www777.magalu-melhores-desse-ano.com
Open in
urlscan Pro
34.68.252.225
Malicious Activity!
Public Scan
Submission Tags: 6457839
Submission: On March 19 via api from NL
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on March 18th 2020. Valid for: 3 months.
This is the only time www777.magalu-melhores-desse-ano.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Magazine Luiza (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
5 | 34.68.252.225 34.68.252.225 | 15169 (GOOGLE) (GOOGLE) | |
1 | 99.86.3.44 99.86.3.44 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2a00:1450:400... 2a00:1450:4001:81b::2001 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:816::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 2606:4700::68... 2606:4700::6811:4004 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 2a00:1450:400... 2a00:1450:4001:814::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:81f::200e | 15169 (GOOGLE) (GOOGLE) | |
1 | 34.102.248.206 34.102.248.206 | 15169 (GOOGLE) (GOOGLE) | |
16 | 8 |
ASN15169 (GOOGLE, US)
PTR: 225.252.68.34.bc.googleusercontent.com
www777.magalu-melhores-desse-ano.com |
ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-44.fra6.r.cloudfront.net
di448620c5wng.cloudfront.net |
ASN15169 (GOOGLE, US)
PTR: 206.248.102.34.bc.googleusercontent.com
a-static.mlcdn.com.br |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
magalu-melhores-desse-ano.com
www777.magalu-melhores-desse-ano.com |
66 KB |
3 |
gstatic.com
fonts.gstatic.com |
33 KB |
2 |
cloudflare.com
cdnjs.cloudflare.com |
82 KB |
2 |
ampproject.org
cdn.ampproject.org |
78 KB |
1 |
mlcdn.com.br
a-static.mlcdn.com.br |
12 KB |
1 |
youtube.com
www.youtube.com |
|
1 |
googleapis.com
fonts.googleapis.com |
827 B |
1 |
cloudfront.net
di448620c5wng.cloudfront.net |
12 KB |
16 | 8 |
Domain | Requested by | |
---|---|---|
5 | www777.magalu-melhores-desse-ano.com |
www777.magalu-melhores-desse-ano.com
|
3 | fonts.gstatic.com |
www777.magalu-melhores-desse-ano.com
cdn.ampproject.org |
2 | cdnjs.cloudflare.com |
www777.magalu-melhores-desse-ano.com
cdn.ampproject.org |
2 | cdn.ampproject.org |
www777.magalu-melhores-desse-ano.com
|
1 | a-static.mlcdn.com.br |
www777.magalu-melhores-desse-ano.com
|
1 | www.youtube.com |
www777.magalu-melhores-desse-ano.com
|
1 | fonts.googleapis.com |
www777.magalu-melhores-desse-ano.com
|
1 | di448620c5wng.cloudfront.net |
www777.magalu-melhores-desse-ano.com
|
16 | 8 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.magazineluiza.com.br |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www222.magalu-melhores-desse-ano.com Let's Encrypt Authority X3 |
2020-03-18 - 2020-06-16 |
3 months | crt.sh |
*.cloudfront.net DigiCert Global CA G2 |
2019-07-17 - 2020-07-05 |
a year | crt.sh |
misc-sni.google.com GTS CA 1O1 |
2020-03-03 - 2020-05-26 |
3 months | crt.sh |
*.storage.googleapis.com GTS CA 1O1 |
2020-02-25 - 2020-05-19 |
3 months | crt.sh |
cloudflare.com CloudFlare Inc ECC CA-2 |
2020-01-07 - 2020-10-09 |
9 months | crt.sh |
*.google.com GTS CA 1O1 |
2020-03-03 - 2020-05-26 |
3 months | crt.sh |
*.mlcdn.com.br COMODO RSA Domain Validation Secure Server CA |
2018-10-03 - 2020-12-01 |
2 years | crt.sh |
This page contains 2 frames:
Primary Page:
https://www777.magalu-melhores-desse-ano.com/DESCONTOESPECIALDEOFERTA6796194/?id=1&titulo=Ar-Condicionado-Split-Hi-Wall-LG-DUAL-Inverter-Voice-12000-BTUs-Frio-S4Q12JA31C-220V&dist=mobile
Frame ID: 5742541D9C1AB255EC01A704D3C4DF72
Requests: 15 HTTP requests in this frame
Frame:
https://www.youtube.com/embed/watch?v=tZ58Vvb04QQ?hl=pt
Frame ID: 63C8A7B56DBBA9A330643A467C5DF2F3
Requests: 1 HTTP requests in this frame
1 Outgoing links
These are links going to different origins than the main page.
Title: www.magazineluiza.com.br/formulariocontato
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
16 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
www777.magalu-melhores-desse-ano.com/DESCONTOESPECIALDEOFERTA6796194/ |
100 KB 22 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
owl.carousel.min.css
www777.magalu-melhores-desse-ano.com/dist/mobile/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
owl.theme.default.min.css
www777.magalu-melhores-desse-ano.com/dist/mobile/ |
1013 B 814 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mrblue-e67a6a1de5aabd79c440378049e3bedd.css
di448620c5wng.cloudfront.net/assets/ |
65 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v0.js
cdn.ampproject.org/ |
253 KB 70 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ |
25 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
www777.magalu-melhores-desse-ano.com/dist/mobile/ |
85 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
owl.carousel.min.js
www777.magalu-melhores-desse-ano.com/dist/mobile/ |
43 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
7 KB 827 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
watch
www.youtube.com/embed/ Frame 63C8 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ |
75 KB 76 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
26b1184ed52194c93fd6bb9ab4d4f9a2.jpg
a-static.mlcdn.com.br/618x463/ar-condicionado-split-hi-wall-lg-dual-inverter-voice-12000-btus-frio-s4q12ja31c-220v/dufrio/100245390/ |
12 KB 12 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Magazine Luiza (Consumer)19 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| AMP object| global object| AMP_CONFIG object| __AMP_LOG object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP__EXPERIMENT_TOGGLES object| __AMP_URL_CACHE boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS function| $ function| jQuery function| CalFrete3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.youtube.com/ | Name: GPS Value: 1 |
|
.youtube.com/ | Name: YSC Value: gv69NUSaTLM |
|
.youtube.com/ | Name: VISITOR_INFO1_LIVE Value: A-8F9y5xmIc |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
a-static.mlcdn.com.br
cdn.ampproject.org
cdnjs.cloudflare.com
di448620c5wng.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
www.youtube.com
www777.magalu-melhores-desse-ano.com
2606:4700::6811:4004
2a00:1450:4001:814::2003
2a00:1450:4001:816::200a
2a00:1450:4001:81b::2001
2a00:1450:4001:81f::200e
34.102.248.206
34.68.252.225
99.86.3.44
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b72307d750ade867afa5001de449b0f67bd1ad34ada8988d4c806a5901571cb
924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
9b06809fbe3c84f6034352215ef1ea0e81a57c5f96055eedfd53f83170891abf
a000d9d010b3e2a32b6afacc78148a546133da12fe7e637239c2c058481259d4
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
b6ba21119ffb0001f7dd209ea678788ae14a6c386e6bed811502d4314aa66a4a
c440202e375ffbcd9f17ec0063f79c80839d6f069d93b620906644080839d2fc
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
d3838febe02ee1538a1336ac01f452a6fe7682106cd21b46cda9c40092c8e3aa