iitauu.com Open in urlscan Pro
149.62.37.185 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://iitauu.com/validade.php
Effective URL:
https://iitauu.com/validade.php
Submission: On March 08 via api (March 8th 2023, 4:03:19 pm UTC) from JP — Scanned from JP

Summary HTTP 11 Redirects Links 111 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 11 HTTP transactions. The main IP is 149.62.37.185, located in São Paulo, Brazil and belongs to AS-HOSTINGER, CY. The main domain is iitauu.com.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on January 31st 2023. Valid for: 3 months.

This is the only time iitauu.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Magazine Luiza (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
1 10	149.62.37.185 149.62.37.185	47583 (AS-HOSTINGER) (AS-HOSTINGER)
1	142.250.207.35 142.250.207.35	15169 (GOOGLE) (GOOGLE)
11	3

10 149.62.37.185 (São Paulo, Brazil) 1 redirects

ASN47583 (AS-HOSTINGER, CY)

iitauu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.207.35 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s55-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	iitauu.com 1 redirects iitauu.com	149 KB
1	gstatic.com fonts.gstatic.com	39 KB
0	lnxmanager.com Failed lnxmanager.com Failed
11	3

	Domain	Requested by
10	iitauu.com	1 redirects iitauu.com
1	fonts.gstatic.com	iitauu.com
0	lnxmanager.com Failed	iitauu.com
11	3

This site contains links to these domains. Also see Links.

Domain
www.itau.com.br
www.reclameaqui.com.br
noticias.reclameaqui.com.br
premio.reclameaqui.com.br
mais.reclameaqui.com.br
blog.reclameaqui.com.br
app.maga.lu
www.magazineluiza.com.br
www.facebook.com
www.instagram.com
twitter.com
instagram.com
www.linkedin.com

Subject Issuer	Validity	Valid
iitauu.com ZeroSSL RSA Domain Secure Site CA	`2023-01-31` - `2023-05-01`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://iitauu.com/validade.php
Frame ID: D878156352E0F00DE582B91DC7FEE8A7
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Consulte sua Fatura | Cartão Magazine Luiza

Page URL History Show full URLs

http://iitauu.com/validade.php HTTP 301
https://iitauu.com/validade.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

11
Requests

91 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

188 kB
Transfer

480 kB
Size

0
Cookies

111 Outgoing links

These are links going to different origins than the main page.

URL: https://www.itau.com.br/mobile/magalu/consulte-sua-fatura-acesso/
Title: VOLTAR

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/cadastro/
Title: Cadastrar

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/ranking/
Title: Ranking

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/
Title: Categorias

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/compare/
Title: Comparar empresas

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/como-funciona/
Title: Dúvidas frequentes

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/institucional/
Title: Institucional

Search URL Search Domain Scan URL

URL: https://noticias.reclameaqui.com.br/
Title: Notícias

Search URL Search Domain Scan URL

URL: https://premio.reclameaqui.com.br/
Title: Prêmio

Search URL Search Domain Scan URL

URL: https://mais.reclameaqui.com.br/
Title: RA+

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/termos-de-uso/
Title: Termos de uso

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/politica-de-privacidade/
Title: Política de privacidade

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/fale-conosco/
Title: Fale com o ReclameAQUI

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/informatica/
Title: Informática

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/eletroeletronicos/
Title: Eletroeletrônicos

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/eletroportateis/
Title: Eletroportáteis

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/moda-feminina/
Title: Moda Feminina

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/eletrodomesticos/
Title: Eletrodomésticos

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/celulares-smartphones/
Title: Celulares e Smartphones

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/calcados-femininos/
Title: Calçados Femininos

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/agencia-de-viagens/
Title: Agência de Viagens

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/empresas-de-ingressos/
Title: Empresas de Ingresso

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/companhias-aereas/
Title: Companhias Aéreas

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/redes-de-hoteis/
Title: Redes de Hotéis

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/aluguel-de-carros/
Title: Aluguel de Carros

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/resorts/
Title: Resorts

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/parques-de-diversao/
Title: Parques de diversão

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/bebidas/
Title: Bebidas

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/bebidas-alcoolicas/
Title: Bebidas Alcoólicas

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/bomboniere/
Title: Bomboniere

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/congelados/
Title: Congelados

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/laticinios-lacteos/
Title: Laticínios e Lácteos

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/matinais/
Title: Matinais

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/mercearia/
Title: Mercearia

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/bancos/
Title: Bancos

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/cartoes-de-credito/
Title: Cartões de créditos

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/cartoes-de-beneficios/
Title: Cartões de benefícios

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/financeiras/
Title: Financeiras

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/consorcios/
Title: Consórcios

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/cabelos/
Title: Cabelos

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/corpo-banho/
Title: Corpo e Banho

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/higiene-limpeza-pessoal/
Title: Higiene Pessoal e Limpeza

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/maos-pes/
Title: Mãos e Pés

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/maquiagem/
Title: Maquiagem

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/perfumarias/
Title: Perfumarias

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/suplementos-alimentares/
Title: Suplementos Alimentares

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/ferramentas-maquinas/
Title: Ferramentas e Máquinas

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/iluminacao-eletrica/
Title: Iluminação e Elétrica

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/loucas-metais/
Title: Louças e Metais

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/materiais-de-construcao/
Title: Materiais de Construção

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/chuveiros-aquecedores/
Title: Chuveiros e Aquecedores

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/pisos-laminados-de-madeira/
Title: Pisos e Laminados de Madeira

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/tintas-acessorios/
Title: Tintas e Acessórios

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/universidades-faculdades/
Title: Universidades e Faculdades

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/livros/
Title: Livros

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/cursos-tecnicos-profissionalizantes/
Title: Cursos Técnicos e Profissionalizantes

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/cursos-para-vestibular-concursos/
Title: Cursos para Vestibular e Concursos

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/cursos-de-idiomas/
Title: Cursos de Idiomas

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/escolas/
Title: Escolas

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/auto-escolas/
Title: Auto Escolas

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/brinquedos-jogos/
Title: Brinquedos e Jogos

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/artigos-para-bebe/
Title: Artigos para Bebê

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/troca-de-fraldas/
Title: Troca de Fraldas

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/moveis-infantis/
Title: Móveis Infantis

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/acessorios-para-bebe/
Title: Acessórios para Bebê

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/buffet-infantil/
Title: Buffet Infantil

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/corpo-banho-infantil/
Title: Corpo e Banho Infantil

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/bolsas-malas/
Title: Bolsas e Malas

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/moda-masculina/
Title: Moda Masculina

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/calcados-masculinos/
Title: Calçados Masculinos

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/acessorios-de-vestuario/
Title: Acessórios de Vestuário

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/relogios/
Title: Relógios

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/moveis-em-geral/
Title: Móveis em Geral

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/colchoes/
Title: Colchões

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/moveis-modulados/
Title: Móveis Modulados

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/moveis-planejados/
Title: Móveis Planejados

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/decoracao/
Title: Decoração

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/papel-de-parede-adesivos/
Title: Papel de Parede e Adesivos

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/persianas-cortinas/
Title: Persianas e Cortinas

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/planos-de-saude/
Title: Planos de Saúde

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/hospitais/
Title: Hospitais

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/exames-lab-imagem/
Title: Exames Lab. e imagem

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/farmacias/
Title: Farmácias

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/industria-farmaceutica/
Title: Indústria Farmacêutica

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/clinicas-medicas/
Title: Clínicas Médicas

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/equipamentos-medicos-odontologicos/
Title: Equipamentos Médicos e Odontológicos

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/telefonia-celular/
Title: Telefonia Celular

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/telefonia-fixa/
Title: Telefonia Fixa

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/provedores-serv-de-internet/
Title: Provedores e Serv. Internet

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/tv-por-assinatura/
Title: TV por Assinatura

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/concessionarias-de-carros/
Title: Concessionárias de Carros

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/pneus/
Title: Pneus

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/autopecas/
Title: Autopeças

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/acessorios-para-motos/
Title: Acessórios para Motos

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/acessorios-para-carros/
Title: Acessórios para Carros

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/loja-de-carros/
Title: Loja de Carros

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/categoria/fabricantes-de-carros/
Title: Fabricantes de Carros

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/cadastro-empresa/consumidor/
Title: Cadastre uma empresa

Search URL Search Domain Scan URL

URL: https://blog.reclameaqui.com.br/reclame-aqui-numero-de-visualizacoes/

Search URL Search Domain Scan URL

URL: https://app.maga.lu/APPMagalu
Title: Baixe o app

Search URL Search Domain Scan URL

URL: https://www.magazineluiza.com.br/
Title: Comprar agora

Search URL Search Domain Scan URL

URL: http://www.magazineluiza.com.br/
Title: Ir para o site

Search URL Search Domain Scan URL

URL: https://www.magazineluiza.com.br/central-de-atendimento/
Title: Ir para o atendimento

Search URL Search Domain Scan URL

URL: https://www.facebook.com/magazineluiza/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/magazineluiza/

Search URL Search Domain Scan URL

URL: https://twitter.com/magazineluiza

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ReclameAqui

Search URL Search Domain Scan URL

URL: https://twitter.com/reclameaqui

Search URL Search Domain Scan URL

URL: https://instagram.com/reclameaqui/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/reclame-aqui

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://iitauu.com/validade.php HTTP 301
https://iitauu.com/validade.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request validade.php Show response
iitauu.com/
Redirect Chain

http://iitauu.com/validade.php
https://iitauu.com/validade.php

274 KB
88 KB

1184ms
292ms

Document
text/html

149.62.37.185
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://iitauu.com/validade.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.62.37.185 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed / PHP/8.0.26

Resource Hash

7cfc5d0dbdf7d701eef39de4443c8f56b9aabdef29c38998099f2cbda1060525

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Wed, 08 Mar 2023 16:03:12 GMT
platform: hostinger
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/8.0.26

Redirect headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-length: 707
content-security-policy: upgrade-insecure-requests
content-type: text/html
date: Wed, 08 Mar 2023 16:03:11 GMT
location: https://iitauu.com/validade.php
platform: hostinger
server: LiteSpeed

GET
H2 200 jquery.min.js Show response
iitauu.com/static/js/ 87 KB
29 KB 326ms
325ms Script
application/x-javascript 149.62.37.185
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://iitauu.com/static/js/jquery.min.js

Requested by

Host: iitauu.com
URL: https://iitauu.com/validade.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.62.37.185 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://iitauu.com/validade.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 16:03:13 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 13 Feb 2023 17:06:24 GMT
server: LiteSpeed
etag: "15d9d-63ea6e10-6d88df21a0a18e81;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 30021
expires: Wed, 15 Mar 2023 16:03:13 GMT

GET
H2 200 popper.min.js Show response
iitauu.com/static/js/ 19 KB
7 KB 540ms
539ms Script
application/x-javascript 149.62.37.185
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://iitauu.com/static/js/popper.min.js

Requested by

Host: iitauu.com
URL: https://iitauu.com/validade.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.62.37.185 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

da7796caf9359015af4ecdf8c6ccbd53706ea4613932a9b6f81e442e49d5f626

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://iitauu.com/validade.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 16:03:13 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 13 Feb 2023 17:06:24 GMT
server: LiteSpeed
etag: "4d36-63ea6e10-ac602b2feb5de151;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 6970
expires: Wed, 15 Mar 2023 16:03:13 GMT

GET
H2 200 tippy-bundle.umd.min.js Show response
iitauu.com/static/js/ 25 KB
8 KB 543ms
542ms Script
application/x-javascript 149.62.37.185
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://iitauu.com/static/js/tippy-bundle.umd.min.js

Requested by

Host: iitauu.com
URL: https://iitauu.com/validade.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.62.37.185 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

3f0fe70eb26ccf28f6887a192e29d38dd7ef7c2f079a73304ad42ddc7bed37de

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://iitauu.com/validade.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 16:03:13 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 13 Feb 2023 17:06:24 GMT
server: LiteSpeed
etag: "6475-63ea6e10-2dba6b6774355806;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 8275
expires: Wed, 15 Mar 2023 16:03:13 GMT

GET
H2 200 cryptojs-aes.min.js Show response
iitauu.com/static/js/ 13 KB
5 KB 546ms
544ms Script
application/x-javascript 149.62.37.185
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://iitauu.com/static/js/cryptojs-aes.min.js

Requested by

Host: iitauu.com
URL: https://iitauu.com/validade.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.62.37.185 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

fc7e184beeda61bf6427938a84560f52348976bb55e807b224eb53930e97ef6a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://iitauu.com/validade.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 16:03:13 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 13 Feb 2023 17:06:24 GMT
server: LiteSpeed
etag: "3430-63ea6e10-beb400146d7c7513;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 4627
expires: Wed, 15 Mar 2023 16:03:13 GMT

GET
H2 200 cryptojs-aes-format.js Show response
iitauu.com/static/js/ 826 B
379 B 548ms
547ms Script
application/x-javascript 149.62.37.185
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://iitauu.com/static/js/cryptojs-aes-format.js

Requested by

Host: iitauu.com
URL: https://iitauu.com/validade.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.62.37.185 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

0ae5c93434f230f41c258772e6ed441f1fffcfd1b803c66e342fcbc1b8e2921c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://iitauu.com/validade.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 16:03:13 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 13 Feb 2023 17:06:23 GMT
server: LiteSpeed
etag: "33a-63ea6e0f-72f0e547f30f141a;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 293
expires: Wed, 15 Mar 2023 16:03:13 GMT

GET
H2 200 jquery.mask.min.js Show response
iitauu.com/static/js/ 8 KB
3 KB 550ms
549ms Script
application/x-javascript 149.62.37.185
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://iitauu.com/static/js/jquery.mask.min.js

Requested by

Host: iitauu.com
URL: https://iitauu.com/validade.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.62.37.185 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

2a0db34dc14ef4b5ce73b230701c7561e5012667a4c9cb274ecab646e1474995

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://iitauu.com/validade.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 16:03:13 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 13 Feb 2023 17:06:23 GMT
server: LiteSpeed
etag: "2087-63ea6e0f-3ade7fcacac9edc6;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 3310
expires: Wed, 15 Mar 2023 16:03:13 GMT

GET
H2 200 logo_success.png
iitauu.com/static/imgs/ 4 KB
4 KB 321ms
320ms Image
image/png 149.62.37.185
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://iitauu.com/static/imgs/logo_success.png

Requested by

Host: iitauu.com
URL: https://iitauu.com/validade.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.62.37.185 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

adca7da095add3ccdf4f72d016831ecba9a1f38f3db6db2f9cc1d38e4b734be5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://iitauu.com/validade.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 16:03:13 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 13 Feb 2023 17:06:04 GMT
server: LiteSpeed
etag: "ef0-63ea6dfc-cb0bc2a636f12a93;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 3824
expires: Wed, 15 Mar 2023 16:03:13 GMT

GET
H2 200 main_logo.png
iitauu.com/static/imgs/ 5 KB
5 KB 322ms
321ms Image
image/png 149.62.37.185
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://iitauu.com/static/imgs/main_logo.png

Requested by

Host: iitauu.com
URL: https://iitauu.com/validade.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.62.37.185 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

51a6031ae377bf0bc4f279cec840bf022f7d3bd4c8455ed340c1752a7c5673e4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://iitauu.com/validade.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 16:03:13 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 13 Feb 2023 17:06:04 GMT
server: LiteSpeed
etag: "120f-63ea6dfc-bbd4238449d07fe2;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 4623
expires: Wed, 15 Mar 2023 16:03:13 GMT

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1218f74218758c435b1c58836f5244eb00dff606f2ccc3bc686d5acc523da986

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2
fonts.gstatic.com/s/opensans/v28/ 39 KB
39 KB 574ms
38ms Font
font/woff2 142.250.207.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2

Requested by

Host: iitauu.com
URL: https://iitauu.com/validade.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s55-in-f3.1e100.net

Software

sffe /

Resource Hash

a83c3f260b750dfc47e4e5024eda4b4f80be0c0a3e0ae5111a3b0a799df64448

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iitauu.com/
Origin: https://iitauu.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 14:01:02 GMT
x-content-type-options: nosniff
age: 7333
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39556
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:07:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Mar 2024 14:01:02 GMT

GET save_access
lnxmanager.com/api/v2/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: lnxmanager.com
URL: https://lnxmanager.com/api/v2/save_access?source=bG54ZC5mYW5z

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Magazine Luiza (Consumer)

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://iitauu.com/validade.php Message: Access to XMLHttpRequest at 'https://lnxmanager.com/api/v2/save_access?source=bG54ZC5mYW5z' from origin 'https://iitauu.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://lnxmanager.com/api/v2/save_access?source=bG54ZC5mYW5z Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.gstatic.com
iitauu.com
lnxmanager.com
lnxmanager.com
142.250.207.35
149.62.37.185
0ae5c93434f230f41c258772e6ed441f1fffcfd1b803c66e342fcbc1b8e2921c
1218f74218758c435b1c58836f5244eb00dff606f2ccc3bc686d5acc523da986
2a0db34dc14ef4b5ce73b230701c7561e5012667a4c9cb274ecab646e1474995
3f0fe70eb26ccf28f6887a192e29d38dd7ef7c2f079a73304ad42ddc7bed37de
51a6031ae377bf0bc4f279cec840bf022f7d3bd4c8455ed340c1752a7c5673e4
7cfc5d0dbdf7d701eef39de4443c8f56b9aabdef29c38998099f2cbda1060525
a83c3f260b750dfc47e4e5024eda4b4f80be0c0a3e0ae5111a3b0a799df64448
adca7da095add3ccdf4f72d016831ecba9a1f38f3db6db2f9cc1d38e4b734be5
da7796caf9359015af4ecdf8c6ccbd53706ea4613932a9b6f81e442e49d5f626
fc7e184beeda61bf6427938a84560f52348976bb55e807b224eb53930e97ef6a
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

iitauu.com Open in urlscan Pro 149.62.37.185 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

11 Requests

91 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

188 kBTransfer

480 kBSize

0 Cookies

111 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

28 JavaScript Global Variables

0 Cookies

2 Console Messages

Security Headers

Indicators

iitauu.com Open in urlscan Pro
149.62.37.185 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

91 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

188 kB
Transfer

480 kB
Size

0
Cookies

11 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!