magazine-fatura-aqui.com
Open in
urlscan Pro
2a06:98c1:3120::11
Malicious Activity!
Public Scan
Submission: On May 04 via api from CH — Scanned from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 28th 2022. Valid for: a year.
This is the only time magazine-fatura-aqui.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Magazine Luiza (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
11 | 2a06:98c1:312... 2a06:98c1:3120::11 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:80f::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2606:4700::68... 2606:4700::6812:1634 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
13 | 3 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
magazine-fatura-aqui.com
magazine-fatura-aqui.com |
98 KB |
1 |
fontawesome.com
pro.fontawesome.com — Cisco Umbrella Rank: 9585 |
29 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 111 |
1 KB |
13 | 3 |
Domain | Requested by | |
---|---|---|
11 | magazine-fatura-aqui.com |
magazine-fatura-aqui.com
|
1 | pro.fontawesome.com |
magazine-fatura-aqui.com
|
1 | fonts.googleapis.com |
magazine-fatura-aqui.com
|
13 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-04-28 - 2023-04-28 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-04-18 - 2022-07-11 |
3 months | crt.sh |
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-12-01 - 2023-01-01 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://magazine-fatura-aqui.com/
Frame ID: 79D795DCB31BFFA3B1EA6780086A46B9
Requests: 13 HTTP requests in this frame
Screenshot
Page Title
Consulte sua Fatura | Cartão Magazine LuizaDetected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
magazine-fatura-aqui.com/ |
7 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.css
pro.fontawesome.com/releases/v5.10.0/css/ |
153 KB 29 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
magazine-fatura-aqui.com/assets/jquery/ |
87 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
magazine-fatura-aqui.com/assets/bootstrap/ |
160 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.bundle.min.js
magazine-fatura-aqui.com/assets/bootstrap/ |
76 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-mask.min.js
magazine-fatura-aqui.com/assets/jquery-mask/ |
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
magazine-fatura-aqui.com/assets/site/ |
1 KB 785 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
regex.js
magazine-fatura-aqui.com/assets/site/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
form1.js
magazine-fatura-aqui.com/assets/site/ |
1 KB 900 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
form2.js
magazine-fatura-aqui.com/assets/site/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
form3.js
magazine-fatura-aqui.com/assets/site/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo.webp
magazine-fatura-aqui.com/assets/img/ |
5 KB 6 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Magazine Luiza (Consumer)11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails function| $ function| jQuery number| uidEvent object| bootstrap object| $jscomp function| cnpjValido function| cpfValido1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
magazine-fatura-aqui.com/ | Name: PHPSESSID Value: 5b7e44cb83648e08a61dd3c7bbccf582 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fonts.googleapis.com
magazine-fatura-aqui.com
pro.fontawesome.com
2606:4700::6812:1634
2a00:1450:4001:80f::200a
2a06:98c1:3120::11
237e83161bfe098cbefdb3ed2ec69d4a7f2ce17a24f7caa14d9f0ae5dc0a8291
2af905d92cfd34b5413126a54f639da408166cbbcb54318e413ad5e10b5bf6ec
85776761fc3f8e51f3a2261acd0aaa58126da8e453b40d054c7f2b06802f9751
89ff1a8881cd5bfc7e088826fe3a771c916650fc4cdb2206ed518f5ab52775d9
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
91059ccdd65c1496d764f84ece42376760652ea7c734fe0c0dd0b086c91ce6ef
9cdefdd60f3a54f502a19cd05895b2c39dac61b4e962a48617663e973542d782
acef7fb243dc55afc0ea7c3a3ada10f3716d76ac12e1174206b87a64079f1bc4
cd9d6b894dfbe81bbe09e59774a6733aac5b73a946759bb9f740cde4203c166a
ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127
f7a2c9642c79420b65ae92be55110bcd2ab622fcb7ffafca9623009091ac9f16
fb1ead53c1e06838b34b62b147b7c1917aa5758241ea10c2d3ef3b7502e17f87