clube-lulu-montana.com
Open in
urlscan Pro
2606:4700:3037::ac43:db51
Malicious Activity!
Public Scan
Submission: On April 30 via api from CH — Scanned from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 26th 2022. Valid for: a year.
This is the only time clube-lulu-montana.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Magazine Luiza (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
11 | 2606:4700:303... 2606:4700:3037::ac43:db51 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 104.75.88.118 104.75.88.118 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
1 | 2a00:1450:400... 2a00:1450:4001:803::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a02:26f0:170... 2a02:26f0:1700:391::11a6 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2a02:26f0:ef:... 2a02:26f0:ef:288::11a6 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
24 | 6 |
ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-118.deploy.static.akamaitechnologies.com
www.itau.com.br |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
clube-lulu-montana.com
clube-lulu-montana.com |
662 KB |
2 |
go-mpulse.net
s.go-mpulse.net — Cisco Umbrella Rank: 1210 c.go-mpulse.net — Cisco Umbrella Rank: 530 |
51 KB |
1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 278 |
30 KB |
1 |
itau.com.br
www.itau.com.br — Cisco Umbrella Rank: 25287 Failed |
6 KB |
24 | 4 |
Domain | Requested by | |
---|---|---|
11 | clube-lulu-montana.com |
clube-lulu-montana.com
|
1 | c.go-mpulse.net |
s.go-mpulse.net
|
1 | s.go-mpulse.net |
clube-lulu-montana.com
|
1 | ajax.googleapis.com |
clube-lulu-montana.com
|
1 | www.itau.com.br |
clube-lulu-montana.com
|
24 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-04-26 - 2023-04-25 |
a year | crt.sh |
www.itau.com.br DigiCert SHA2 Extended Validation Server CA |
2020-03-12 - 2022-06-11 |
2 years | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-04-11 - 2022-07-04 |
3 months | crt.sh |
akstat.io DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-04-15 - 2023-04-19 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://clube-lulu-montana.com/
Frame ID: 8ABF365159700C4B2C505F28F59DB17D
Requests: 24 HTTP requests in this frame
Screenshot
Page Title
Consulte sua Fatura | Cartão Magazine LuizaDetected technologies
Adobe Experience Manager (CMS) ExpandDetected patterns
- <div class="[^"]*aem-Grid
- /etc\.clientlibs/
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
24 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
clube-lulu-montana.com/ |
40 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
importLibJSFrameworkDA8166.js
clube-lulu-montana.com/www.itau.com.br/_arquivosestaticos/Itau/defaultTheme/js/da/framework/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
frameworkDA8166.js
clube-lulu-montana.com/www.itau.com.br/_arquivosestaticos/Itau/defaultTheme/js/da/framework/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clientlib-base.min.51b8a224aa8c5e5101bb0ec667ba1e77.css
clube-lulu-montana.com/www.itau.com.br/etc.clientlibs/sharedcomponents/clientlibs/ |
625 KB 73 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clientlib-base.min.2b40b1b39f98cea329b75ac4733abdbf.css
clube-lulu-montana.com/www.itau.com.br/etc.clientlibs/itau/clientlibs/ |
1 MB 136 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ItauText_Rg.woff2
www.itau.com.br/etc.clientlibs/itau/clientlibs/clientlib-base/resources/fonts/ItauText/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ItauText_Bd.woff2
www.itau.com.br/etc.clientlibs/itau/clientlibs/clientlib-base/resources/fonts/ItauText/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
itaudisplay_rg-webfont.woff2
www.itau.com.br/etc.clientlibs/itau/clientlibs/clientlib-base/resources/fonts/ItauDisplay/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ItauText_Rg.woff2
www.itau.com.br/etc.clientlibs/sharedcomponents/clientlibs/clientlib-base/resources/fonts/ItauText/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
itaudisplay_lt-webfont.woff2
www.itau.com.br/etc.clientlibs/itau/clientlibs/clientlib-base/resources/fonts/ItauDisplay/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
itaudisplay_xbd-webfont.woff2
www.itau.com.br/etc.clientlibs/itau/clientlibs/clientlib-base/resources/fonts/ItauDisplay/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
itaudisplay_bd-webfont.woff2
www.itau.com.br/etc.clientlibs/itau/clientlibs/clientlib-base/resources/fonts/ItauDisplay/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ItauText_Lt.woff2
www.itau.com.br/etc.clientlibs/itau/clientlibs/clientlib-base/resources/fonts/ItauText/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
itaufonts_master_24px_v44.woff
www.itau.com.br/etc.clientlibs/itau/clientlibs/clientlib-base/resources/fonts/itaufonts_master_24px_v44/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
magalu-logo.png
www.itau.com.br/content/dam/itau/cartoes/magalu/ |
5 KB 6 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
clientlib-base.min.9a4356cb47e7c63947459a99a47af102.js
clube-lulu-montana.com/www.itau.com.br/etc.clientlibs/sharedcomponents/clientlibs/ |
630 KB 163 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
csrf.min.652a558c3774088b61b0530c184710d1.js
clube-lulu-montana.com/www.itau.com.br/etc.clientlibs/clientlibs/granite/jquery/granite/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
clientlib-base.min.9c7dbd8d3858cb76c49b487bde47553e.js
clube-lulu-montana.com/www.itau.com.br/etc.clientlibs/itau/clientlibs/ |
1 MB 236 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ |
85 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.mask.min.js
clube-lulu-montana.com/ |
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7Z28Y-PBMV2-FAMJ9-MJLW3-HPSMD
s.go-mpulse.net/boomerang/ |
202 KB 51 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ItauText_Rg.html
clube-lulu-montana.com/www.itau.com.br/etc.clientlibs/itau/clientlibs/clientlib-base/resources/fonts/ItauText/ |
17 KB 18 KB |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
itaudisplay_rg-webfont.html
clube-lulu-montana.com/www.itau.com.br/etc.clientlibs/itau/clientlibs/clientlib-base/resources/fonts/ItauDisplay/ |
20 KB 20 KB |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
config.json
c.go-mpulse.net/api/ |
51 B 323 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.itau.com.br
- URL
- https://www.itau.com.br/etc.clientlibs/itau/clientlibs/clientlib-base/resources/fonts/ItauText/ItauText_Rg.woff2
- Domain
- www.itau.com.br
- URL
- https://www.itau.com.br/etc.clientlibs/itau/clientlibs/clientlib-base/resources/fonts/ItauText/ItauText_Bd.woff2
- Domain
- www.itau.com.br
- URL
- https://www.itau.com.br/etc.clientlibs/itau/clientlibs/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_rg-webfont.woff2
- Domain
- www.itau.com.br
- URL
- https://www.itau.com.br/etc.clientlibs/sharedcomponents/clientlibs/clientlib-base/resources/fonts/ItauText/ItauText_Rg.woff2
- Domain
- www.itau.com.br
- URL
- https://www.itau.com.br/etc.clientlibs/itau/clientlibs/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_lt-webfont.woff2
- Domain
- www.itau.com.br
- URL
- https://www.itau.com.br/etc.clientlibs/itau/clientlibs/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_xbd-webfont.woff2
- Domain
- www.itau.com.br
- URL
- https://www.itau.com.br/etc.clientlibs/itau/clientlibs/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_bd-webfont.woff2
- Domain
- www.itau.com.br
- URL
- https://www.itau.com.br/etc.clientlibs/itau/clientlibs/clientlib-base/resources/fonts/ItauText/ItauText_Lt.woff2
- Domain
- www.itau.com.br
- URL
- https://www.itau.com.br/etc.clientlibs/itau/clientlibs/clientlib-base/resources/fonts/itaufonts_master_24px_v44/itaufonts_master_24px_v44.woff
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Magazine Luiza (Consumer)301 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails object| dataLayer string| _containerGTM function| dataLayerBuilderToAdobeAudienceManager function| dataLayerBuilderToAudienceRequest function| readCookie object| _Dil object| DIL function| handler function| ready object| _satellite object| _frameworkDA object| BOOMR_mq string| BOOMR_API_key object| BOOMR string| htm2 function| carouselNavigation function| openInputs function| itauFormError undefined| isSafari undefined| isMac undefined| isBreakPoint function| setCookie function| getCookie function| isTextInputValid function| isNameValid function| isEmailValid function| isCPFValid function| stripString function| PascalCase function| setAnalyticsData function| setMinHeight function| moneyFormat function| focusElementOnScroll undefined| primaryStatus undefined| windowWidth function| setUpAnimation function| getVisibleEl function| animateVisibleElements undefined| smartBannerApp function| searchAnchor undefined| navigationMenu undefined| cta undefined| md undefined| menu undefined| detachedCta function| closeTermo function| checkTermo function| calculaHeader function| detectZoomMb function| receiveMessage undefined| eventMethod undefined| eventer undefined| messageEvent function| mobileSetup function| setDynamicSectionId function| getUrlVars function| getUrlVar function| scrollToElement undefined| browserMinIe undefined| browserMinFirefox undefined| browserMinChrome undefined| browserMinOpera undefined| browserMinSafari undefined| nAgt undefined| nameOffset undefined| verOffset undefined| ix undefined| start undefined| end undefined| browserAntigoStatus undefined| regExpLocation undefined| linkDataVideo undefined| parentclicked function| youtubePlayVideo function| verifyInternalSourceVideo function| openVideoSource function| inertAttr function| openInternalVideo function| openExternalVideo function| closeVideo function| createVideoPlayerExternal function| createVideoPlayerInternal function| removeVideoPlayer function| focusInTheLastImg function| listenerVideoClick function| clickDescription function| listeningEscAction function| BOOMR_check_doc_domain object| ErrorStackParser object| UserTimingCompression object| Granite object| q number| BOOMR_configt undefined| specFormer object| $jscomp function| isVisible undefined| TOTALRESULTS undefined| FILTERACTIVE undefined| ORIGIN undefined| URL_FAST undefined| LIST_SIZE undefined| PAGE_NUM_START undefined| PARAMETER_NAME undefined| PARAMETER_NAME_DEFAULT undefined| BREAKPOINT_MOBILE undefined| MOBILE_PAG_ROWS undefined| DESK_PAG_ROWS undefined| ALLRESULTS undefined| Navigators undefined| strModeList undefined| Relevancia undefined| strViewList undefined| ModifierName undefined| QtfLemmatize undefined| QtfSpellcheck undefined| Dynteaser undefined| GEOPERMIS undefined| MAX_CARACTERS function| getMaxCaracters function| strip function| getUrlParam function| setFilter function| setMultipleFilters function| getInnactiveFilter function| setFilterExternalLinks function| generateURL function| limitCaractersResult function| thumbText function| thumbTextImg function| thumbVideos function| linksDocuments function| linksBanksLocation function| goToElement undefined| thumbTemplate function| appendHTML function| setCountFilter function| verifyExternalPages function| verifyLinksFilter function| cleanFilters function| setCountFilters function| paginationRows function| addClassShowFilter function| rotateIcon function| generatePagination function| zeroLeft function| setTotalResult function| successSearch function| search function| setTextResult function| initSearch function| listennerFilterClick function| newFilterClick function| getActiveFilters function| newFilterAllClick function| filterCloseBtnEvent function| newFilterEvents function| importYTApi function| constructAriaLabel function| hideSugestedSearchs function| closeSearchContainerSrcResult function| headerFormatControl function| redirectResultNotFound undefined| PAGELOAD undefined| CUSTOMLINK undefined| DEFAULTADOBE function| searchResultAdobeSite function| searchResultAdobePage function| searchResultAdobeVisitor function| searchResultAdobeRule function| searchResultAdobeStartTrack function| searchResultAdobeVerifyCustomFilters function| searchResultCustomPageLoad function| searchResultCustomPageLoadDefault function| searchResultAdobeCustomNoResults function| searchResultAdobeCustomClicMenu function| searchResultAdobePageLoad function| searchResultAdobePageLoadDefault function| searchResultAdobeNoResult function| searchResultAdobeClickMenus function| searchResultAdobeEvents undefined| adobeDataLayer function| removeSpaces function| removeAccents function| removeHtmlAccents function| _defineProperty undefined| player undefined| nomeVideo undefined| videoAtual undefined| done function| srcResOpenVideo function| evtVideoReady function| evtVideoStatus function| closeVideoEvents function| srcResultVideosEvents function| defineVideoSize undefined| URL_FAST_SEACH undefined| ORIGIN_AUTO undefined| URL_FAST_AUTOCOMPLETE undefined| PG_RESULT function| notAllowedChars undefined| itauSearch function| _typeof undefined| validUser undefined| mensgaemRepetida undefined| contador undefined| mensagemErroNaN undefined| identificarKeyCode undefined| logonHipercard undefined| login undefined| cookieLogin function| checkLoginModalShared function| _toConsumableArray function| _nonIterableSpread function| _unsupportedIterableToArray function| _iterableToArray function| _arrayWithoutHoles function| _arrayLikeToArray undefined| resultSearchInvestmentDocuments undefined| searchInvestment undefined| paginationSearchInvestment undefined| error function| resizeLeft function| checkLoginModal undefined| cnpjValidado undefined| cpfValidado function| validationBorderBottom function| validateAccountCNPJ function| validateAccountCPF function| habilitaBotao function| checkVerify function| TestaCPF function| TestaCNPJ function| validate undefined| strCPF undefined| _this undefined| exchangeForm undefined| exchangeComponents undefined| exchangeAgencies undefined| pagination undefined| accessibility function| setAriaLabelCalendar function| checkDate function| validateDate function| validMinimumPeriod function| checkDateInitialGreaterThanFinal function| setMaskType function| eventsListeners function| calendarKeyboardListener function| diaAnterior function| handleAnterior function| proximoDia function| handleProximo function| handlerBaixo function| handlerCima function| closeDatepicker undefined| validaObj undefined| paginator undefined| scrollPage function| displayCorrespondentsByPage undefined| displayCorrespondentsSearch function| moveToTop undefined| searchCorrespondentsData function| aplyDisabled function| selectValuesErrorDisplay function| addAccessibility function| resetsAfterTheErrorIsResolved undefined| prevPage undefined| nextPage undefined| firstPage undefined| lastPage undefined| linkPageList undefined| corbanSearch_createErrorMensage undefined| corbanSearch_closeErrorMessage undefined| corbanSearch_enterKey function| checkCookie undefined| btnHelp function| clickAndEnter function| setTopButton function| setTopContainer function| setPostionEl function| scrollPostionBtnHelp function| changeIconBoxHelpHeader function| changeTab function| clickChooseTab function| closeHelpBox function| openAndCloseHelpBox function| closeWithEscHelpBox function| focusOutContainer function| clickHelpButton function| setMaxSizeTabs function| onResizeHideBox function| adjustHeightBox function| adjustWidthBox function| initBoxHelp function| $ function| jQuery number| BOOMR_onload2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
clube-lulu-montana.com/ | Name: PHPSESSID Value: u5fq403nga9keic99ebno6kf9d |
|
.clube-lulu-montana.com/ | Name: RT Value: "z=1&dm=clube-lulu-montana.com&si=n8uw9izc9sg&ss=l2lboe66&sl=0&tt=0" |
27 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
c.go-mpulse.net
clube-lulu-montana.com
s.go-mpulse.net
www.itau.com.br
www.itau.com.br
104.75.88.118
2606:4700:3037::ac43:db51
2a00:1450:4001:803::200a
2a02:26f0:1700:391::11a6
2a02:26f0:ef:288::11a6
0a08d3f2457bb57ae4618b1ebe17a80674689f2185c7fd2f42416ff134d93f0f
0d778db9059efcbb900f9a37a14cc7eddf1002a2c465d0cbebc8828918feae5e
15e8841970c2775408725da6a956315c9c566819e9322af9144aec93d8a793dc
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
34d07191b4f42c9705e68528a15d72136c5d0486ea048215a992823ed0b188f4
415999ec449757b0984897e68b439602634997319454ce2441946a5cb575a250
5628fa373d30bd09d8579b7e8c2a49ab39ec33977e4c9757ba331c47522110c1
5975588fb9d066815903225d9d2ce9fce672ff843d1eb8e951a8b794f706fa0f
83d9437f6f39363ba2bc853846dd5df6057bc2b3449d92f4ac51269fcef5c456
91059ccdd65c1496d764f84ece42376760652ea7c734fe0c0dd0b086c91ce6ef
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54
a138831ec4b1a876bddf6b52c84bf4047730f101fe57976a221838dba3906e3e
c5fcbac15c0abed33928ea0df2b92e51d06cc351cce4097f0d1372e967769141
c61c2010aef91850004118a0bf3896f7560945fe84f1c0a12f80dfcea651d1d0
fdccada6464c6cbfe883cbf99051fd36d0313d184a22efb79895037513a1ded2