portal-acesse-lojacliete.com Open in urlscan Pro
2606:4700:3032::6815:40cc Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://portal-acesse-lojacliete.com/magalu/
Submission: On February 23 via api (February 23rd 2023, 12:03:22 pm UTC) from JP — Scanned from JP

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 16 HTTP transactions. The main IP is 2606:4700:3032::6815:40cc, located in United States and belongs to CLOUDFLARENET, US. The main domain is portal-acesse-lojacliete.com.
TLS certificate: Issued by GTS CA 1P5 on February 22nd 2023. Valid for: 3 months.

This is the only time portal-acesse-lojacliete.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Magazine Luiza (Consumer)

Domain & IP information

	IP Address		AS Autonomous System
16	2606:4700:303... 2606:4700:3032::6815:40cc		13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	1

16 2606:4700:3032::6815:40cc (United States)

ASN13335 (CLOUDFLARENET, US)

portal-acesse-lojacliete.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	portal-acesse-lojacliete.com portal-acesse-lojacliete.com	55 KB
16	1

	Domain	Requested by
16	portal-acesse-lojacliete.com	portal-acesse-lojacliete.com
16	1

This site contains no links.

Subject Issuer	Validity	Valid
*.portal-acesse-lojacliete.com GTS CA 1P5	`2023-02-22` - `2023-05-23`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://portal-acesse-lojacliete.com/magalu/
Frame ID: 8A2B49466AB06CE930CE6E882B0EF799
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Consultar fatura Magalu

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

16
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

55 kB
Transfer

154 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response portal-acesse-lojacliete.com/magalu/	27 KB 3 KB	398ms 233ms	Document text/html	2606:4700:3032::6815:40cc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://portal-acesse-lojacliete.com/magalu/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:40cc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2eb3373dbccf77764365632f60b4d4c4c0e72f6aeaabddfcedf6a0d0a6ad15d9` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 79dfd14588aee00d-NRT content-encoding br content-type text/html; charset=UTF-8 date Thu, 23 Feb 2023 12:03:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PAmA0l6HfBl%2B3p4%2FawBjPTXU4nhs9sOgOUexi3UOW66QkhsZTHNw58QNHK4cgOVcGUmeYDzMZhOOwBhN4uvfwENnL%2FP7ARdhzYVRFBPD0W%2FUhOPmu7mcYw%2BO7Iku55BTQ7rgm9Lmrc%2BClXZAqlxOySFGDUqy%2FVK%2FoQy0"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	jquery.js Show response portal-acesse-lojacliete.com/magalu/index_files/	87 KB 32 KB	14ms 12ms	Script application/javascript	2606:4700:3032::6815:40cc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://portal-acesse-lojacliete.com/magalu/index_files/jquery.js Requested by Host: portal-acesse-lojacliete.com URL: https://portal-acesse-lojacliete.com/magalu/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:40cc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `72037311a4dfde4d042df73e31b7cbeafc0bdf2aaa605b69aff3326015a396da` Request headers accept-language jp-JP,jp;q=0.9 Referer https://portal-acesse-lojacliete.com/magalu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Thu, 23 Feb 2023 12:03:18 GMT content-encoding br cf-cache-status HIT last-modified Mon, 12 Sep 2022 17:03:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 110 etag W/"15d99-5e87ddecbaf80-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bn9NG4kHGmKVTS37RtJRnRe4Wps8SOu543xYyj%2FANdSC4J%2F2Xzf9Fg2UXqU8KaL%2B8R1Uc%2B9lLjvM4XcE2lEo07hlJbM5W%2BFzBiyqAZ7JJurS%2BBelizd3ZESlyKSMyRfh1fnb%2Foapcj3ccatD%2FPleZgoQGJGw3eHG0WVe"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 79dfd1470a7ae00d-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	js.js Show response portal-acesse-lojacliete.com/magalu/index_files/	829 B 763 B	9ms 8ms	Script application/javascript	2606:4700:3032::6815:40cc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://portal-acesse-lojacliete.com/magalu/index_files/js.js Requested by Host: portal-acesse-lojacliete.com URL: https://portal-acesse-lojacliete.com/magalu/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:40cc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `04359500a657f5ad17f401c78a1dac274dc75d7b6b5f40690784a5c8da761977` Request headers accept-language jp-JP,jp;q=0.9 Referer https://portal-acesse-lojacliete.com/magalu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Thu, 23 Feb 2023 12:03:18 GMT content-encoding br cf-cache-status HIT last-modified Mon, 12 Sep 2022 17:03:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 110 etag W/"33d-5e87ddecbaf80-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MyushZObilaHYI1odeXtEtN2VpWxdxiz4YFedcW%2BUxncXO3qWPb1ulYQ9HIC7AQeDC5Y1wJYefytJZPO9QlPWppSCv95iuB1X0TFf3FE64MOYvOZd%2BWPzqXVLcHWC7X9hrki5DslrSY8mbgz2BZ%2BCQcHVLta64iFYMYv"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 79dfd1470a86e00d-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	inicio.js Show response portal-acesse-lojacliete.com/magalu/index_files/	23 KB 3 KB	11ms 9ms	Script application/javascript	2606:4700:3032::6815:40cc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://portal-acesse-lojacliete.com/magalu/index_files/inicio.js Requested by Host: portal-acesse-lojacliete.com URL: https://portal-acesse-lojacliete.com/magalu/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:40cc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `50f168fd1988ac110406e0bbf40b6313ff596f5a04e32982764cda1bace75252` Request headers accept-language jp-JP,jp;q=0.9 Referer https://portal-acesse-lojacliete.com/magalu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Thu, 23 Feb 2023 12:03:18 GMT content-encoding br cf-cache-status HIT last-modified Tue, 07 Feb 2023 17:29:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 110 etag W/"5c18-5f41f7eea4880-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V0KpHYxaiwkeqHZ%2Bw0QiKXziQvv4GtC9QnGq6pxbF4M2vTrxql1ubqIJ51ysYzhAUh7erZfkSOR%2BfTIaIalYcXezrfLvssQSgZDsI8suFjJV3qH%2BNbqnY8EdZ0oXHevkNRVgZAasjX1mfAzgl8bViotC7S6OnVdDm7Ce"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 79dfd1470a89e00d-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	icon portal-acesse-lojacliete.com/magalu/index_files/	528 B 848 B	123ms 122ms	Stylesheet text/plain	2606:4700:3032::6815:40cc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://portal-acesse-lojacliete.com/magalu/index_files/icon Requested by Host: portal-acesse-lojacliete.com URL: https://portal-acesse-lojacliete.com/magalu/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:40cc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f8d497c92f5f95fba3066bafe3e2cbbbede040cd96ddb7e73e1106df7f70cd98` Request headers accept-language jp-JP,jp;q=0.9 Referer https://portal-acesse-lojacliete.com/magalu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Thu, 23 Feb 2023 12:03:18 GMT cf-cache-status DYNAMIC last-modified Mon, 12 Sep 2022 17:03:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "210-5e87ddecbaf80" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AE7ZhbKcNvic6YRSGajT7kCFqSoLOI4lJhvgA9vuFd6Ri7YdrBVOEbdgmsXbE%2FsgcEx%2FKbieSeYXq5i0%2BuZwSuqAGUGlEG%2B99p%2BN1obmkFS4QAZhFK5ou7U2%2BJCtM68xyuupRAUqeWrOKwixmZIl8PqDfnDNLbUXDwJb"}],"group":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 79dfd1470a7ee00d-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 528
GET H2	200	css.css portal-acesse-lojacliete.com/magalu/index_files/	332 B 452 B	8ms 7ms	Stylesheet text/css	2606:4700:3032::6815:40cc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://portal-acesse-lojacliete.com/magalu/index_files/css.css Requested by Host: portal-acesse-lojacliete.com URL: https://portal-acesse-lojacliete.com/magalu/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:40cc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ae6b38112b49c7555bb384a42e37b092575f536ef60b8c88d73bd2d55dd2ed97` Request headers accept-language jp-JP,jp;q=0.9 Referer https://portal-acesse-lojacliete.com/magalu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Thu, 23 Feb 2023 12:03:18 GMT content-encoding br cf-cache-status HIT last-modified Mon, 12 Sep 2022 17:03:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 110 etag W/"14c-5e87ddecbaf80-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Se94XVk%2F1ioDpCzsUQZqYC6WF36MG2rMdQjoyslwCt9LzfqJIOg8qarMlxQwCVmy6z7RqfdBZRd1RD1MQWFxFLl0QqvzhgowqMy00mLyNt3ytEcVBthlSAvrdrEOzLObVnS1SQujFBlZGXd2jgiSP4PhEBhxkLLoN9ra"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 79dfd1470a80e00d-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	inicio.css portal-acesse-lojacliete.com/magalu/index_files/	1 KB 636 B	9ms 9ms	Stylesheet text/css	2606:4700:3032::6815:40cc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://portal-acesse-lojacliete.com/magalu/index_files/inicio.css Requested by Host: portal-acesse-lojacliete.com URL: https://portal-acesse-lojacliete.com/magalu/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:40cc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d028ee4b66227f72750880d138427c3f5e581c7b918fad4ae8682b67e5b9f712` Request headers accept-language jp-JP,jp;q=0.9 Referer https://portal-acesse-lojacliete.com/magalu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Thu, 23 Feb 2023 12:03:18 GMT content-encoding br cf-cache-status HIT last-modified Mon, 12 Sep 2022 17:03:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 110 etag W/"514-5e87ddecbaf80-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OYlZZsuBcM2ISd3Swe1LK7EOy%2BFZq7OjeUE7vTihbC314vUY0RXIKV8%2FHm3J7nJDcNaEIBgceIz8Jct3hutl5dU8kcgkW7dQJwYSxBYZVAwWZ%2BtUMGcBH3TNYd0PhRqXY%2Bza%2Bv7PGYndQwton4i9UQihaWwtefnBPqD6"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 79dfd1470a83e00d-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	magalu-logo.png portal-acesse-lojacliete.com/magalu/index_files/	12 KB 12 KB	228ms 228ms	Image image/png	2606:4700:3032::6815:40cc CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://portal-acesse-lojacliete.com/magalu/index_files/magalu-logo.png Requested by Host: portal-acesse-lojacliete.com URL: https://portal-acesse-lojacliete.com/magalu/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:40cc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `7e393e8c97f5aef8d6f6e62fafe5f376b40cef8b17366aa923c237b615af8691` Request headers accept-language jp-JP,jp;q=0.9 Referer https://portal-acesse-lojacliete.com/magalu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Thu, 23 Feb 2023 12:03:18 GMT cf-cache-status REVALIDATED last-modified Mon, 12 Sep 2022 17:03:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "2ec7-5e87ddecbaf80" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yn8Kfq8SjGR%2FwVzm0A3GQcnXb6kR5Lr040iJYO0vGDA5b7q7Dcym4HV3GYaGJqsNtzbsnHEIrWy9UZobdE6U5%2F3mNYXUM0drphXVn3gP5khE3LHx7%2FqSeHrP%2BteE%2BRT8wnnAr%2F2vjWLcPmm1PoUcY5Mm2P8PKGSkrDAC"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 79dfd1472eec25ec-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 11975
GET H3	404	api.php Show response portal-acesse-lojacliete.com/	290 B 709 B	118ms 118ms	XHR text/html	2606:4700:3032::6815:40cc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://portal-acesse-lojacliete.com/api.php?metodo=online&local=inicio&dispositivo=desktop Requested by Host: portal-acesse-lojacliete.com URL: https://portal-acesse-lojacliete.com/magalu/index_files/jquery.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:40cc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d4bc4dd73e6dca2e9953d184bb1a817f74e29f9d17806fb498e8f7a988af9bc5` Request headers Accept text/html, /; q=0.01 Referer https://portal-acesse-lojacliete.com/magalu/ X-Requested-With XMLHttpRequest accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Thu, 23 Feb 2023 12:03:18 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M8LgV4bCMpIeg0jAvMny%2FC6ToEcK6ybHOdBG1vV8J5qjlN2RqenNat6NyL6kf9gtR4aAiKOXCKpefi93Bfvf%2BCLwyzZWBEFerpJcPYugaJAxMVWcGf5TLo3%2BpABxzhWK7N2brQVxYT0eKswa%2BupNO860qQr%2BfsjfIEzI"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cf-ray 79dfd147cfe625ec-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	404	fontea.woff portal-acesse-lojacliete.com/api/fontes/	0 0	226ms 226ms	Font text/html	2606:4700:3032::6815:40cc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://portal-acesse-lojacliete.com/api/fontes/fontea.woff Requested by Host: portal-acesse-lojacliete.com URL: https://portal-acesse-lojacliete.com/magalu/index_files/css.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:40cc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://portal-acesse-lojacliete.com/magalu/index_files/css.css Origin https://portal-acesse-lojacliete.com accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Thu, 23 Feb 2023 12:03:18 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZaKf%2ByQDY9TSNIzFm6tLBtYlHa3Cusy8gul7XYOGxwX3Eb7FryB02qpw1DK6qfbfXk1Yd6xD3CWARldc%2BGKfLBtqhnDdia%2FrH%2FReG4PYbPGCBm4So5eCb%2FzORIlPyw41lMg0BA2AG5zrjqZ72eBi18UqPcqVJ3m0QttY"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 79dfd147dfef25ec-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	404	fonted.woff portal-acesse-lojacliete.com/api/fontes/	0 0	227ms 227ms	Font text/html	2606:4700:3032::6815:40cc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://portal-acesse-lojacliete.com/api/fontes/fonted.woff Requested by Host: portal-acesse-lojacliete.com URL: https://portal-acesse-lojacliete.com/magalu/index_files/css.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:40cc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://portal-acesse-lojacliete.com/magalu/index_files/css.css Origin https://portal-acesse-lojacliete.com accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Thu, 23 Feb 2023 12:03:18 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=56JPXEtvH2QO5H4aK8FWx10Euyb4lyspRybwaPPHf7setNsGTDpUVy6nep3ZHzEUi7yR6MZwIb%2BYiBXARX5RSEDI1Ky1%2Fyg91jYJmh3lpldEdP5ZzAk%2BW8WkeNBnIjoSCh7YT0rU%2FKjmuv%2B8AU0jcIolNgsRsX2CYbnP"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 79dfd147dff125ec-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	404	fonteb.woff portal-acesse-lojacliete.com/api/fontes/	0 0	224ms 224ms	Font text/html	2606:4700:3032::6815:40cc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://portal-acesse-lojacliete.com/api/fontes/fonteb.woff Requested by Host: portal-acesse-lojacliete.com URL: https://portal-acesse-lojacliete.com/magalu/index_files/css.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:40cc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://portal-acesse-lojacliete.com/magalu/index_files/css.css Origin https://portal-acesse-lojacliete.com accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Thu, 23 Feb 2023 12:03:18 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2FwvXGbc2WZqfLw2RIaJ82T8XAh4jdXjo2l5BO5R%2Bg4cS05Xa9U749d9SgN6jId2%2BNtpmsd8RONamrFw2amMWCE9JUoYdnSG73RBdzmtO1QVnC2baC4gJ3PAQRMhlq53%2Figr0zVAlXqfwXPtoTFEAIphEUk%2BhT9ynRfM"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 79dfd147dff225ec-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	404	api.php Show response portal-acesse-lojacliete.com/	290 B 670 B	119ms 119ms	XHR text/html	2606:4700:3032::6815:40cc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://portal-acesse-lojacliete.com/api.php?metodo=online&local=inicio&dispositivo=desktop Requested by Host: portal-acesse-lojacliete.com URL: https://portal-acesse-lojacliete.com/magalu/index_files/jquery.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:40cc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d4bc4dd73e6dca2e9953d184bb1a817f74e29f9d17806fb498e8f7a988af9bc5` Request headers Accept text/html, /; q=0.01 Referer https://portal-acesse-lojacliete.com/magalu/ X-Requested-With XMLHttpRequest accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Thu, 23 Feb 2023 12:03:19 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c5TziXZwfVUl8e24i0MicREM%2F9gLmySIn2iAUav4lEu7ZpzeH%2BoMna6J%2BSz%2B3cvhbp31npO72QdirKpzCqbqi0Yrul9d78oFQ26ZagifjQ5iYi4I5G1cE3f%2FrTmGFQUIXszybsSsZoH8WsXKlC5UgfICZJV65oaCKd46"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cf-ray 79dfd14e1f2425ec-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	404	api.php Show response portal-acesse-lojacliete.com/	290 B 670 B	116ms 116ms	XHR text/html	2606:4700:3032::6815:40cc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://portal-acesse-lojacliete.com/api.php?metodo=online&local=inicio&dispositivo=desktop Requested by Host: portal-acesse-lojacliete.com URL: https://portal-acesse-lojacliete.com/magalu/index_files/jquery.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:40cc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d4bc4dd73e6dca2e9953d184bb1a817f74e29f9d17806fb498e8f7a988af9bc5` Request headers Accept text/html, /; q=0.01 Referer https://portal-acesse-lojacliete.com/magalu/ X-Requested-With XMLHttpRequest accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Thu, 23 Feb 2023 12:03:20 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ut4OLffzohHAayMNTR26yPIgHT8kSfpVYnGBlAQGKJgH0FORB3o%2BoDta10DbmaDdSfPu99qPLCvr3zsK6TBQdp6PZ%2FdA98gnI3o7JyTW9NePedN5NJpNVPtwBxddG9I5LMTKte%2FAw7eavhcJPY4xyTnCWTMdZdyoESU"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cf-ray 79dfd1545eb125ec-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	404	api.php Show response portal-acesse-lojacliete.com/	290 B 670 B	115ms 115ms	XHR text/html	2606:4700:3032::6815:40cc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://portal-acesse-lojacliete.com/api.php?metodo=online&local=inicio&dispositivo=desktop Requested by Host: portal-acesse-lojacliete.com URL: https://portal-acesse-lojacliete.com/magalu/index_files/jquery.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:40cc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d4bc4dd73e6dca2e9953d184bb1a817f74e29f9d17806fb498e8f7a988af9bc5` Request headers Accept text/html, /; q=0.01 Referer https://portal-acesse-lojacliete.com/magalu/ X-Requested-With XMLHttpRequest accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Thu, 23 Feb 2023 12:03:21 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZMVIUFc9d3LLknQ%2Foej0QuiJi6ykN2UefO8P3PDDWBgMsWi10%2BTIXJLa63crogF4tID8NnBW0FLYr0BlVQ3dHQxe6KHWOEdjDM5NP4tFqu2FWrq6MGbq2kf79JBxwJQFaOEf0fagTyf%2Bryt3TaXyIOp7eKBrV0ZqLVcF"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cf-ray 79dfd15a9ef525ec-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	404	api.php Show response portal-acesse-lojacliete.com/	290 B 677 B	121ms 120ms	XHR text/html	2606:4700:3032::6815:40cc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://portal-acesse-lojacliete.com/api.php?metodo=online&local=inicio&dispositivo=desktop Requested by Host: portal-acesse-lojacliete.com URL: https://portal-acesse-lojacliete.com/magalu/index_files/jquery.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:40cc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d4bc4dd73e6dca2e9953d184bb1a817f74e29f9d17806fb498e8f7a988af9bc5` Request headers Accept text/html, /; q=0.01 Referer https://portal-acesse-lojacliete.com/magalu/ X-Requested-With XMLHttpRequest accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Thu, 23 Feb 2023 12:03:22 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FqrYoU%2Bwu8T%2BaX5AO1ECPtIsznyNA%2FNJRs2toq1Q8zgPhjvUzXJlHSMDE3c7uZd%2BeGSSYS5Oeh0hqhYyYdWglBmG4boVVLhPMW5sq8bEmJOSOXXZiJWjteleIb2WQFDEUBUJVba8Dvg%2BJ7N2%2BrRuBtwRHt3o4X0uGD%2Fa"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cf-ray 79dfd160dec325ec-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Magazine Luiza (Consumer)

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://portal-acesse-lojacliete.com/api.php?metodo=online&local=inicio&dispositivo=desktop Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://portal-acesse-lojacliete.com/api/fontes/fonteb.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://portal-acesse-lojacliete.com/api/fontes/fontea.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://portal-acesse-lojacliete.com/api/fontes/fonted.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://portal-acesse-lojacliete.com/api.php?metodo=online&local=inicio&dispositivo=desktop Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://portal-acesse-lojacliete.com/api.php?metodo=online&local=inicio&dispositivo=desktop Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://portal-acesse-lojacliete.com/api.php?metodo=online&local=inicio&dispositivo=desktop Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://portal-acesse-lojacliete.com/api.php?metodo=online&local=inicio&dispositivo=desktop Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

portal-acesse-lojacliete.com
2606:4700:3032::6815:40cc
04359500a657f5ad17f401c78a1dac274dc75d7b6b5f40690784a5c8da761977
2eb3373dbccf77764365632f60b4d4c4c0e72f6aeaabddfcedf6a0d0a6ad15d9
50f168fd1988ac110406e0bbf40b6313ff596f5a04e32982764cda1bace75252
72037311a4dfde4d042df73e31b7cbeafc0bdf2aaa605b69aff3326015a396da
7e393e8c97f5aef8d6f6e62fafe5f376b40cef8b17366aa923c237b615af8691
ae6b38112b49c7555bb384a42e37b092575f536ef60b8c88d73bd2d55dd2ed97
d028ee4b66227f72750880d138427c3f5e581c7b918fad4ae8682b67e5b9f712
d4bc4dd73e6dca2e9953d184bb1a817f74e29f9d17806fb498e8f7a988af9bc5
f8d497c92f5f95fba3066bafe3e2cbbbede040cd96ddb7e73e1106df7f70cd98

portal-acesse-lojacliete.com Open in urlscan Pro 2606:4700:3032::6815:40cc Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

16 Requests

100 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

55 kBTransfer

154 kBSize

0 Cookies

0 Outgoing links

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

27 JavaScript Global Variables

0 Cookies

8 Console Messages

Indicators

portal-acesse-lojacliete.com Open in urlscan Pro
2606:4700:3032::6815:40cc Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

55 kB
Transfer

154 kB
Size

0
Cookies

16 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!