52.170.101.160
Open in
urlscan Pro
52.170.101.160
Malicious Activity!
Public Scan
Submission: On November 19 via manual from BR
Summary
This is the only time 52.170.101.160 was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Magazine Luiza (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
7 | 52.170.101.160 52.170.101.160 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation) | |
1 | 2a00:1450:400... 2a00:1450:4001:81c::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 2001:4de0:ac1... 2001:4de0:ac19::1:b:1b | 20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group) | |
6 | 34.95.127.69 34.95.127.69 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
15 | 4 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
52.170.101.160 |
ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com |
ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
code.jquery.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: 69.127.95.34.bc.googleusercontent.com
a-static.mlcdn.com.br |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
mlcdn.com.br
a-static.mlcdn.com.br |
135 KB |
1 |
jquery.com
code.jquery.com |
32 KB |
1 |
googleapis.com
ajax.googleapis.com |
30 KB |
15 | 3 |
Domain | Requested by | |
---|---|---|
6 | a-static.mlcdn.com.br |
52.170.101.160
|
1 | code.jquery.com |
52.170.101.160
|
1 | ajax.googleapis.com |
52.170.101.160
|
15 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
m.magazineluiza.com.br |
minhalojamagaluizavirtual.com |
stw.bob-recs.com |
www.magazineluiza.com.br |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.googleapis.com GTS CA 1O1 |
2019-11-05 - 2020-01-28 |
3 months | crt.sh |
*.mlcdn.com.br COMODO RSA Domain Validation Secure Server CA |
2018-10-03 - 2020-12-01 |
2 years | crt.sh |
This page contains 2 frames:
Primary Page:
http://52.170.101.160/Ppjhabaihuhda_45478!!/m_produto.php?&id=1
Frame ID: C79E413B733F2129FA522A7934A9C8A1
Requests: 14 HTTP requests in this frame
Frame:
http://52.170.101.160/Raiz/FILES_M/dest5.html
Frame ID: 31790EB3BA4F6B3790F0889A66DB441A
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
- headers server /php\/?([\d.]+)?/i
Windows Server (Operating Systems) Expand
Detected patterns
- headers server /Win32|Win64/i
OpenSSL (Web Server Extensions) Expand
Detected patterns
- headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Page Statistics
17 Outgoing links
These are links going to different origins than the main page.
Title: Entre ou cadastre-se
Search URL Search Domain Scan URL
Title: Nossas lojas
Search URL Search Domain Scan URL
Title: Celulares e Smartphones
Search URL Search Domain Scan URL
Title: Eletrodomésticos
Search URL Search Domain Scan URL
Title: Eletroportáteis
Search URL Search Domain Scan URL
Title: Informática
Search URL Search Domain Scan URL
Title: Móveis e Decoração
Search URL Search Domain Scan URL
Title: TV e Vídeo
Search URL Search Domain Scan URL
Title: Regulamentos
Search URL Search Domain Scan URL
Title: Compre pelo televendas São Paulo e Grande São Paulo (11) 3508-9900
Search URL Search Domain Scan URL
Title: Dúvidas Frequentes
Search URL Search Domain Scan URL
Title: Configurar: Compra com um toque
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title: COMPRAR AGORA
Search URL Search Domain Scan URL
Title: Fritadeira Elétrica Sem Óleo/Air Fryer Britânia - Air Fry BFR02PI Preta e Cinza 3,2L com Timer ★ ★ ★ ★ ★ ★ ★ ★ ★ ★ R$ 89,00
Search URL Search Domain Scan URL
Title: www.magazineluiza.com.br/formulariocontato
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
15 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
m_produto.php
52.170.101.160/Ppjhabaihuhda_45478!!/ |
59 KB 60 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mrblue-e2c538abb563b51be3594e3a59c237a6.css
52.170.101.160/Raiz/FILES_M/ |
61 KB 61 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ |
85 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.9.1.min.js
code.jquery.com/ |
90 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.slides.min.js
52.170.101.160/Raiz/assets/ |
11 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
v0.js.download
52.170.101.160/Raiz/FILES_M/ |
263 KB 263 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
amp-sidebar-0.1.js.download
52.170.101.160/Raiz/FILES_M/ |
9 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
60d1157b9407b7787b65428d31cf2377.jpg
a-static.mlcdn.com.br/640x480/fritadeira-eletrica-sem-oleo-air-fryer-britania-air-fry-bfr02pi-preta-e-cinza-32l-com-timer/magazineluiza/218979800/ |
20 KB 21 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
d24c28f0468400766c4e22bc5d1fb543.jpg
a-static.mlcdn.com.br/640x480/fritadeira-eletrica-sem-oleo-air-fryer-britania-air-fry-bfr02pi-preta-e-cinza-32l-com-timer/magazineluiza/218979800/ |
34 KB 34 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
455404e3c666c0ba203df027c8df83cf.jpg
a-static.mlcdn.com.br/640x480/fritadeira-eletrica-sem-oleo-air-fryer-britania-air-fry-bfr02pi-preta-e-cinza-32l-com-timer/magazineluiza/218979800/ |
20 KB 20 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
322fc13bf148f9ee131592dff20604b4.jpg
a-static.mlcdn.com.br/640x480/fritadeira-eletrica-sem-oleo-air-fryer-britania-air-fry-bfr02pi-preta-e-cinza-32l-com-timer/magazineluiza/218979800/ |
21 KB 22 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cb0cebe49fea564e490940f044216d2b.jpg
a-static.mlcdn.com.br/640x480/fritadeira-eletrica-sem-oleo-air-fryer-britania-air-fry-bfr02pi-preta-e-cinza-32l-com-timer/magazineluiza/218979800/ |
19 KB 19 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
60d1157b9407b7787b65428d31cf2377.jpg
a-static.mlcdn.com.br/618x463/fritadeira-eletrica-sem-oleo-air-fryer-britania-air-fry-bfr02pi-preta-e-cinza-32l-com-timer/magazineluiza/218979800/ |
19 KB 20 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dest5.html
52.170.101.160/Raiz/FILES_M/ Frame 3179 |
7 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
processa_vis.php
52.170.101.160/Raiz/admin/function/ |
1 B 423 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Magazine Luiza (Consumer)18 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| $ function| jQuery object| jQuery19100011792086898851917 object| AMP object| global object| AMP_CONFIG object| log object| __AMP__EXPERIMENT_TOGGLES object| AMPErrors object| AMP_MODE function| reportError object| services object| UrlCache boolean| AMP_TAG object| ampExtendedElements function| BaseCustomElementClass1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
52.170.101.160/ | Name: PHPSESSID Value: 9io17pdrskclb7k9ofsohs2s9n |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
a-static.mlcdn.com.br
ajax.googleapis.com
code.jquery.com
2001:4de0:ac19::1:b:1b
2a00:1450:4001:81c::200a
34.95.127.69
52.170.101.160
14e560e33e4a451a33ec7145a45188e58d99746661b67ecf46467d809beb5bba
20e2b7f0d8ee8b0883a4f2aa1b25a313ebea6f35ea6e6a10f19ddf6f37f7e968
4e07408562bedb8b60ce05c1decfe3ad16b72230967de01f640b7e4729b49fce
724a101f352307b65f1233830bb129736112dfa1c82a2067a1d60e7f2f401270
7e62601cf3eb4c626c2511d6eb02ff3241b46ec9c98426ce8096935e32ac9fda
81bb71544cf02ff44e5dad7cc2f51ca2c500bb6531b92913f908c186b168ec73
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
965147de7c59dd940218915a516e616ae1511782cba93f87089158a54a42fce9
a9a52142e3fc488b2cad3adf5c3217f6577749715b99f5818843c2ae5e094715
aae0df6686014d984815fc0ecffb2a2ad5ac9f6126ed45a18df39cc2aeb713e5
b580de5d4a7265a43923b54780b489b212d0540886e2cd273d059f630d587b8f
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c6548bd54beac51bb0b82d307fd376f9d6361db777019b0c954771ef5f6dd1f8
c8aa59a7f21f6fc5c59231625d0aca2aac51b5fb3bab8b209402b4e34fe650c1
ce22a75a8b3b29bd5e07b8195e2a04ec8f83c254adacee32bfe76637c4db77ca