A915
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=mail.terra.com.br
Frame ID: 5D8375241E7EE16CDA3348C9E7B00FB1
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9E17EDF8443DA6FEB17101B1F713772D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Terra Mail

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

74
Requests

96 %
HTTPS

59 %
IPv6

13
Domains

21
Subdomains

16
IPs

5
Countries

805 kB
Transfer

2070 kB
Size

20
Cookies

60 Outgoing links

These are links going to different origins than the main page.

URL: https://servicos.terra.com.br/?utm_source=terra&utm_medium=barra%20ds&utm_campaign=terra%20servicos&utm_content=barra%20de%20servicos&utm_term=barra%20de%20servicos&cdConvenio=CVTR00001907
Title: Conheça nossos serviços 0800 777 1234

Search URL Search Domain Scan URL

URL: https://central.terra.com.br/login?utm_source=terra&utm_medium=barra%20ds&utm_campaign=central%20do%20assinante&utm_content=central%20do%20assinante&utm_term=central%20do%20assinante&cdConvenio=CVTR00001907
Title: Atendimento ao cliente 0800 777 9797

Search URL Search Domain Scan URL

URL: http://www.terra.com.br/
Title: Ir para a página inicial

Search URL Search Domain Scan URL

URL: https://servicos.terra.com.br/

Search URL Search Domain Scan URL

URL: https://servicos.terra.com.br/cursos-online/promo/super-oferta/?utm_source=terra&utm_medium=pulldown&utm_campaign=cursos20online&utm_content=novopulldown&utm_term=para20voce20pos201&cdConvenio=CVTR00001820
Title: Cursos Online

Search URL Search Domain Scan URL

URL: https://servicos.terra.com.br/curso-de-ingles/promo/super-oferta/?utm_source=terra&utm_medium=pulldown&utm_campaign=curso20de20ingles&utm_content=novopulldown&utm_term=para20voce20pos202&cdConvenio=CVTR00001820
Title: Curso de Inglês

Search URL Search Domain Scan URL

URL: https://servicos.terra.com.br/mail-gigante/?utm_source=terra&utm_medium=pulldown&utm_campaign=mail20gigante&utm_content=novopulldown&utm_term=para20voce20pos203&cdConvenio=CVTR00001820
Title: Mail Gigante

Search URL Search Domain Scan URL

URL: https://mail.terra.com.br/
Title: Acesse seu-email

Search URL Search Domain Scan URL

URL: https://servicos.terra.com.br/antivirus/promo/super-oferta/?utm_source=terra&utm_medium=pulldown&utm_campaign=antivirus&utm_content=novopulldown&utm_term=para20voce20pos201&cdConvenio=CVTR00001820
Title: Antivírus

Search URL Search Domain Scan URL

URL: https://servicos.terra.com.br/assistencia-tecnica/?utm_source=terra&utm_medium=pulldown&utm_campaign=assistencia&utm_content=novopulldown&utm_term=para20voce20pos205&cdConvenio=CVTR00001820
Title: Assistência

Search URL Search Domain Scan URL

URL: https://servicos.terra.com.br/backup/?utm_source=terra&utm_medium=pulldown&utm_campaign=backup&utm_content=novopulldown&utm_term=para20voce20pos206&cdConvenio=CVTR00001820
Title: Backup

Search URL Search Domain Scan URL

URL: https://servicos.terra.com.br/revistas-goread/?utm_source=terra&utm_medium=pulldown&utm_campaign=revistas20go20read&utm_content=novopulldown&utm_term=para20voce20pos207&cdConvenio=CVTR00001820
Title: Revistas Goread

Search URL Search Domain Scan URL

URL: https://servicos.terra.com.br/musica-napster/promo/em-casa/?utm_source=terra&utm_medium=pulldown&utm_campaign=musica20by20napster&utm_content=novopulldown&utm_term=para20voce20pos208&cdConvenio=CVTR00001820
Title: Música by Napster

Search URL Search Domain Scan URL

URL: https://www.terrafibra.com.br/?utm_source=terra&utm_medium=barra20ds&utm_campaign=terra20fibra&utm_content=novopulldown&utm_term=para20voce20pos209&cdConvenio=CVTR00001820
Title: Terra Fibra

Search URL Search Domain Scan URL

URL: https://www.terraempresas.com.br/

Search URL Search Domain Scan URL

URL: https://www.terraempresas.com.br/construtor-sites/promo/super-oferta/?utm_source=terra&utm_medium=pulldown&utm_campaign=construtor20de20sites&utm_content=novopulldown&utm_term=para20sua20empresa20pos201&cdConvenio=CVTR00001820
Title: Construtor de Sites

Search URL Search Domain Scan URL

URL: https://terraempresas.com.br/construtor-sites/promo/terra-faz-para-voce/?utm_source=&utm_medium=pulldown&utm_campaign=site20pronto&utm_content=novopulldown&utm_term=para20sua20empresa20pos202&cdConvenio=CVTR00001820
Title: Site Pronto | O Terra faz pra você

Search URL Search Domain Scan URL

URL: https://www.terraempresas.com.br/loja-virtual/promo/super-oferta/?utm_source=terra&utm_medium=pulldown&utm_campaign=loja20virtual&utm_content=novopulldown&utm_term=para20sua20empresa20pos203&cdConvenio=CVTR00001820
Title: Loja Virtual

Search URL Search Domain Scan URL

URL: https://www.terraempresas.com.br/loja-virtual/promo/terra-faz-para-voce/?utm_source=terra&utm_medium=pulldown&utm_campaign=loja20pronta&utm_content=novopulldown&utm_term=para20sua20empresa20pos204&cdConvenio=CVTR00001820
Title: Loja Pronta | O Terra faz pra você

Search URL Search Domain Scan URL

URL: https://www.terraempresas.com.br/dominio/?utm_source=terra&utm_medium=pulldown&utm_campaign=dominio&utm_content=novopulldown&utm_term=para20sua20empresa20pos205&cdConvenio=CVTR00001820
Title: Domínio

Search URL Search Domain Scan URL

URL: https://www.terraempresas.com.br/hospedagem-site/?utm_source=terra&utm_medium=pulldown&utm_campaign=hospedagem20de20sites&utm_content=novopulldown&utm_term=para20sua20empresa20pos206&cdConvenio=CVTR00001820
Title: Hospedagem de Sites

Search URL Search Domain Scan URL

URL: https://www.terraempresas.com.br/email-profissional/?utm_source=terra&utm_medium=pulldown&utm_campaign=e-mail20profissional&utm_content=novopulldown&utm_term=para20sua20empresa20pos207&cdConvenio=CVTR00001820
Title: E-mail Profissional

Search URL Search Domain Scan URL

URL: https://webmail.terraempresas.com.br/
Title: Acesse seu-email profissional

Search URL Search Domain Scan URL

URL: https://www.terraempresas.com.br/seguranca-digital/?utm_source=terra&utm_medium=pulldown&utm_campaign=antivirus&utm_content=novopulldown&utm_term=para20sua20empresa20pos208&cdConvenio=CVTR00001820
Title: Antivírus

Search URL Search Domain Scan URL

URL: https://www.terraempresas.com.br/terra-ads/?utm_source=terra&utm_medium=pulldown&utm_campaign=terra20ads&utm_content=novopulldown&utm_term=para20sua20empresa20pos209&cdConvenio=CVTR00001820
Title: Terra Ads

Search URL Search Domain Scan URL

URL: https://www.vivo.com.br/

Search URL Search Domain Scan URL

URL: https://appstore.vivo.com.br/sc/br/vivostore
Title: Conheça os apps da Vivo

Search URL Search Domain Scan URL

URL: https://www.loja.vivo.com.br/
Title: Celulares e acessórios

Search URL Search Domain Scan URL

URL: https://www.vivomoney.com.br/
Title: Vivo Money

Search URL Search Domain Scan URL

URL: https://www.vivogestaodeequipe.com.br/Site
Title: Vivo Gestão de Equipes

Search URL Search Domain Scan URL

URL: https://www.vivo.com.br/para-empresas/produtos-e-servicos/digitais/iot
Title: Vivo M2M | IOT

Search URL Search Domain Scan URL

URL: https://www.vivoplataformadigital.com.br/cms/pt
Title: Vivo Cloud

Search URL Search Domain Scan URL

URL: https://central.terra.com.br/?utm_source=terra&utm_medium=pulldown&utm_campaign=central20do20assinante&utm_content=novopulldown&cdConvenio=CVTR00001820
Title: Central do Assinante

Search URL Search Domain Scan URL

URL: https://central.terra.com.br/boleto-simplificado
Title: 2º via de boleto

Search URL Search Domain Scan URL

URL: https://duvidas.terra.com.br/
Title: Perguntas Frequentes

Search URL Search Domain Scan URL

URL: https://servicos.terra.com.br/tutoriais
Title: Tutoriais

Search URL Search Domain Scan URL

URL: https://central.terra.com.br/atendimento
Title: Fale com o Terra

Search URL Search Domain Scan URL

URL: https://www.terraempresas.com.br/blog/?utm_source=terra&utm_medium=pulldown&utm_campaign=blog20terra20empresas&utm_content=banner_novopulldown&cdConvenio=CVTR00001820

Search URL Search Domain Scan URL

URL: https://www.terraempresas.com.br/construtor-sites/promo/super-oferta/?utm_source=terra&utm_medium=barra%20ds&utm_campaign=construtor%20de%20sites&utm_content=construtor%20de%20sites&utm_term=cabeceira%20pos%201&cdConvenio=CVTR00001907
Title: Construtor de Sites

Search URL Search Domain Scan URL

URL: https://servicos.terra.com.br/mail-gigante/?utm_source=terra&utm_medium=barra%20ds&utm_campaign=mail%20gigante&utm_content=mail%20gigante&utm_term=cabeceira%20pos%202&cdConvenio=CVTR00001907
Title: Mail Gigante

Search URL Search Domain Scan URL

URL: https://www.terraempresas.com.br/loja-virtual/promo/super-oferta/?utm_source=terra&utm_medium=barra%20ds&utm_campaign=loja%20virtual&utm_content=loja%20virtual&utm_term=cabeceira%20pos%203&cdConvenio=CVTR00001907
Title: Loja Virtual

Search URL Search Domain Scan URL

URL: https://servicos.terra.com.br/cursos-online/promo/super-oferta/?utm_source=terra&utm_medium=barra%20ds&utm_campaign=cursos%20online&utm_content=cursos%20online&utm_term=cabeceira%20pos%204&cdConvenio=CVTR00001907
Title: Cursos Online

Search URL Search Domain Scan URL

URL: https://servicos.terra.com.br/antivirus/promo/super-oferta/?utm_source=terra&utm_medium=barra%20ds&utm_campaign=antivirus&utm_content=antivirus&utm_term=cabeceira%20pos%205&cdConvenio=CVTR00001907
Title: Antivírus

Search URL Search Domain Scan URL

URL: https://servicos.terra.com.br/curso-de-ingles/?utm_source=terra&utm_medium=barra%20ds&utm_campaign=curso%20de%20ingles&utm_content=curso%20de%20ingles&utm_term=cabeceira%20pos%206&cdConvenio=CVTR00001907
Title: Curso de Inglês

Search URL Search Domain Scan URL

URL: https://www.terraempresas.com.br/hospedagem-site/?utm_source=terra&utm_medium=barra%20ds&utm_campaign=hospedagem%20de%20sites&utm_content=hospedagem%20de%20sites&utm_term=cabeceira%20pos%207&cdConvenio=CVTR00001907
Title: Hospedagem de Sites

Search URL Search Domain Scan URL

URL: https://www.terraempresas.com.br/email-profissional/?utm_source=terra&utm_medium=barra%20ds&utm_campaign=e-mail%20profissional&utm_content=e-mail%20profissional&utm_term=cabeceira%20pos%207&cdConvenio=CVTR00001907
Title: E-mail Profissional

Search URL Search Domain Scan URL

URL: https://servicos.terra.com.br/assistencia-tecnica/promo/dia-a-dia/?utm_source=terra&utm_medium=barra%20ds&utm_campaign=assistencia&utm_content=assistencia&utm_term=cabeceira%20pos%209&cdConvenio=CVTR00001907
Title: Assistência

Search URL Search Domain Scan URL

URL: https://www.terraempresas.com.br/terra-ads/?utm_source=terra&utm_medium=barra%20ds&utm_campaign=terra%20ads&utm_content=terra%20ads&utm_term=cabeceira%20pos%208&cdConvenio=CVTR00001907
Title: Terra Ads

Search URL Search Domain Scan URL

URL: https://servicos.terra.com.br/musica-napster/promo/milhoes-de-musicas/?utm_source=terra&utm_medium=barra%20ds&utm_campaign=terra%20musica&utm_content=terra%20musica&utm_term=cabeceira%20pos%2011&cdConvenio=CVTR00001907
Title: Terra Música

Search URL Search Domain Scan URL

URL: https://www.terraempresas.com.br/dominio/?utm_source=terra&utm_medium=barra%20ds&utm_campaign=dominio&utm_content=dominio&utm_term=cabeceira%20pos%2012&cdConvenio=CVTR00001907
Title: Domínio

Search URL Search Domain Scan URL

URL: https://servicos.terra.com.br/revistas-goread/?utm_source=terra&utm_medium=barra%20ds&utm_campaign=revistas%20go%20read&utm_content=revistas%20go%20read&utm_term=cabeceira%20pos%2013&cdConvenio=CVTR00001907
Title: Revistas - GoRead

Search URL Search Domain Scan URL

URL: https://servicos.terra.com.br/backup/promo/promocao-1tb/?utm_source=terra&utm_medium=barra%20ds&utm_campaign=backup%20pf&utm_content=backup%20pf&utm_term=cabeceira%20pos%2014&cdConvenio=CVTR00001907
Title: Backup

Search URL Search Domain Scan URL

URL: https://servicos.terra.com.br/mail-gigante/?utm_source=terra&utm_medium=barra%20ds&utm_campaign=mail%20gigante&utm_content=banner%20barra%20ds&utm_term=display&cdConvenio=CVTR00001907

Search URL Search Domain Scan URL

URL: https://servicos.terra.com.br/?utm_source=terra&utm_medium=terra%20mail&utm_campaign=terra%20servicos&utm_content=assine&utm_term=desktop&cdConvenio=CVTR00001824
Title: Assine

Search URL Search Domain Scan URL

URL: https://servicos.terra.com.br/?utm_source=terra-mail&utm_medium=espaco-fixo&utm_campaign=link&utm_content=pg&utm_term=servicos-terra&cdConvenio=CVTR00001824
Title: Serviços Terra

Search URL Search Domain Scan URL

URL: https://central.terra.com.br/login?/?utm_source=terra-mail&utm_medium=espaco-fixo&utm_campaign=link_terra-mail&utm_content=pg&utm_term=central-do-assinante&cdConvenio=CVTR00001824
Title: Central do assinante

Search URL Search Domain Scan URL

URL: https://duvidas.terra.com.br/produtos/frequente/31/terra-mail/
Title: Ajuda

Search URL Search Domain Scan URL

URL: https://www.terra.com.br/avisolegal/terra-mail-gigante/
Title: Condições de uso

Search URL Search Domain Scan URL

URL: https://central.terra.com.br/esqueci-minha-senha
Title: Esqueci minha senha

Search URL Search Domain Scan URL

URL: https://duvidas.terra.com.br/duvidas/2197/qual-o-tempo-de-armazenamento-das-mensagens/
Title: Clique e confira o tempo para cada pasta »

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j41&tid=UA-54936151-1&cid=510511142.1689793407&jid=1374489543&_u=CGAAgEABG~&z=83932902 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-54936151-1&cid=510511142.1689793407&jid=1374489543&_v=j41&z=83932902 HTTP 302
https://www.google.co.jp/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-54936151-1&cid=510511142.1689793407&jid=1374489543&_v=j41&z=83932902&slf_rd=1&random=3869782284

Request Chain 31

https://sb.scorecardresearch.com/b?c1=2&c2=3000033&ns__t=1689793407187&ns_c=UTF-8&c8=Terra%20Mail&c7=https%3A%2F%2Fprod.d3teuengp8kzf1.amplifyapp.com%2F%3Fgclid%3DEAIaIQobChMIuY62pPWYgAMVb1hIAB02JQdoEAAYASAAEgKxx_D_BwE&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=3000033&ns__t=1689793407187&ns_c=UTF-8&c8=Terra%20Mail&c7=https%3A%2F%2Fprod.d3teuengp8kzf1.amplifyapp.com%2F%3Fgclid%3DEAIaIQobChMIuY62pPWYgAMVb1hIAB02JQdoEAAYASAAEgKxx_D_BwE&c9=

Request Chain 35

https://gum.criteo.com/sid/json?origin=publishertag&domain=terra.com.br&sn=ChromeSyncframe&so=3&topUrl=mail.terra.com.br&bundle=AANbCV9TUHZCOHRnTDdMQzMyQVdZd0VOTHNxYVJlJTJGRXlsVDM0JTJCMnlpOUhyWTJWVzRBRVU3OTY2QldsJTJGWE9tJTJGWk9qTU5BZTZJSldINlBTNjBCOWluVDZFZ0dVa2s2WWtXWk4xYU9Hc0x1dVklMkZEWHZHdkdiNkx0QWZiM1BTOXh3ejd3eEI4RGQlMkIwTUNjQlp3QUx0MnF5RDE5b1ElM0QlM0Q&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=cmEGvnx0K1hMK29uUlhVdWFRYk9pbm5raXdEMjdnV1UyVHlnaHJ3UG44TjZXWlpzQTRJTXZicTMrVGZ5TURINkkwUnV4dHpsSmhlbFVuQmJyVHUrRGdOM3BIZWZDbEhNN3g2QktNMEE3cUJaRkhpT0pUVy9WNHVJRFdDRFIzQVNacndxaUVITHYrUVcyUm15aHl6VEY5TEFOWHl4K3JkSGxlTnZHNWcvZmdlNVU2ZFpzY1hCRHhMcXl6MVVVTGdVbmcyeGVmTGg0NzBwRFFzdzRyM3lYZzA0djRmK2RraXRjdGdieGFCZHJxbTBXVnB1a2FYNE9PWTdOcWh6UHRrMFZaVHM4MGJUUUlGdjNoUmt3OXF4YTMwWW1wVURHQzJ4c2ZKMFJKbzlQTEN4eCtlOD18&cppv=2

74 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
prod.d3teuengp8kzf1.amplifyapp.com/ 79 KB
11 KB 234ms
222ms Document
text/html 13.227.62.85
AMAZON-02

General

Domain/Path	Expires	Name / Value
.amplifyapp.com/	1969-12-31 23:59:59	Name: gvo Value: https%3A%2F%2Fprod.d3teuengp8kzf1.amplifyapp.com%2F%3Fgclid%3Deaiaiqobchmiuy62ppwygamvb1hiab02jqdoeaayasaaegkxx_d_bwe%7C
.amplifyapp.com/	1970-01-20 22:59:13	Name: _ga Value: GA1.2.510511142.1689793407
.amplifyapp.com/	1970-01-20 13:23:14	Name: _gat Value: 1
.criteo.com/	1970-01-20 22:44:49	Name: uid Value: 79743230-4000-44e0-a47f-421886221aa4
.scorecardresearch.com/	1970-01-20 22:59:13	Name: UID Value: 15B147b73dee02fd3e741c61689793407
prod.d3teuengp8kzf1.amplifyapp.com/	1970-01-20 13:23:15	Name: tt_c_vmt Value: 1689793408
prod.d3teuengp8kzf1.amplifyapp.com/	1970-01-20 13:23:15	Name: tt_c_c Value: direct
prod.d3teuengp8kzf1.amplifyapp.com/	1970-01-20 13:23:15	Name: tt_c_s Value: direct
prod.d3teuengp8kzf1.amplifyapp.com/	1970-01-20 13:23:15	Name: tt_c_m Value: direct
prod.d3teuengp8kzf1.amplifyapp.com/	1970-01-20 22:59:13	Name: _ttuu.s Value: 1689793408477
.tt-10969-0.seg.t.tailtarget.com/	1970-01-20 14:06:25	Name: trk Value: xFt8p5z7xq3XNtnckTOfDXPM2nTqFHDvK22AfFXVwvaGUF3g4FnGUksaf+rtohnnRSck4I1OkG8smHuDNPAVtQ==
.t.tailtarget.com/	1970-01-20 13:26:06	Name: _ssc Value: y
.t.tailtarget.com/	1970-01-20 22:08:49	Name: u Value: fwAAAWS4M4AsmwbLDQDrAgB=
prod.d3teuengp8kzf1.amplifyapp.com/	1970-01-20 22:08:49	Name: tt.u Value: 0100007F8033B864CB069B2C02EB000D
.t.tailtarget.com/	1970-01-20 14:06:25	Name: ttbprf Value: _tokyo_tokyo_jp_1689793408809_3649764548
.t.tailtarget.com/	1970-01-20 13:23:15	Name: ttc Value: 1
.t.tailtarget.com/	1970-01-20 14:06:25	Name: ttnprf Value:
prod.d3teuengp8kzf1.amplifyapp.com/	1970-01-20 13:24:39	Name: tt.nprf Value:
.tt-10969-0.seg.t.tailtarget.com/	1970-01-20 13:23:17	Name: ttca Value: CA6935,CA4723,CA4729_1689793409
.t.tailtarget.com/	1970-01-20 14:06:25	Name: n Value: 1689793409

Source	Level	URL Text
javascript	warning	URL: https://p1.trrsf.com/cengine/igniter/script?s=navbar&r=ad&r=breadcrumb&r=breakingNews&r=cookie-message&r=footer&r=navbar-email&r=search&r=ticker&r=socialpanel&r=shortcuts&r=under18-message&rs=email&p=fixed Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://s1.trrsf.com/update-1689084606/fe/zaz-cerebro/prd/scripts/zaz.inline.min.js?standalone=true, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://p1.trrsf.com/cengine/igniter/script?s=navbar&r=ad&r=breadcrumb&r=breakingNews&r=cookie-message&r=footer&r=navbar-email&r=search&r=ticker&r=socialpanel&r=shortcuts&r=under18-message&rs=email&p=fixed Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://s1.trrsf.com/update-1689084606/fe/zaz-cerebro/prd/scripts/zaz.inline.min.js?standalone=true, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://s1.trrsf.com.br/metrics/js/br/content.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://s1.trrsf.com/metrics/inc/br/202203110000a.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://s1.trrsf.com.br/metrics/js/br/content.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://s1.trrsf.com/metrics/inc/br/202203110000a.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

prod.d3teuengp8kzf1.amplifyapp.com Open in urlscan Pro 13.227.62.85 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

74 Requests

96 %HTTPS

59 %IPv6

13 Domains

21 Subdomains

16 IPs

5 Countries

805 kBTransfer

2070 kBSize

20 Cookies

60 Outgoing links

Redirected requests

74 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

prod.d3teuengp8kzf1.amplifyapp.com Open in urlscan Pro
13.227.62.85 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

74
Requests

96 %
HTTPS

59 %
IPv6

13
Domains

21
Subdomains

16
IPs

5
Countries

805 kB
Transfer

2070 kB
Size

20
Cookies

74 HTTP transactions
0 data transactions