girodivale.com.br Open in urlscan Pro
192.185.213.92 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://girodivale.com.br/?viewsss
Submission Tags: @phish_report
Submission: On August 21 via api (August 21st 2023, 2:33:31 am UTC) from FI — Scanned from FI

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 11 HTTP transactions. The main IP is 192.185.213.92, located in United States and belongs to NETWORK-SOLUTIONS-HOSTING, US. The main domain is girodivale.com.br.
TLS certificate: Issued by R3 on July 18th 2023. Valid for: 3 months.

This is the only time girodivale.com.br was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Amazon (Online) Amazon Japan (Online)

Domain & IP information

	IP Address		AS Autonomous System
11	192.185.213.92 192.185.213.92		19871 (NETWORK-S...) (NETWORK-SOLUTIONS-HOSTING)
11	1

11 192.185.213.92 (United States)

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: br86-ip08.hostgator.com.br

girodivale.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	girodivale.com.br girodivale.com.br	253 KB
11	1

	Domain	Requested by
11	girodivale.com.br	girodivale.com.br
11	1

This site contains no links.

Subject Issuer	Validity	Valid
girodivale.com.br R3	`2023-07-18` - `2023-10-16`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://girodivale.com.br/?viewsss
Frame ID: D9BD1B8F83B6B4835AD62FA97A8EBB83
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Amazon Sign-in

Page Statistics

11
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

253 kB
Transfer

536 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
girodivale.com.br/ 3 KB
2 KB 1680ms
1081ms Document
text/html 192.185.213.92
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL

https://girodivale.com.br/?viewsss

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.213.92 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),

Reverse DNS

br86-ip08.hostgator.com.br

Software

Apache /

Resource Hash

c438bfc039c472b25def71834b4514a9dcb6a8c1497f08f93fbec0d630adc0fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
access-control-allow-methods: POST, OPTIONS, GET
access-control-allow-origin: *
cache-control: max-age=3600
content-encoding: gzip
content-length: 1589
content-type: text/html; charset=UTF-8
date: Mon, 21 Aug 2023 02:33:24 GMT
expires: Mon, 21 Aug 2023 03:33:24 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 main.26569d68.chunk.css
girodivale.com.br/static/css/ 103 KB
24 KB 543ms
543ms Stylesheet
text/css 192.185.213.92
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL

https://girodivale.com.br/static/css/main.26569d68.chunk.css

Requested by

Host: girodivale.com.br
URL: https://girodivale.com.br/?viewsss

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.213.92 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),

Reverse DNS

br86-ip08.hostgator.com.br

Software

Apache /

Resource Hash

48c926fab7c2d2b712d29042337a98d989b152df861289a0fa14ea28357257df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://girodivale.com.br/?viewsss
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 21 Aug 2023 02:33:25 GMT
x-xss-protection: 1; mode=block
last-modified: Sun, 20 Aug 2023 22:38:18 GMT
server: Apache
x-frame-options: DENY
vary: Accept-Encoding,User-Agent
access-control-allow-methods: POST, OPTIONS, GET
access-control-allow-origin: *
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Tue, 20 Aug 2024 02:33:25 GMT

GET
H2 200 3.b341397e.chunk.js Show response
girodivale.com.br/static/js/ 247 KB
98 KB 365ms
364ms Script
application/javascript 192.185.213.92
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL

https://girodivale.com.br/static/js/3.b341397e.chunk.js

Requested by

Host: girodivale.com.br
URL: https://girodivale.com.br/?viewsss

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.213.92 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),

Reverse DNS

br86-ip08.hostgator.com.br

Software

Apache /

Resource Hash

029e6ab701ef269caf2dea15e78fd140cb1ef335e4fa9551e6bca3d3dc4d3824

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://girodivale.com.br/?viewsss
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 21 Aug 2023 02:33:25 GMT
x-xss-protection: 1; mode=block
last-modified: Sun, 20 Aug 2023 22:38:18 GMT
server: Apache
x-frame-options: DENY
vary: Accept-Encoding,User-Agent
access-control-allow-methods: POST, OPTIONS, GET
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Tue, 20 Aug 2024 02:33:25 GMT

GET
H2 200 main.04cccc3d.chunk.js Show response
girodivale.com.br/static/js/ 54 KB
22 KB 542ms
541ms Script
application/javascript 192.185.213.92
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL

https://girodivale.com.br/static/js/main.04cccc3d.chunk.js

Requested by

Host: girodivale.com.br
URL: https://girodivale.com.br/?viewsss

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.213.92 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),

Reverse DNS

br86-ip08.hostgator.com.br

Software

Apache /

Resource Hash

068cdbccc08a2de21bf00709960a2e8129e1eb6723554b82161f2d5edf0129f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://girodivale.com.br/?viewsss
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 21 Aug 2023 02:33:25 GMT
x-xss-protection: 1; mode=block
last-modified: Sun, 20 Aug 2023 22:38:18 GMT
server: Apache
x-frame-options: DENY
vary: Accept-Encoding,User-Agent
access-control-allow-methods: POST, OPTIONS, GET
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Tue, 20 Aug 2024 02:33:25 GMT

POST
H2 200 supply Show response
girodivale.com.br/api/ 1 KB
804 B 196ms
195ms XHR
text/html 192.185.213.92
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL

https://girodivale.com.br/api/supply

Requested by

Host: girodivale.com.br
URL: https://girodivale.com.br/static/js/3.b341397e.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.213.92 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),

Reverse DNS

br86-ip08.hostgator.com.br

Software

Apache /

Resource Hash

233e410e1614578c8936611f9cb55d47163fe5378fb42769c96865bcdedd9a4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://girodivale.com.br/?viewsss
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 21 Aug 2023 02:33:26 GMT
server: Apache
x-frame-options: DENY
vary: Accept-Encoding,User-Agent
access-control-allow-methods: POST, OPTIONS, GET
access-control-allow-origin: *
content-type: text/html; charset=UTF-8
cache-control: max-age=3600
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 720
x-xss-protection: 1; mode=block
expires: Mon, 21 Aug 2023 03:33:26 GMT

GET
H2 200 pDxWAF1pBB0dzGB.2c1d70d6.woff2
girodivale.com.br/static/media/ 16 KB
16 KB 190ms
190ms Font
font/woff2 192.185.213.92
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL

https://girodivale.com.br/static/media/pDxWAF1pBB0dzGB.2c1d70d6.woff2

Requested by

Host: girodivale.com.br
URL: https://girodivale.com.br/static/css/main.26569d68.chunk.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.213.92 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),

Reverse DNS

br86-ip08.hostgator.com.br

Software

Apache /

Resource Hash

cded49f94fc16dc0a14923975e159fbf4b14844593e612c1342c9e34e2f96821

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://girodivale.com.br/static/css/main.26569d68.chunk.css
Origin: https://girodivale.com.br
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 21 Aug 2023 02:33:26 GMT
x-content-type-options: nosniff
content-length: 16616
x-xss-protection: 1; mode=block
last-modified: Sun, 20 Aug 2023 22:38:18 GMT
server: Apache
x-frame-options: DENY
access-control-allow-methods: POST, OPTIONS, GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2592000
vary: User-Agent
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Wed, 20 Sep 2023 02:33:26 GMT

POST
H2 200 ping Show response
girodivale.com.br/api/ 2 B
60 B 416ms
416ms XHR
text/html 192.185.213.92
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL

https://girodivale.com.br/api/ping

Requested by

Host: girodivale.com.br
URL: https://girodivale.com.br/static/js/3.b341397e.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.213.92 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),

Reverse DNS

br86-ip08.hostgator.com.br

Software

Apache /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://girodivale.com.br/ap/signin?session=r6y4ib87fgc9l52jdlvr23uprvzcoe8lcawi9ef4ik190gm3nj0m8bk1igu52ikw
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: application/json

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 21 Aug 2023 02:33:26 GMT
server: Apache
x-frame-options: DENY
vary: Accept-Encoding,User-Agent
access-control-allow-methods: POST, OPTIONS, GET
access-control-allow-origin: *
content-type: text/html; charset=UTF-8
cache-control: max-age=3600
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 22
x-xss-protection: 1; mode=block
expires: Mon, 21 Aug 2023 03:33:26 GMT

GET
H2 200 0.b3491ad5.chunk.js Show response
girodivale.com.br/static/js/ 22 KB
9 KB 363ms
362ms Script
application/javascript 192.185.213.92
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL

https://girodivale.com.br/static/js/0.b3491ad5.chunk.js

Requested by

Host: girodivale.com.br
URL: https://girodivale.com.br/?viewsss

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.213.92 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),

Reverse DNS

br86-ip08.hostgator.com.br

Software

Apache /

Resource Hash

ee58d4a92736a825248251164317d15e59e1270fff5635920c1bfd68b6ac5d6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://girodivale.com.br/ap/signin?session=r6y4ib87fgc9l52jdlvr23uprvzcoe8lcawi9ef4ik190gm3nj0m8bk1igu52ikw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 21 Aug 2023 02:33:26 GMT
content-length: 9479
x-xss-protection: 1; mode=block
last-modified: Sun, 20 Aug 2023 22:38:18 GMT
server: Apache
x-frame-options: DENY
vary: Accept-Encoding,User-Agent
access-control-allow-methods: POST, OPTIONS, GET
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Tue, 20 Aug 2024 02:33:26 GMT

GET
H2 200 13.36fc15e3.chunk.js Show response
girodivale.com.br/static/js/ 12 KB
4 KB 360ms
360ms Script
application/javascript 192.185.213.92
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL

https://girodivale.com.br/static/js/13.36fc15e3.chunk.js

Requested by

Host: girodivale.com.br
URL: https://girodivale.com.br/?viewsss

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.213.92 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),

Reverse DNS

br86-ip08.hostgator.com.br

Software

Apache /

Resource Hash

3d88168c0f1a9c19180119fb533febc3b67a49553b3909bafa4fbd03fbe05bc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://girodivale.com.br/ap/signin?session=r6y4ib87fgc9l52jdlvr23uprvzcoe8lcawi9ef4ik190gm3nj0m8bk1igu52ikw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 21 Aug 2023 02:33:26 GMT
content-length: 3864
x-xss-protection: 1; mode=block
last-modified: Sun, 20 Aug 2023 22:38:18 GMT
server: Apache
x-frame-options: DENY
vary: Accept-Encoding,User-Agent
access-control-allow-methods: POST, OPTIONS, GET
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Tue, 20 Aug 2024 02:33:26 GMT

GET
H2 200 main.d33128ec.png
girodivale.com.br/static/media/ 60 KB
61 KB 189ms
189ms Image
image/png 192.185.213.92
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://girodivale.com.br/static/media/main.d33128ec.png

Requested by

Host: girodivale.com.br
URL: https://girodivale.com.br/static/css/main.26569d68.chunk.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.213.92 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),

Reverse DNS

br86-ip08.hostgator.com.br

Software

Apache /

Resource Hash

c5e829691be4103e8f645ee962bbc3de1ca51d083d147f1716fbf5d59f99c86a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://girodivale.com.br/static/css/main.26569d68.chunk.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 21 Aug 2023 02:33:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 20 Aug 2023 22:38:18 GMT
server: Apache
x-frame-options: DENY
access-control-allow-methods: POST, OPTIONS, GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 61917
x-xss-protection: 1; mode=block
expires: Wed, 20 Sep 2023 02:33:26 GMT

GET
H2 200 KFPk-9IF4FqAqY-.4de52a40.woff2
girodivale.com.br/static/media/ 16 KB
16 KB 190ms
190ms Font
font/woff2 192.185.213.92
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL

https://girodivale.com.br/static/media/KFPk-9IF4FqAqY-.4de52a40.woff2

Requested by

Host: girodivale.com.br
URL: https://girodivale.com.br/static/css/main.26569d68.chunk.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.213.92 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),

Reverse DNS

br86-ip08.hostgator.com.br

Software

Apache /

Resource Hash

4065b43ba3db8da5390ba0708555889f78e86483fe0226ef79ea22d07c306b89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://girodivale.com.br/static/css/main.26569d68.chunk.css
Origin: https://girodivale.com.br
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 21 Aug 2023 02:33:26 GMT
x-content-type-options: nosniff
content-length: 16460
x-xss-protection: 1; mode=block
last-modified: Sun, 20 Aug 2023 22:38:18 GMT
server: Apache
x-frame-options: DENY
access-control-allow-methods: POST, OPTIONS, GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2592000
vary: User-Agent
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Wed, 20 Sep 2023 02:33:26 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Amazon (Online) Amazon Japan (Online)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| webpackJsonpa

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			girodivale.com.br/	1970-01-20 14:09:48	Name: session Value: D6eYDrk8eWuhcXwaalKEpgvgyXlBxBoi
			girodivale.com.br/	1970-01-20 14:09:48	Name: language Value: en

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://girodivale.com.br/static/js/main.04cccc3d.chunk.js Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

girodivale.com.br
192.185.213.92
029e6ab701ef269caf2dea15e78fd140cb1ef335e4fa9551e6bca3d3dc4d3824
068cdbccc08a2de21bf00709960a2e8129e1eb6723554b82161f2d5edf0129f5
233e410e1614578c8936611f9cb55d47163fe5378fb42769c96865bcdedd9a4c
3d88168c0f1a9c19180119fb533febc3b67a49553b3909bafa4fbd03fbe05bc0
4065b43ba3db8da5390ba0708555889f78e86483fe0226ef79ea22d07c306b89
48c926fab7c2d2b712d29042337a98d989b152df861289a0fa14ea28357257df
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
c438bfc039c472b25def71834b4514a9dcb6a8c1497f08f93fbec0d630adc0fb
c5e829691be4103e8f645ee962bbc3de1ca51d083d147f1716fbf5d59f99c86a
cded49f94fc16dc0a14923975e159fbf4b14844593e612c1342c9e34e2f96821
ee58d4a92736a825248251164317d15e59e1270fff5635920c1bfd68b6ac5d6b

girodivale.com.br Open in urlscan Pro 192.185.213.92 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

11 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

253 kBTransfer

536 kBSize

2 Cookies

0 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

2 JavaScript Global Variables

2 Cookies

1 Console Messages

Security Headers

Indicators

girodivale.com.br Open in urlscan Pro
192.185.213.92 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

253 kB
Transfer

536 kB
Size

2
Cookies

11 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!