portal-acesse-lojacliete.com Open in urlscan Pro
2606:4700:3032::6815:40cc Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://portal-acesse-lojacliete.com/magalu/
Submission: On February 23 via automatic, source phishtank (February 23rd 2023, 12:54:23 pm UTC) — Scanned from DE

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 16 HTTP transactions. The main IP is 2606:4700:3032::6815:40cc, located in United States and belongs to CLOUDFLARENET, US. The main domain is portal-acesse-lojacliete.com.
TLS certificate: Issued by GTS CA 1P5 on February 22nd 2023. Valid for: 3 months.

This is the only time portal-acesse-lojacliete.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Magazine Luiza (Consumer)

Domain & IP information

	IP Address		AS Autonomous System
16	2606:4700:303... 2606:4700:3032::6815:40cc		13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	1

16 2606:4700:3032::6815:40cc (United States)

ASN13335 (CLOUDFLARENET, US)

portal-acesse-lojacliete.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	portal-acesse-lojacliete.com portal-acesse-lojacliete.com	55 KB
16	1

	Domain	Requested by
16	portal-acesse-lojacliete.com	portal-acesse-lojacliete.com
16	1

This site contains no links.

Subject Issuer	Validity	Valid
*.portal-acesse-lojacliete.com GTS CA 1P5	`2023-02-22` - `2023-05-23`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://portal-acesse-lojacliete.com/magalu/
Frame ID: 96053339BE8F956C8E02B020617EE927
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Consultar fatura Magalu

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

16
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

55 kB
Transfer

154 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response portal-acesse-lojacliete.com/magalu/	27 KB 3 KB	352ms 311ms	Document text/html	2606:4700:3032::6815:40cc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://portal-acesse-lojacliete.com/magalu/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:40cc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2eb3373dbccf77764365632f60b4d4c4c0e72f6aeaabddfcedf6a0d0a6ad15d9` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 79e01bff98b76939-FRA content-encoding br content-type text/html; charset=UTF-8 date Thu, 23 Feb 2023 12:54:19 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oj9FWQq0UxWxSXeQQMyOeGPWGwJTUIEin6EDyT7KYxjiGHZZo3LjBuNNLEWvU5anj9W0Hq9Lmt3QRlmVAMtcMUjSblRInFFqZ4IF4R8yYn9zmxBZpIX2PtTcvGLxHASEQc%2FF9qRcGKFNVQMSUPgby%2FrWRFCTLYh6DrCD"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	jquery.js Show response portal-acesse-lojacliete.com/magalu/index_files/	87 KB 32 KB	19ms 17ms	Script application/javascript	2606:4700:3032::6815:40cc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://portal-acesse-lojacliete.com/magalu/index_files/jquery.js Requested by Host: portal-acesse-lojacliete.com URL: https://portal-acesse-lojacliete.com/magalu/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:40cc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `72037311a4dfde4d042df73e31b7cbeafc0bdf2aaa605b69aff3326015a396da` Request headers accept-language de-DE,de;q=0.9 Referer https://portal-acesse-lojacliete.com/magalu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Thu, 23 Feb 2023 12:54:19 GMT content-encoding br cf-cache-status HIT last-modified Mon, 12 Sep 2022 17:03:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 6212 etag W/"15d99-5e87ddecbaf80-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QmdjfUceAk5WORWKrg%2BiMyexd97ZWSJomuuPYh8TBGf%2FjDr%2Bk4DUPI42kxa6woclmITRg2StkqAV2dBiPaPrImyRlwouPiVnMONLTuN4tO5xxgdlBZFI00URsAXL9cIJjo2SXbUdjQ8%2F%2BgP4CbppIVwIa%2BhDIrIs1aDT"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 79e01c018b816939-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	js.js Show response portal-acesse-lojacliete.com/magalu/index_files/	829 B 762 B	16ms 15ms	Script application/javascript	2606:4700:3032::6815:40cc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://portal-acesse-lojacliete.com/magalu/index_files/js.js Requested by Host: portal-acesse-lojacliete.com URL: https://portal-acesse-lojacliete.com/magalu/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:40cc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `04359500a657f5ad17f401c78a1dac274dc75d7b6b5f40690784a5c8da761977` Request headers accept-language de-DE,de;q=0.9 Referer https://portal-acesse-lojacliete.com/magalu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Thu, 23 Feb 2023 12:54:19 GMT content-encoding br cf-cache-status HIT last-modified Mon, 12 Sep 2022 17:03:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 6212 etag W/"33d-5e87ddecbaf80-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B7oLNkSiZ2s0MXjUHaAOrvj8Phx9qfKx7mdO4Yox8AOq2QhSksYBC%2F8JmWyRcYyJTN2gkLjmhDJlviMmk73HzSpBVikeyViQjF4Sii7b4srfnmWCS3mtdTJTfBWt6D0jAunv1PurW0RXB9RaNgmAHX97W0tvFrCx4W%2B1"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 79e01c018b876939-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	inicio.js Show response portal-acesse-lojacliete.com/magalu/index_files/	23 KB 3 KB	18ms 16ms	Script application/javascript	2606:4700:3032::6815:40cc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://portal-acesse-lojacliete.com/magalu/index_files/inicio.js Requested by Host: portal-acesse-lojacliete.com URL: https://portal-acesse-lojacliete.com/magalu/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:40cc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `50f168fd1988ac110406e0bbf40b6313ff596f5a04e32982764cda1bace75252` Request headers accept-language de-DE,de;q=0.9 Referer https://portal-acesse-lojacliete.com/magalu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Thu, 23 Feb 2023 12:54:19 GMT content-encoding br cf-cache-status HIT last-modified Tue, 07 Feb 2023 17:29:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 6212 etag W/"5c18-5f41f7eea4880-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rf61fw5FRrEMCCbrN9B00EwfSMzW38IVrFlP17ZvQbMrGZ7eLxpjlaN6KcIuIO1ugitiB5vH6HyEHfMe4HCnFqWD%2BCe86KYcq%2FiH829SXwhAXeVY8b070Qg8NutjheTS%2BL6EoKeAo9aSWe%2FwNIKaVnzASj5jHCGGDOcI"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 79e01c018b896939-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	icon portal-acesse-lojacliete.com/magalu/index_files/	528 B 846 B	159ms 158ms	Stylesheet text/plain	2606:4700:3032::6815:40cc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://portal-acesse-lojacliete.com/magalu/index_files/icon Requested by Host: portal-acesse-lojacliete.com URL: https://portal-acesse-lojacliete.com/magalu/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:40cc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f8d497c92f5f95fba3066bafe3e2cbbbede040cd96ddb7e73e1106df7f70cd98` Request headers accept-language de-DE,de;q=0.9 Referer https://portal-acesse-lojacliete.com/magalu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Thu, 23 Feb 2023 12:54:19 GMT cf-cache-status DYNAMIC last-modified Mon, 12 Sep 2022 17:03:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "210-5e87ddecbaf80" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B3pUCZRctoCpoUxJ23E7tnZxFpiXRTgFq4wv6zW3SGInNQKdjKnMeyFMCazeX9KGj3K%2B6rSxRKdkjtJ%2FTv7QDp3qY2RXWoo%2BAtRd7wxHRlSRxQMzeaJbfG9hJmKfaCb9BANgUtUvyMygLhcYyO66ChPzcEn%2FfDGGts5p"}],"group":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 79e01c018b836939-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 528
GET H2	200	css.css portal-acesse-lojacliete.com/magalu/index_files/	332 B 458 B	15ms 14ms	Stylesheet text/css	2606:4700:3032::6815:40cc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://portal-acesse-lojacliete.com/magalu/index_files/css.css Requested by Host: portal-acesse-lojacliete.com URL: https://portal-acesse-lojacliete.com/magalu/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:40cc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ae6b38112b49c7555bb384a42e37b092575f536ef60b8c88d73bd2d55dd2ed97` Request headers accept-language de-DE,de;q=0.9 Referer https://portal-acesse-lojacliete.com/magalu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Thu, 23 Feb 2023 12:54:19 GMT content-encoding br cf-cache-status HIT last-modified Mon, 12 Sep 2022 17:03:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 6212 etag W/"14c-5e87ddecbaf80-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wwifosq5cTQMaUrGE%2FoSQm23aCZlnX4iiQMUUlO%2FAvs%2FL9%2BaR74Hbighjnyp6VhbVINHJGsEKavb1qX%2BFKXZnulnYGQ9Or28BKDXlitHam2N%2BhzyiCzH7Pj4PzjawdkSaGqYfZ5f0OOJM4l9fi6m1hEXH93ovr1zl1Dk"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 79e01c018b846939-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	inicio.css portal-acesse-lojacliete.com/magalu/index_files/	1 KB 639 B	16ms 15ms	Stylesheet text/css	2606:4700:3032::6815:40cc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://portal-acesse-lojacliete.com/magalu/index_files/inicio.css Requested by Host: portal-acesse-lojacliete.com URL: https://portal-acesse-lojacliete.com/magalu/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:40cc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d028ee4b66227f72750880d138427c3f5e581c7b918fad4ae8682b67e5b9f712` Request headers accept-language de-DE,de;q=0.9 Referer https://portal-acesse-lojacliete.com/magalu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Thu, 23 Feb 2023 12:54:19 GMT content-encoding br cf-cache-status HIT last-modified Mon, 12 Sep 2022 17:03:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 6212 etag W/"514-5e87ddecbaf80-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kpwz7jeSV00C2N90WJKEUgiOFtTivrB7XY1A0Jq46ckZS1yPkETFrN%2BTdSSie3vhY%2FpMaQWk15LqF3DMqmi4%2BRTa2pd4UatnXGH%2BWsV4tllWIK6tKlQ5k4%2BkHbh%2FklsXpzQIvvKP6UUhnWXV3kG%2BfI0HgYufU3O0jZqT"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 79e01c018b866939-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	magalu-logo.png portal-acesse-lojacliete.com/magalu/index_files/	12 KB 12 KB	334ms 333ms	Image image/png	2606:4700:3032::6815:40cc CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://portal-acesse-lojacliete.com/magalu/index_files/magalu-logo.png Requested by Host: portal-acesse-lojacliete.com URL: https://portal-acesse-lojacliete.com/magalu/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:40cc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `7e393e8c97f5aef8d6f6e62fafe5f376b40cef8b17366aa923c237b615af8691` Request headers accept-language de-DE,de;q=0.9 Referer https://portal-acesse-lojacliete.com/magalu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Thu, 23 Feb 2023 12:54:19 GMT cf-cache-status REVALIDATED last-modified Mon, 12 Sep 2022 17:03:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "2ec7-5e87ddecbaf80" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RJ1WFYnJ34HPqF7zVSBK3dIq16e%2F59LQSqnGDZ%2BfJTtxqd7AQZbdEqxAO88Imbx1wPY%2FevISJH1Pehogq9gDzJ4cNVtfYxrgSoAOZon7D70DTdF8lLMKgcgcF8RD52M5dnnWbjiVN%2BnuvYak0CW3IQtf2VUa3MF7YarE"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 79e01c01bfa3366c-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 11975
GET H3	404	api.php Show response portal-acesse-lojacliete.com/	290 B 672 B	329ms 329ms	XHR text/html	2606:4700:3032::6815:40cc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://portal-acesse-lojacliete.com/api.php?metodo=online&local=inicio&dispositivo=desktop Requested by Host: portal-acesse-lojacliete.com URL: https://portal-acesse-lojacliete.com/magalu/index_files/jquery.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:40cc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d4bc4dd73e6dca2e9953d184bb1a817f74e29f9d17806fb498e8f7a988af9bc5` Request headers Accept text/html, /; q=0.01 Referer https://portal-acesse-lojacliete.com/magalu/ X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Thu, 23 Feb 2023 12:54:19 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WpBPCs4%2B8SCC5b9izMS4TIOLu4xloYVi5PMdc7Q3FRuXchOr7St5NInLKYoVnAJjP%2FYEoqvAk1XLBvXbv3TVattQfBBCuqv7x1vuLoSW%2Ba6MLv%2BwAHeoOIoWeCRDbPSLjeMwcrtLZyajAFCI0pSgaCDYiyQJfLCuJtro"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cf-ray 79e01c028900366c-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	404	fontea.woff portal-acesse-lojacliete.com/api/fontes/	0 0	318ms 318ms	Font text/html	2606:4700:3032::6815:40cc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://portal-acesse-lojacliete.com/api/fontes/fontea.woff Requested by Host: portal-acesse-lojacliete.com URL: https://portal-acesse-lojacliete.com/magalu/index_files/css.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:40cc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://portal-acesse-lojacliete.com/magalu/index_files/css.css Origin https://portal-acesse-lojacliete.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Thu, 23 Feb 2023 12:54:19 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VfQSEyBOOCWvwtRkjsqXiudh%2BOfIMlPDt9O%2Fw3Ab1e4Af%2FvIJNmmwI81SR1yvYoeHdaIqTGxAsgyX5Rs0CTiVnNCWH55BMBKLsO%2B%2B0FQdVxOHe30ZbuG94lE%2F6FlZT%2BaWHqxpRDvmPX%2BDpGhj3gE6ld%2BJdX0TjMgZPOH"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 79e01c029906366c-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	404	fonted.woff portal-acesse-lojacliete.com/api/fontes/	0 0	335ms 334ms	Font text/html	2606:4700:3032::6815:40cc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://portal-acesse-lojacliete.com/api/fontes/fonted.woff Requested by Host: portal-acesse-lojacliete.com URL: https://portal-acesse-lojacliete.com/magalu/index_files/css.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:40cc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://portal-acesse-lojacliete.com/magalu/index_files/css.css Origin https://portal-acesse-lojacliete.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Thu, 23 Feb 2023 12:54:19 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NuhBMjhQYK%2BTH5zoAWpyhYGsqc4syfpkzoS%2BmqOGUtQNBBxWKYwhydie16MA8uDyw5UDScLj0EKHS566jK5aj83ZqwAXIzLjDDcuN20qjwDxzKzhSaItVDebqABch1X23uw4zvn3MbP6zaDYVsa4Ne8YKB88CulxxOAG"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 79e01c029908366c-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	404	fonteb.woff portal-acesse-lojacliete.com/api/fontes/	0 0	318ms 316ms	Font text/html	2606:4700:3032::6815:40cc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://portal-acesse-lojacliete.com/api/fontes/fonteb.woff Requested by Host: portal-acesse-lojacliete.com URL: https://portal-acesse-lojacliete.com/magalu/index_files/css.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:40cc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://portal-acesse-lojacliete.com/magalu/index_files/css.css Origin https://portal-acesse-lojacliete.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Thu, 23 Feb 2023 12:54:19 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QJFPDFNClj6BT8Vn9vKwiAHuSESX88dQaY81%2FAogNQECXIM7IfcApw1Nlv6xpO8IiebFUPF5plPIBms%2FQa5ZcZC4aznw0kLisx9M2pDaftNUwGgnuIT0vZbkQghA1i3cd9077oyc5Ad6LHGDwddSrtMSiAGQC%2BLfpFBl"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 79e01c02990e366c-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	404	api.php Show response portal-acesse-lojacliete.com/	290 B 675 B	178ms 178ms	XHR text/html	2606:4700:3032::6815:40cc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://portal-acesse-lojacliete.com/api.php?metodo=online&local=inicio&dispositivo=desktop Requested by Host: portal-acesse-lojacliete.com URL: https://portal-acesse-lojacliete.com/magalu/index_files/jquery.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:40cc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d4bc4dd73e6dca2e9953d184bb1a817f74e29f9d17806fb498e8f7a988af9bc5` Request headers Accept text/html, /; q=0.01 Referer https://portal-acesse-lojacliete.com/magalu/ X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Thu, 23 Feb 2023 12:54:20 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xsNiMA6finoE4Eejtlt3R3vyz%2FJdxZ5cQXv6xPAztMdTpwm6%2B3GMhLBGA0R5qHvWdCMmcxVsWIRiqrmVZ83J9aAQb5wjgny%2FsAwnz7PVk6cHJaQq4ITY%2B5hkaGOIBRSkTlORxRSgAFPXp6M2k9S4EMZs%2FCkOZMMskVaV"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cf-ray 79e01c08d9e1366c-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	404	api.php Show response portal-acesse-lojacliete.com/	290 B 671 B	172ms 172ms	XHR text/html	2606:4700:3032::6815:40cc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://portal-acesse-lojacliete.com/api.php?metodo=online&local=inicio&dispositivo=desktop Requested by Host: portal-acesse-lojacliete.com URL: https://portal-acesse-lojacliete.com/magalu/index_files/jquery.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:40cc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d4bc4dd73e6dca2e9953d184bb1a817f74e29f9d17806fb498e8f7a988af9bc5` Request headers Accept text/html, /; q=0.01 Referer https://portal-acesse-lojacliete.com/magalu/ X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Thu, 23 Feb 2023 12:54:21 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NfBfi5EYhiJwsFfVmyl%2BO4Xn2ry9ovyMQkOYlj9OpE7WOgFnDbomdSTp1lznum9ENCw27XeCiGgwbHsQIDV0ow4jail%2BU5x%2F9TiX9ZKLDMQQciVtsUURKfMM2ulmXggSm8ThYssLD4t96MYll2aBxzBiOkz3nUKD91%2FE"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cf-ray 79e01c0f1b20366c-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	404	api.php Show response portal-acesse-lojacliete.com/	290 B 671 B	171ms 171ms	XHR text/html	2606:4700:3032::6815:40cc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://portal-acesse-lojacliete.com/api.php?metodo=online&local=inicio&dispositivo=desktop Requested by Host: portal-acesse-lojacliete.com URL: https://portal-acesse-lojacliete.com/magalu/index_files/jquery.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:40cc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d4bc4dd73e6dca2e9953d184bb1a817f74e29f9d17806fb498e8f7a988af9bc5` Request headers Accept text/html, /; q=0.01 Referer https://portal-acesse-lojacliete.com/magalu/ X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Thu, 23 Feb 2023 12:54:22 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bhsb2RMGpbSmUrSxrSTLBYEQlDAaO9T3iil5KaVheR%2F3kR6qkMo50qHxox4pQiYmpveave5OyNy7y6fD2YUL9AAR51p6FKrys2PzHlqaSgfR4R5Y8h3gz%2F7pr%2FcaUGaFwThJCuClBNVKGl8khD9%2BPdOxlwOmkeIp1m7R"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cf-ray 79e01c155cd7366c-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	404	api.php Show response portal-acesse-lojacliete.com/	290 B 677 B	175ms 175ms	XHR text/html	2606:4700:3032::6815:40cc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://portal-acesse-lojacliete.com/api.php?metodo=online&local=inicio&dispositivo=desktop Requested by Host: portal-acesse-lojacliete.com URL: https://portal-acesse-lojacliete.com/magalu/index_files/jquery.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:40cc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d4bc4dd73e6dca2e9953d184bb1a817f74e29f9d17806fb498e8f7a988af9bc5` Request headers Accept text/html, /; q=0.01 Referer https://portal-acesse-lojacliete.com/magalu/ X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Thu, 23 Feb 2023 12:54:23 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MbR%2BY25%2Fp1%2BYhlES6HuJQlOPw6qjr0pjpzy%2BsLvhG3uxr6QZ3WhnSbC0afJQtmNKd9RXT4QN0k3qIu0g7v0iAx2kF9nh5xZZBNph4RL5356vu23c26g68FGtManrNUpvENRwzPJZe%2Fro%2FXgy5ESFleUCPlYY8Pq%2FFwyA"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cf-ray 79e01c1b9e7f366c-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Magazine Luiza (Consumer)

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://portal-acesse-lojacliete.com/api/fontes/fontea.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://portal-acesse-lojacliete.com/api/fontes/fonteb.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://portal-acesse-lojacliete.com/api.php?metodo=online&local=inicio&dispositivo=desktop Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://portal-acesse-lojacliete.com/api/fontes/fonted.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://portal-acesse-lojacliete.com/api.php?metodo=online&local=inicio&dispositivo=desktop Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://portal-acesse-lojacliete.com/api.php?metodo=online&local=inicio&dispositivo=desktop Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://portal-acesse-lojacliete.com/api.php?metodo=online&local=inicio&dispositivo=desktop Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://portal-acesse-lojacliete.com/api.php?metodo=online&local=inicio&dispositivo=desktop Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

portal-acesse-lojacliete.com
2606:4700:3032::6815:40cc
04359500a657f5ad17f401c78a1dac274dc75d7b6b5f40690784a5c8da761977
2eb3373dbccf77764365632f60b4d4c4c0e72f6aeaabddfcedf6a0d0a6ad15d9
50f168fd1988ac110406e0bbf40b6313ff596f5a04e32982764cda1bace75252
72037311a4dfde4d042df73e31b7cbeafc0bdf2aaa605b69aff3326015a396da
7e393e8c97f5aef8d6f6e62fafe5f376b40cef8b17366aa923c237b615af8691
ae6b38112b49c7555bb384a42e37b092575f536ef60b8c88d73bd2d55dd2ed97
d028ee4b66227f72750880d138427c3f5e581c7b918fad4ae8682b67e5b9f712
d4bc4dd73e6dca2e9953d184bb1a817f74e29f9d17806fb498e8f7a988af9bc5
f8d497c92f5f95fba3066bafe3e2cbbbede040cd96ddb7e73e1106df7f70cd98

portal-acesse-lojacliete.com Open in urlscan Pro 2606:4700:3032::6815:40cc Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

16 Requests

100 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

55 kBTransfer

154 kBSize

0 Cookies

0 Outgoing links

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

27 JavaScript Global Variables

0 Cookies

8 Console Messages

Indicators

portal-acesse-lojacliete.com Open in urlscan Pro
2606:4700:3032::6815:40cc Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

55 kB
Transfer

154 kB
Size

0
Cookies

16 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!