superorfertasamer-com.umbler.net Open in urlscan Pro
177.55.116.228  Malicious Activity! Public Scan

Submitted URL: http://superorfertasamer-com.umbler.net/completo?pedido=319770923
Effective URL: http://superorfertasamer-com.umbler.net/completo/?pedido=319770923
Submission: On February 07 via api from BR

Summary

This website contacted 7 IPs in 4 countries across 7 domains to perform 20 HTTP transactions. The main IP is 177.55.116.228, located in Brazil and belongs to RedeHost Internet Ltda., BR. The main domain is superorfertasamer-com.umbler.net.
This is the only time superorfertasamer-com.umbler.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Lojas Americanas (Retail)

Domain & IP information

IP Address AS Autonomous System
1 6 177.55.116.228 53057 (RedeHost ...)
4 151.101.112.193 54113 (FASTLY)
1 2a02:26f0:170... 20940 (AKAMAI-ASN1)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 1 2620:1ec:bdf::13 8068 (MICROSOFT...)
1 13.66.39.88 8075 (MICROSOFT...)
20 7
Domain Requested by
6 superorfertasamer-com.umbler.net 1 redirects superorfertasamer-com.umbler.net
4 i.imgur.com superorfertasamer-com.umbler.net
2 play.google.com 1 redirects superorfertasamer-com.umbler.net
1 behavior-prd-southus-webapp-web-2.azurewebsites.net superorfertasamer-com.umbler.net
1 device.clearsale.com.br 1 redirects
1 images-americanas.b2w.io superorfertasamer-com.umbler.net
1 sacola.americanas.com.br superorfertasamer-com.umbler.net
20 7

This site contains links to these domains. Also see Links.

Domain
americanas.com.br
sacola.americanas.com.br
cliente.americanas.com.br
www.ebitempresa.com.br
Subject Issuer Validity Valid
*.imgur.com
DigiCert SHA2 Secure Server CA
2020-01-15 -
2022-03-16
2 years crt.sh
b2wdigital.com
DigiCert SHA2 Secure Server CA
2021-02-02 -
2022-02-06
a year crt.sh
*.google.com
GTS CA 1O1
2021-01-19 -
2021-04-13
3 months crt.sh
*.azurewebsites.net
Microsoft RSA TLS CA 01
2020-09-28 -
2021-09-28
a year crt.sh

This page contains 1 frames:

Primary Page: http://superorfertasamer-com.umbler.net/completo/?pedido=319770923
Frame ID: C165D92341BC683E570D4FB3D06C4C2D
Requests: 20 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://superorfertasamer-com.umbler.net/completo?pedido=319770923 HTTP 301
    http://superorfertasamer-com.umbler.net/completo/?pedido=319770923 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

20
Requests

40 %
HTTPS

57 %
IPv6

7
Domains

7
Subdomains

7
IPs

4
Countries

336 kB
Transfer

592 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://superorfertasamer-com.umbler.net/completo?pedido=319770923 HTTP 301
    http://superorfertasamer-com.umbler.net/completo/?pedido=319770923 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://play.google.com/intl/en_us/badges/images/generic/pt-br_badge_web_generic.png HTTP 302
  • https://play.google.com/intl/en_us/badges/static/images/badges/pt-br_badge_web_generic.png
Request Chain 18
  • http://device.clearsale.com.br/p/fp.js HTTP 307
  • https://behavior-prd-southus-webapp-web-2.azurewebsites.net/p/fp.js

20 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
superorfertasamer-com.umbler.net/completo/
Redirect Chain
  • http://superorfertasamer-com.umbler.net/completo?pedido=319770923
  • http://superorfertasamer-com.umbler.net/completo/?pedido=319770923
195 KB
196 KB
Document
General
Full URL
http://superorfertasamer-com.umbler.net/completo/?pedido=319770923
Protocol
HTTP/1.1
Server
177.55.116.228 , Brazil, ASN53057 (RedeHost Internet Ltda., BR),
Reverse DNS
Software
Apache / PHP/7.3.13
Resource Hash
be063694b9d2acd887c5515986777c42631a0622f24da0215147ed7a85e21ade

Request headers

Host
superorfertasamer-com.umbler.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 07 Feb 2021 22:04:17 GMT
Server
Apache
X-Powered-By
PHP/7.3.13
Vary
X-Proxy-Provider
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Expires
Wed, 11 Jan 1984 05:00:00 GMT
Pragma
no-cache
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Sun, 07 Feb 2021 22:04:17 GMT
Server
Apache
Location
http://superorfertasamer-com.umbler.net/completo/?pedido=319770923
Cache-Control
max-age=3600
Expires
Sun, 07 Feb 2021 23:04:17 GMT
Content-Length
274
Content-Type
text/html; charset=iso-8859-1
theme.css
superorfertasamer-com.umbler.net/public/css/
225 KB
38 KB
Stylesheet
General
Full URL
http://superorfertasamer-com.umbler.net/public/css/theme.css
Requested by
Host: superorfertasamer-com.umbler.net
URL: http://superorfertasamer-com.umbler.net/completo/?pedido=319770923
Protocol
HTTP/1.1
Server
177.55.116.228 , Brazil, ASN53057 (RedeHost Internet Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
4c79a1e8c53a807d97e220393322cf58bb258c5c57534a2399f6b52a19c224eb

Request headers

Referer
http://superorfertasamer-com.umbler.net/completo/?pedido=319770923
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 07 Feb 2021 22:04:17 GMT
Content-Encoding
gzip
Last-Modified
Sat, 06 Feb 2021 19:30:26 GMT
Server
Apache
Vary
X-Proxy-Provider,Accept-Encoding
Upgrade
h2,h2c
Cache-Control
max-age=604800, must-revalidate
Connection
Upgrade
Accept-Ranges
none
Content-Type
text/css
Content-Length
38420
Expires
Mon, 07 Feb 2022 22:04:17 GMT
main.228389f4.css
superorfertasamer-com.umbler.net/public/css/
15 KB
4 KB
Stylesheet
General
Full URL
http://superorfertasamer-com.umbler.net/public/css/main.228389f4.css
Requested by
Host: superorfertasamer-com.umbler.net
URL: http://superorfertasamer-com.umbler.net/completo/?pedido=319770923
Protocol
HTTP/1.1
Server
177.55.116.228 , Brazil, ASN53057 (RedeHost Internet Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
6ce16f40ad63f9b2efc4da3466f64c7da8e8759bb220e3560e4f6f7b0c5a94de

Request headers

Referer
http://superorfertasamer-com.umbler.net/completo/?pedido=319770923
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 07 Feb 2021 22:04:17 GMT
Content-Encoding
gzip
Last-Modified
Sat, 06 Feb 2021 19:30:26 GMT
Server
Apache
Vary
X-Proxy-Provider,Accept-Encoding
Upgrade
h2,h2c
Cache-Control
max-age=604800, must-revalidate
Connection
Upgrade
Accept-Ranges
none
Content-Type
text/css
Content-Length
4030
Expires
Mon, 07 Feb 2022 22:04:17 GMT
37g9oiW.png
i.imgur.com/
2 KB
2 KB
Image
General
Full URL
https://i.imgur.com/37g9oiW.png
Requested by
Host: superorfertasamer-com.umbler.net
URL: http://superorfertasamer-com.umbler.net/completo/?pedido=319770923
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
e67dcf0c52d2924bd09e897266b477c49347274a5ecfb5ec9f149aee681f7d6a
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

Referer
http://superorfertasamer-com.umbler.net/completo/?pedido=319770923
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 22:04:18 GMT
x-content-type-options
nosniff
age
304062
x-cache
HIT, HIT
content-length
2158
x-served-by
cache-bwi5146-BWI, cache-hhn4030-HHN
last-modified
Wed, 23 Aug 2017 14:40:14 GMT
server
cat factory 1.0
x-timer
S1612735458.276957,VS0,VE1
etag
"9e69a42413a5bcbc225ef7a780acb1c7"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
svg_store.min.svg
sacola.americanas.com.br/dist-v2.27.1.2700/theme/images/svg/
0
0

18615382_1GG.jpg
images-americanas.b2w.io/produtos/01/00/img/18615/3/
38 KB
39 KB
Image
General
Full URL
https://images-americanas.b2w.io/produtos/01/00/img/18615/3/18615382_1GG.jpg
Requested by
Host: superorfertasamer-com.umbler.net
URL: http://superorfertasamer-com.umbler.net/completo/?pedido=319770923
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:1700:19d::19fe , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
BIS /
Resource Hash
065647267d0fdec454732f763bdb3185b772aeaaef9c72458b90e6dfb121b64f

Request headers

Referer
http://superorfertasamer-com.umbler.net/completo/?pedido=319770923
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 22:04:18 GMT
last-modified
Mon, 23 Nov 2020 20:59:41 GMT
server
BIS
etag
3a640319bb5ae0ddc1efacfb34eace9c3f81240aa22427643a4e0fe587ad067f
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
cache-control
public, max-age=604800
warning
60380
content-disposition
inline; filename="18615382_1GG.webp"
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
content-length
38984
x-request-id
ZHSstyg3Ipm3lkdPWRSZe
expires
Sun, 14 Feb 2021 22:04:18 GMT
svg_store.min.svg
sacola.americanas.com.br/dist-v2.27.1.2700/theme/images/svg/
0
0

svg_store.min.svg
sacola.americanas.com.br/dist-v2.27.1.2700/theme/images/svg/
0
0

svg_store.min.svg
sacola.americanas.com.br/dist-v2.27.1.2700/theme/images/svg/
0
0

svg_store.min.svg
sacola.americanas.com.br/dist-v2.27.1.2700/theme/images/svg/
0
0

pt-br_badge_web_generic.png
play.google.com/intl/en_us/badges/static/images/badges/
Redirect Chain
  • https://play.google.com/intl/en_us/badges/images/generic/pt-br_badge_web_generic.png
  • https://play.google.com/intl/en_us/badges/static/images/badges/pt-br_badge_web_generic.png
15 KB
15 KB
Image
General
Full URL
https://play.google.com/intl/en_us/badges/static/images/badges/pt-br_badge_web_generic.png
Requested by
Host: superorfertasamer-com.umbler.net
URL: http://superorfertasamer-com.umbler.net/completo/?pedido=319770923
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7845af9e7a4121d91609f3a98fc8903823219ae4001a9d151b724e5d4a19a10a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://superorfertasamer-com.umbler.net/completo/?pedido=319770923
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 22:04:18 GMT
x-content-type-options
nosniff
last-modified
Tue, 08 Oct 2019 05:15:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15329
x-xss-protection
0
expires
Sun, 07 Feb 2021 22:04:18 GMT

Redirect headers

date
Sun, 07 Feb 2021 22:04:18 GMT
x-content-type-options
nosniff
server
sffe
content-type
text/html; charset=UTF-8
location
https://play.google.com/intl/en_us/badges/static/images/badges/pt-br_badge_web_generic.png
cache-control
private
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
287
x-xss-protection
0
goToAppleStore.png
sacola.americanas.com.br/current-checkout/images/acom/
5 KB
6 KB
Image
General
Full URL
https://sacola.americanas.com.br/current-checkout/images/acom/goToAppleStore.png
Requested by
Host: superorfertasamer-com.umbler.net
URL: http://superorfertasamer-com.umbler.net/completo/?pedido=319770923
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:28b::19fe , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
b508671887cb60d42e17fe4c08be228f434607b29955c5635a563b73d197e37b

Request headers

Referer
http://superorfertasamer-com.umbler.net/completo/?pedido=319770923
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
123, 113, 390
date
Sun, 07 Feb 2021 22:04:18 GMT
x-amz-request-id
A427C0DE1B6308B0
x-edgeconnect-midmile-rtt
0, 0, 8
x-px
true
server-timing
cdn-cache; desc=REVALIDATE, edge; dur=-104, origin; dur=113
content-length
4917
x-amz-id-2
3agznhIZkbkD10bjw6nJOA8IdJeu9YuFY7hkoKaEnzeSfDLpDjFQ4smfrrKStHwP/YrDBHqzUqE=
last-modified
Wed, 25 Nov 2020 02:14:46 GMT
server
nginx
etag
"be0f39ebd395f62ea77b853f7e834855"
access-control-allow-methods
PUT, DELETE, GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log, X-Nginx-Uri, Access-Token, X-Access-Token, X-Experiment-Freight
warning
43988
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log, X-Nginx-Uri, Access-Token, X-Access-Token, X-Experiment-Freight
b15685.gif
superorfertasamer-com.umbler.net/completo/pedido-completo_files/
196 B
196 B
Image
General
Full URL
http://superorfertasamer-com.umbler.net/completo/pedido-completo_files/b15685.gif
Requested by
Host: superorfertasamer-com.umbler.net
URL: http://superorfertasamer-com.umbler.net/completo/?pedido=319770923
Protocol
HTTP/1.1
Server
177.55.116.228 , Brazil, ASN53057 (RedeHost Internet Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Request headers

Referer
http://superorfertasamer-com.umbler.net/completo/?pedido=319770923
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 07 Feb 2021 22:04:18 GMT
Server
Apache
Content-Length
196
Content-Type
text/html; charset=iso-8859-1
f(2).txt
superorfertasamer-com.umbler.net/completo/pedido-completo_files/
0
0
Script
General
Full URL
http://superorfertasamer-com.umbler.net/completo/pedido-completo_files/f(2).txt
Requested by
Host: superorfertasamer-com.umbler.net
URL: http://superorfertasamer-com.umbler.net/completo/?pedido=319770923
Protocol
HTTP/1.1
Server
177.55.116.228 , Brazil, ASN53057 (RedeHost Internet Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Referer
http://superorfertasamer-com.umbler.net/completo/?pedido=319770923
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 07 Feb 2021 22:04:18 GMT
Server
Apache
Content-Length
196
Content-Type
text/html; charset=iso-8859-1
svg_store.min.svg
sacola.americanas.com.br/current-checkout/theme/images/svg/
0
0

svg_store.min.svg
sacola.americanas.com.br/current-checkout/theme/images/svg/
0
0

uk4BUV9.png
i.imgur.com/
1 KB
2 KB
Image
General
Full URL
https://i.imgur.com/uk4BUV9.png
Requested by
Host: superorfertasamer-com.umbler.net
URL: http://superorfertasamer-com.umbler.net/completo/?pedido=319770923
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
9715c541123ac5e56fa3cdd43cb3ae5a3e5d704e6aa22b6af8e89cf15ff50bd3
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

Referer
http://superorfertasamer-com.umbler.net/completo/?pedido=319770923
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 22:04:18 GMT
x-content-type-options
nosniff
age
2652410
x-cache
HIT, HIT
content-length
1516
x-served-by
cache-bwi5137-BWI, cache-hhn4030-HHN
last-modified
Wed, 23 Aug 2017 14:41:23 GMT
server
cat factory 1.0
x-timer
S1612735458.324427,VS0,VE88
etag
"31334ad5f91787ff0465135bfd48de1e"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
v1R3yTD.png
i.imgur.com/
720 B
868 B
Image
General
Full URL
https://i.imgur.com/v1R3yTD.png
Requested by
Host: superorfertasamer-com.umbler.net
URL: http://superorfertasamer-com.umbler.net/completo/?pedido=319770923
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
6ce6104c02240f9927eef9342263a5d738b31b67519a2604a1116d4cb96dbb3c
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

Referer
http://superorfertasamer-com.umbler.net/completo/?pedido=319770923
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 22:04:18 GMT
x-content-type-options
nosniff
age
699861
x-cache
HIT, HIT
content-length
720
x-served-by
cache-bwi5165-BWI, cache-hhn4030-HHN
last-modified
Wed, 23 Aug 2017 14:31:43 GMT
server
cat factory 1.0
x-timer
S1612735458.324407,VS0,VE1
etag
"66ce3ed74856c96c608dc10d383d79c6"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
thj9SyF.png
i.imgur.com/
857 B
1005 B
Image
General
Full URL
https://i.imgur.com/thj9SyF.png
Requested by
Host: superorfertasamer-com.umbler.net
URL: http://superorfertasamer-com.umbler.net/completo/?pedido=319770923
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
3e687b8f5ce02d8f5805a37abbf0e39b36246e67fbae197a29443fc85fe8dec0
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

Referer
http://superorfertasamer-com.umbler.net/completo/?pedido=319770923
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 22:04:18 GMT
x-content-type-options
nosniff
age
1131744
x-cache
HIT, HIT
content-length
857
x-served-by
cache-bwi5141-BWI, cache-hhn4030-HHN
last-modified
Wed, 23 Aug 2017 14:37:59 GMT
server
cat factory 1.0
x-timer
S1612735458.324377,VS0,VE1
etag
"ca9666089e34d8b87f9e182976d2dd70"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
fp.js
behavior-prd-southus-webapp-web-2.azurewebsites.net/p/
Redirect Chain
  • http://device.clearsale.com.br/p/fp.js
  • https://behavior-prd-southus-webapp-web-2.azurewebsites.net/p/fp.js
94 KB
32 KB
Script
General
Full URL
https://behavior-prd-southus-webapp-web-2.azurewebsites.net/p/fp.js
Requested by
Host: superorfertasamer-com.umbler.net
URL: http://superorfertasamer-com.umbler.net/completo/?pedido=319770923
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.66.39.88 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
83651cbbf2db38fc8924edf1b6b0ae72ef1c15d975c30260e12b48334364ca5e

Request headers

Referer
http://superorfertasamer-com.umbler.net/completo/?pedido=319770923
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 07 Feb 2021 22:04:19 GMT
Content-Encoding
gzip
Last-Modified
Tue, 24 Nov 2020 15:31:26 GMT
ETag
"1d6c276df28a384"
Vary
Accept-Encoding
Content-Type
application/javascript
Arr-Disable-Session-Affinity
true
Transfer-Encoding
chunked
Accept-Ranges
bytes

Redirect headers

Location
https://behavior-prd-southus-webapp-web-2.azurewebsites.net/p/fp.js
Date
Sun, 07 Feb 2021 22:04:17 GMT
Arr-Disable-Session-Affinity
true
Content-Length
0
X-Azure-Ref
04mMgYAAAAAA2AY5+ruXqQIZzX1yVFWfeRlJBRURHRTEwMTAANWI0YTEwMjItOTczYi00NjhhLTk4NmYtZGFkZjNkYzFkMDQy

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sacola.americanas.com.br
URL
https://sacola.americanas.com.br/dist-v2.27.1.2700/theme/images/svg/svg_store.min.svg
Domain
sacola.americanas.com.br
URL
https://sacola.americanas.com.br/dist-v2.27.1.2700/theme/images/svg/svg_store.min.svg
Domain
sacola.americanas.com.br
URL
https://sacola.americanas.com.br/dist-v2.27.1.2700/theme/images/svg/svg_store.min.svg
Domain
sacola.americanas.com.br
URL
https://sacola.americanas.com.br/dist-v2.27.1.2700/theme/images/svg/svg_store.min.svg
Domain
sacola.americanas.com.br
URL
https://sacola.americanas.com.br/dist-v2.27.1.2700/theme/images/svg/svg_store.min.svg
Domain
sacola.americanas.com.br
URL
https://sacola.americanas.com.br/current-checkout/theme/images/svg/svg_store.min.svg
Domain
sacola.americanas.com.br
URL
https://sacola.americanas.com.br/current-checkout/theme/images/svg/svg_store.min.svg

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Lojas Americanas (Retail)

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated string| google_ad_client string| google_ad_slot number| google_ad_width number| google_ad_height string| CsdpObject function| csdp function| DivEndereco object| a0_0x2f8b function| a0_0x19e0 function| setImmediate function| clearImmediate

0 Cookies