ofertas-magalusaldao.com Open in urlscan Pro
18.229.248.233  Malicious Activity! Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://bittinyccbit.page.link/XktS Page URL
2. https://ofertas-magalusaldao.com/promocao.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	XktS Show response bittinyccbit.page.link/	174 KB 59 KB	99ms 75ms	Document text/html	2a00:1450:4001:818::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://bittinyccbit.page.link/XktS Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 12e6da90cfccd9c427d224f59b812c758ba986d28a2116cf9fc8575e491f32de Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-RLMnQ1rks1HxRwXFlNx7ww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self' script-src 'nonce-RLMnQ1rks1HxRwXFlNx7ww' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DurableDeepLinkUi/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers :method GET :authority bittinyccbit.page.link :scheme https :path /XktS pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 sec-fetch-user ?1 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 sec-fetch-site none sec-fetch-mode navigate accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Sec-Fetch-User ?1 Response headers status 200 content-type text/html; charset=utf-8 x-ua-compatible IE=edge cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache expires Mon, 01 Jan 1990 00:00:00 GMT date Mon, 27 Jan 2020 10:37:58 GMT content-security-policy script-src 'report-sample' 'nonce-RLMnQ1rks1HxRwXFlNx7ww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self' script-src 'nonce-RLMnQ1rks1HxRwXFlNx7ww' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DurableDeepLinkUi/cspreport content-encoding gzip server ESF x-xss-protection 0 x-frame-options SAMEORIGIN x-content-type-options nosniff alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
GET H2	200	m=wmwg8b www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.VdifAwpjnZk.es5.O/ck=boq-devplatform.DurableDeepLinkUi.sV1PaMuBO4M.L.B1.O/am=BA/d=1/exm=_b,_tp/excm=_b,_tp,viewd...	34 KB 12 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.VdifAwpjnZk.es5.O/ck=boq-devplatform.DurableDeepLinkUi.sV1PaMuBO4M.L.B1.O/am=BA/d=1/exm=_b,_tp/excm=_b,_tp,viewddl/ed=1/wt=2/ct=zgms/rs=ADpVLP7bU4YDJ9_2NIZ7BK_kAbDYv2LSDw/m=wmwg8b Requested by Host: URL: /_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.VdifAwpjnZk.es5.O/am=BA/d=1/excm=_b,_tp,viewddl/ed=1/dg=0/wt=2/ct=zgms/rs=ADpVLP6CJV1PW9NV9f_w0MANDn04_aYODw/m=_b,_tp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://bittinyccbit.page.link/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 24 Jan 2020 21:08:02 GMT content-encoding gzip x-content-type-options nosniff age 221396 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 12605 x-xss-protection 0 last-modified Thu, 23 Jan 2020 00:31:26 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, immutable, max-age=31536000 accept-ranges bytes expires Sat, 23 Jan 2021 21:08:02 GMT
GET H2	200	m=DvZ6Wd www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.VdifAwpjnZk.es5.O/ck=boq-devplatform.DurableDeepLinkUi.sV1PaMuBO4M.L.B1.O/am=BA/d=1/exm=_b,_tp,wmwg8b/excm=_b,_t...	16 KB 6 KB	8ms 8ms	Script text/javascript	2a00:1450:4001:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.VdifAwpjnZk.es5.O/ck=boq-devplatform.DurableDeepLinkUi.sV1PaMuBO4M.L.B1.O/am=BA/d=1/exm=_b,_tp,wmwg8b/excm=_b,_tp,viewddl/ed=1/wt=2/ct=zgms/rs=ADpVLP7bU4YDJ9_2NIZ7BK_kAbDYv2LSDw/m=DvZ6Wd Requested by Host: URL: /_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.VdifAwpjnZk.es5.O/am=BA/d=1/excm=_b,_tp,viewddl/ed=1/dg=0/wt=2/ct=zgms/rs=ADpVLP6CJV1PW9NV9f_w0MANDn04_aYODw/m=_b,_tp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://bittinyccbit.page.link/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Fri, 24 Jan 2020 21:08:02 GMT content-encoding gzip x-content-type-options nosniff age 221396 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 5875 x-xss-protection 0 last-modified Thu, 23 Jan 2020 00:31:26 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, immutable, max-age=31536000 accept-ranges bytes expires Sat, 23 Jan 2021 21:08:02 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 fonts.gstatic.com/s/roboto/v18/	10 KB 11 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:821::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 Requested by Host: bittinyccbit.page.link URL: https://bittinyccbit.page.link/XktS Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Referer https://bittinyccbit.page.link/ Origin https://bittinyccbit.page.link Response headers date Wed, 22 Jan 2020 06:21:30 GMT x-content-type-options nosniff last-modified Mon, 16 Oct 2017 17:32:51 GMT server sffe age 447388 content-type font/woff2 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * access-control-allow-origin * content-length 10748 x-xss-protection 0 expires Thu, 21 Jan 2021 06:21:30 GMT
GET H/1.1	200 OK	Primary Request Cookie set promocao.php Show response ofertas-magalusaldao.com/	106 KB 106 KB	949ms 497ms	Document text/html	18.229.248.233 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ofertas-magalusaldao.com/promocao.php Requested by Host: URL: /_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.VdifAwpjnZk.es5.O/am=BA/d=1/excm=_b,_tp,viewddl/ed=1/dg=0/wt=2/ct=zgms/rs=ADpVLP6CJV1PW9NV9f_w0MANDn04_aYODw/m=_b,_tp Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 18.229.248.233 São Paulo, Brazil, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-229-248-233.sa-east-1.compute.amazonaws.com Software Apache/2.4.41 (Win64) OpenSSL/1.1.1c PHP/7.4.1 / PHP/7.4.1 Resource Hash 5d9681700209f80bc7679e42e112d8ff0522f640acdb8d1c9577163ab08e29d4 Request headers Host ofertas-magalusaldao.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Referer https://bittinyccbit.page.link/ Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Referer https://bittinyccbit.page.link/ Response headers Date Mon, 27 Jan 2020 10:37:59 GMT Server Apache/2.4.41 (Win64) OpenSSL/1.1.1c PHP/7.4.1 X-Powered-By PHP/7.4.1 Set-Cookie PHPSESSID=4075jttd13lkqkgv9k1hvmv7f6; path=/ Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate Pragma no-cache Keep-Alive timeout=5, max=100 Connection Keep-Alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	logo-meli-br2x.png ofertas-magalusaldao.com/Raiz/ResponseForm_files/	3 KB 3 KB	570ms 227ms	Image image/png	18.229.248.233 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ofertas-magalusaldao.com/Raiz/ResponseForm_files/logo-meli-br2x.png Requested by Host: ofertas-magalusaldao.com URL: https://ofertas-magalusaldao.com/promocao.php Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 18.229.248.233 São Paulo, Brazil, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-229-248-233.sa-east-1.compute.amazonaws.com Software Apache/2.4.41 (Win64) OpenSSL/1.1.1c PHP/7.4.1 / Resource Hash 7aac328cd05ec15956e0e6e5bc7c2d6800fb94b6d39d89ab7e09535d176aefcb Request headers Referer https://ofertas-magalusaldao.com/promocao.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Mon, 27 Jan 2020 10:38:00 GMT Last-Modified Mon, 14 Jan 2019 15:27:38 GMT Server Apache/2.4.41 (Win64) OpenSSL/1.1.1c PHP/7.4.1 ETag "b00-57f6caf5c0250" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 2816
GET H2	200	665e33805a99ad6159e55e4a15ce13f2.jpg a-static.mlcdn.com.br/618x463/jogo-de-panelas-tramontina-antiaderente-de-aluminio-vermelho-10-pecas-turim-20298-722/magazineluiza/144129900/	25 KB 26 KB	106ms 49ms	Image image/jpeg	34.102.248.206 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://a-static.mlcdn.com.br/618x463/jogo-de-panelas-tramontina-antiaderente-de-aluminio-vermelho-10-pecas-turim-20298-722/magazineluiza/144129900/665e33805a99ad6159e55e4a15ce13f2.jpg Requested by Host: ofertas-magalusaldao.com URL: https://ofertas-magalusaldao.com/promocao.php Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.102.248.206 , United States, ASN15169 (GOOGLE, US), Reverse DNS 206.248.102.34.bc.googleusercontent.com Software nginx / Resource Hash 2fc5bae097a6171ce5bdfa5d451f8b9217dfd4053b55fe98f58e471ffabdd2ab Request headers Referer https://ofertas-magalusaldao.com/promocao.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Sat, 25 Jan 2020 14:49:30 GMT via 1.1 google age 157710 status 200 x-guploader-uploadid AEnB2UoPOfTFz3unua4tef2kYkd3ZbO21fa5P7uA2e1pU9orPlf11FsSxupG8KV58GsR3Y_qEIYv4uWUcPaqJUiCJ933eJVxNJqJlByIIaxbKBDksLa6JiY x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc clear content-length 26099 last-modified Thu, 23 Jan 2020 20:18:00 GMT server nginx etag W/"665e33805a99ad6159e55e4a15ce13f2" x-goog-hash crc32c=AlI6Qw==, md5=Zl4zgFqZrWFZ5V5KFc4T8g== x-goog-generation 1579810680288545 cache-control max-age=31536000,public x-goog-stored-content-length 149854 accept-ranges bytes content-type image/jpeg expires Sun, 24 Jan 2021 14:49:30 GMT
GET H2	200	2d3ed35d879c7d59d0c2b213e401d6e4.jpg a-static.mlcdn.com.br/618x463/iphone-7-apple-128gb-ouro-rosa-4g-tela-4-7-retina-cam-12mp-selfie-7mp-ios-11-proc-chip-a10/magazineluiza/218008200/	31 KB 31 KB	24ms 24ms	Image image/jpeg	34.102.248.206 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://a-static.mlcdn.com.br/618x463/iphone-7-apple-128gb-ouro-rosa-4g-tela-4-7-retina-cam-12mp-selfie-7mp-ios-11-proc-chip-a10/magazineluiza/218008200/2d3ed35d879c7d59d0c2b213e401d6e4.jpg Requested by Host: ofertas-magalusaldao.com URL: https://ofertas-magalusaldao.com/promocao.php Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.102.248.206 , United States, ASN15169 (GOOGLE, US), Reverse DNS 206.248.102.34.bc.googleusercontent.com Software nginx / Resource Hash 8ffe82758a0c85d08d57344299c819a437e039f074dde7a97826e32a4c816671 Request headers Referer https://ofertas-magalusaldao.com/promocao.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Mon, 27 Jan 2020 10:34:13 GMT via 1.1 google age 1420 status 200 x-guploader-uploadid AEnB2UrRDUHdb4wUjepwjDfLReucN8gzjfV7sELgyyyc06b30tF0CxFFFOzUExeoklNO0kQ_2vICBZOytNEaPXXLY0Q0il0vxS_6VJ3LXkylPAMpV0CV7pU x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc clear content-length 31475 last-modified Thu, 23 Jan 2020 19:31:55 GMT server nginx etag W/"2d3ed35d879c7d59d0c2b213e401d6e4" x-goog-hash crc32c=0pIoXQ==, md5=LT7TXYecfVnQwrIT5AHW5A== x-goog-generation 1579807915499267 cache-control max-age=31536000,public x-goog-stored-content-length 139659 accept-ranges bytes content-type image/jpeg expires Tue, 26 Jan 2021 10:34:13 GMT
GET H2	200	68c8fac92a86d6ce31e936adf9dcc883.jpg a-static.mlcdn.com.br/618x463/smart-tv-led-50-sony-kdl-50w665f-full-hd-wi-fi-hdr-2-hdmi-2-usb/magazineluiza/193396600/	41 KB 41 KB	30ms 30ms	Image image/jpeg	34.102.248.206 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://a-static.mlcdn.com.br/618x463/smart-tv-led-50-sony-kdl-50w665f-full-hd-wi-fi-hdr-2-hdmi-2-usb/magazineluiza/193396600/68c8fac92a86d6ce31e936adf9dcc883.jpg Requested by Host: ofertas-magalusaldao.com URL: https://ofertas-magalusaldao.com/promocao.php Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.102.248.206 , United States, ASN15169 (GOOGLE, US), Reverse DNS 206.248.102.34.bc.googleusercontent.com Software nginx / Resource Hash 5298fefa3537dd32780a1371c369ec7d4991f87d7d8e7804ecaa110ffbf3f13b Request headers Referer https://ofertas-magalusaldao.com/promocao.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Mon, 27 Jan 2020 10:34:13 GMT via 1.1 google age 227 status 200 x-guploader-uploadid AEnB2UouDKcmp5jyS4DOmJEoxPATogefHeBG9giUBzHW-eyujUWVY8tAjq_6EeSgEy0oi9x450FWcxVYGzq4cfc-526AYbzrWmCsoArFEfDdQw6MU0THZTA x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc clear content-length 41857 last-modified Thu, 23 Jan 2020 21:26:11 GMT server nginx etag W/"68c8fac92a86d6ce31e936adf9dcc883" x-goog-hash crc32c=8BDg+Q==, md5=aMj6ySqG1s4x6Tat+dzIgw== x-goog-generation 1579814771386617 cache-control max-age=31536000,public x-goog-stored-content-length 253468 accept-ranges bytes content-type image/jpeg expires Tue, 26 Jan 2021 10:34:13 GMT
GET H2	200	b64f9334259558c61dd3d98c9ecf5948.jpg a-static.mlcdn.com.br/618x463/ar-condicionado-split-gree-9-000-btus-frio-eco-garden-gwc09qa-d3nnb4d/magazineluiza/015162500/	26 KB 26 KB	29ms 29ms	Image image/jpeg	34.102.248.206 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://a-static.mlcdn.com.br/618x463/ar-condicionado-split-gree-9-000-btus-frio-eco-garden-gwc09qa-d3nnb4d/magazineluiza/015162500/b64f9334259558c61dd3d98c9ecf5948.jpg Requested by Host: ofertas-magalusaldao.com URL: https://ofertas-magalusaldao.com/promocao.php Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.102.248.206 , United States, ASN15169 (GOOGLE, US), Reverse DNS 206.248.102.34.bc.googleusercontent.com Software nginx / Resource Hash 883cc9e830f39b211d15eb0c874aad7fd26636ef7fa4fb91303b4b373ca88d2d Request headers Referer https://ofertas-magalusaldao.com/promocao.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Mon, 27 Jan 2020 02:51:28 GMT via 1.1 google age 27992 status 200 x-guploader-uploadid AEnB2UpQ8J7ZL-Ez3aWUflmC9ji5dGn4icXYWGHe-9yqrjYtdw1l9t58vQIhHxXl7JUAUeBBdFi6tZ_G-NZNIO3ghlH1DQ2ma9ncG8120H37UkMKyemxYpM x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc clear content-length 26501 last-modified Thu, 23 Jan 2020 20:12:02 GMT server nginx etag W/"b64f9334259558c61dd3d98c9ecf5948" x-goog-hash crc32c=LJ0IvQ==, md5=tk+TNCWVWMYd09mMns9ZSA== x-goog-generation 1579810322996018 cache-control max-age=31536000,public x-goog-stored-content-length 111003 accept-ranges bytes content-type image/jpeg expires Tue, 26 Jan 2021 02:51:28 GMT
GET H2	200	4cf3d5eef15b0dbf35ae634ce397ce46.jpg a-static.mlcdn.com.br/618x463/geladeira-consul-frost-free-duplex-405-litros-cor-inox-com-filtro-bem-estar/consul/527/	8 KB 8 KB	24ms 23ms	Image image/jpeg	34.102.248.206 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://a-static.mlcdn.com.br/618x463/geladeira-consul-frost-free-duplex-405-litros-cor-inox-com-filtro-bem-estar/consul/527/4cf3d5eef15b0dbf35ae634ce397ce46.jpg Requested by Host: ofertas-magalusaldao.com URL: https://ofertas-magalusaldao.com/promocao.php Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.102.248.206 , United States, ASN15169 (GOOGLE, US), Reverse DNS 206.248.102.34.bc.googleusercontent.com Software nginx / Resource Hash 25dc5e45cf357b6b9828ae82b98576c41ee3f56d49010fbc16905b80ddba6880 Request headers Referer https://ofertas-magalusaldao.com/promocao.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Sat, 25 Jan 2020 14:52:09 GMT via 1.1 google age 157551 status 200 x-guploader-uploadid AEnB2UozSWo7UXKQ9devKWFKhtbCAN7WrICKqzQOuf81jSsJB_0_6LDikoS6LiZS7FNxjzuCDDeGKzLPkFHSmIMRocwJoAYG14CfD3nQbG0ysVt_XKXH9O4 x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc clear content-length 7882 last-modified Tue, 21 Jan 2020 08:40:11 GMT server nginx etag W/"4cf3d5eef15b0dbf35ae634ce397ce46" x-goog-hash crc32c=O7ka+A==, md5=TPPV7vFbDb81rmNM45fORg== x-goog-generation 1579596011712797 cache-control max-age=31536000,public x-goog-stored-content-length 109778 accept-ranges bytes content-type image/jpeg expires Sun, 24 Jan 2021 14:52:09 GMT
GET H/1.1	200 OK	appstore_v2.png static.mlstatic.com/org-img/mkt/email-mkt-assets/icons/	4 KB 5 KB	50ms 34ms	Image image/png	23.210.249.78 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL http://static.mlstatic.com/org-img/mkt/email-mkt-assets/icons/appstore_v2.png Requested by Host: ofertas-magalusaldao.com URL: https://ofertas-magalusaldao.com/promocao.php Protocol HTTP/1.1 Server 23.210.249.78 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-210-249-78.deploy.static.akamaitechnologies.com Software Tengine / Resource Hash d1c89e66e1094e5ecdbb25f31e492927dcfeb7f8b1633dfa51956bdbc547c363 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Mon, 27 Jan 2020 10:38:00 GMT X-Content-Type-Options nosniff X-D2id 0c09fcec-e2fa-48c5-ac0c-86e83875c069 Last-Modified Mon, 22 Jul 2019 17:31:26 GMT Server Tengine x-amz-request-id 5F79E668D1310ACE ETag "9b67462d31409cd03d15928ddba7acec" Content-Type image/png Access-Control-Allow-Origin * X-XSS-Protection 1; mode=block Connection keep-alive Content-Length 4311 x-amz-id-2 xEBAqWT7AXKT26QBlPko9hNT238qOfXg2sRKM++7Lz4ao4mOluZNoC0IqKvoraZCx6ONJjvcwr4= X-Request-Id 0c09fcec-e2fa-48c5-ac0c-86e83875c069
GET H/1.1	200 OK	googleplay_v2.png static.mlstatic.com/org-img/mkt/email-mkt-assets/icons/	6 KB 7 KB	50ms 34ms	Image image/png	23.210.249.78 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL http://static.mlstatic.com/org-img/mkt/email-mkt-assets/icons/googleplay_v2.png Requested by Host: ofertas-magalusaldao.com URL: https://ofertas-magalusaldao.com/promocao.php Protocol HTTP/1.1 Server 23.210.249.78 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-210-249-78.deploy.static.akamaitechnologies.com Software Tengine / Resource Hash 7a1c0ec6d4b0a580bbf33359f30056432111caeeba5f450d05f6c952c2e1f4d1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Mon, 27 Jan 2020 10:38:00 GMT X-Content-Type-Options nosniff X-D2id ea7ffdb5-4db4-4dc5-8685-4c2c4e637fc2 Last-Modified Mon, 22 Jul 2019 17:31:26 GMT Server Tengine x-amz-request-id 228B6E81E16442D9 ETag "782d7cfbed3f10aee9aff9cc99cfc900" Content-Type image/png Access-Control-Allow-Origin * X-XSS-Protection 1; mode=block Connection keep-alive Content-Length 6123 x-amz-id-2 8GXB0nInLANLEtL9h5R3J88VsGS94JZouJHFy4xGUXO+SVZYhrxJujeTDtxK3ZIWgsdlfhVwLfY= X-Request-Id ea7ffdb5-4db4-4dc5-8685-4c2c4e637fc2
GET H/1.1	404 Not Found	facebook.png static.mlstatic.com/org-img/emails/marketing/bienvenida/	0 0	321ms 305ms	Image text/html	23.210.249.78 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL http://static.mlstatic.com/org-img/emails/marketing/bienvenida/facebook.png Requested by Host: ofertas-magalusaldao.com URL: https://ofertas-magalusaldao.com/promocao.php Protocol HTTP/1.1 Server 23.210.249.78 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-210-249-78.deploy.static.akamaitechnologies.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Access-Control-Allow-Origin *
GET H/1.1	200 OK	Instagram.png ofertas-magalusaldao.com/Raiz/ResponseForm_files/	4 KB 4 KB	343ms 226ms	Image image/png	18.229.248.233 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ofertas-magalusaldao.com/Raiz/ResponseForm_files/Instagram.png Requested by Host: ofertas-magalusaldao.com URL: https://ofertas-magalusaldao.com/promocao.php Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 18.229.248.233 São Paulo, Brazil, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-229-248-233.sa-east-1.compute.amazonaws.com Software Apache/2.4.41 (Win64) OpenSSL/1.1.1c PHP/7.4.1 / Resource Hash bfa0db91f56d44d0fb914f975988002f2827ba2ca2d110802f2a62fb45ec3caa Request headers Referer https://ofertas-magalusaldao.com/promocao.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Mon, 27 Jan 2020 10:38:00 GMT Last-Modified Mon, 17 Dec 2018 01:13:56 GMT Server Apache/2.4.41 (Win64) OpenSSL/1.1.1c PHP/7.4.1 ETag "e85-57d2d7eafbd00" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 3717
GET H/1.1	200 OK	icontwt.png static.mlstatic.com/org-img/mkt/email-mkt-assets/2x/	3 KB 3 KB	55ms 40ms	Image image/png	23.210.249.78 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL http://static.mlstatic.com/org-img/mkt/email-mkt-assets/2x/icontwt.png Requested by Host: ofertas-magalusaldao.com URL: https://ofertas-magalusaldao.com/promocao.php Protocol HTTP/1.1 Server 23.210.249.78 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-210-249-78.deploy.static.akamaitechnologies.com Software Tengine / Resource Hash 7ec374350419550a817b1d1edbd58f5826ee7072c0c0595cf321a7354bab30c2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Mon, 27 Jan 2020 10:38:00 GMT X-Content-Type-Options nosniff X-D2id b5d9b725-5287-4856-b0b6-7a41c77691e7 Last-Modified Mon, 22 Jul 2019 17:31:12 GMT Server Tengine x-amz-request-id A034BBA169F0FD6E ETag "4666ae9b6fa079e945d727501fddf203" Content-Type image/png Access-Control-Allow-Origin * X-XSS-Protection 1; mode=block Connection keep-alive Content-Length 2937 x-amz-id-2 omPwf+TzE4jB/i85+hsflZGWmTryJ8Sf/f4ZGeGiGAUo7vdhlxZnQ2HbVFjAlaFfT+ujXUVYWA0= X-Request-Id b5d9b725-5287-4856-b0b6-7a41c77691e7
GET H/1.1	200 OK	youtube.png static.mlstatic.com/org-img/emails/marketing/	1 KB 2 KB	48ms 33ms	Image image/png	23.210.249.78 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL http://static.mlstatic.com/org-img/emails/marketing/youtube.png Requested by Host: ofertas-magalusaldao.com URL: https://ofertas-magalusaldao.com/promocao.php Protocol HTTP/1.1 Server 23.210.249.78 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-210-249-78.deploy.static.akamaitechnologies.com Software truelove / Resource Hash d25673af09081eadea40309e86030b5b440d27c492eb9c2c6d6b9786f023d03e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Mon, 27 Jan 2020 10:38:00 GMT X-Content-Type-Options nosniff X-D2id de4d4b94-d5f0-4a25-8bc1-86adf70200d8 Last-Modified Mon, 22 Jul 2019 17:27:21 GMT Server truelove x-amz-request-id 52643F1B01948753 ETag "f63d5284b22973302794643849c17f59" Content-Type image/png Access-Control-Allow-Origin * X-XSS-Protection 1; mode=block Connection keep-alive Content-Length 1452 x-amz-id-2 1PjTKzb1/V9GQQBs8xhvT0S+WZ+TsvSZk3rFc5Fk+n7HrJOJx0Rll/T2lFlafDo3DlmdyGjMPmk= X-Request-Id de4d4b94-d5f0-4a25-8bc1-86adf70200d8

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a-static.mlcdn.com.br
bittinyccbit.page.link
fonts.gstatic.com
ofertas-magalusaldao.com
static.mlstatic.com
www.gstatic.com
18.229.248.233
23.210.249.78
2a00:1450:4001:818::200e
2a00:1450:4001:81c::2003
2a00:1450:4001:821::2003
34.102.248.206
12e6da90cfccd9c427d224f59b812c758ba986d28a2116cf9fc8575e491f32de
25dc5e45cf357b6b9828ae82b98576c41ee3f56d49010fbc16905b80ddba6880
2fc5bae097a6171ce5bdfa5d451f8b9217dfd4053b55fe98f58e471ffabdd2ab
5298fefa3537dd32780a1371c369ec7d4991f87d7d8e7804ecaa110ffbf3f13b
5d9681700209f80bc7679e42e112d8ff0522f640acdb8d1c9577163ab08e29d4
7a1c0ec6d4b0a580bbf33359f30056432111caeeba5f450d05f6c952c2e1f4d1
7aac328cd05ec15956e0e6e5bc7c2d6800fb94b6d39d89ab7e09535d176aefcb
7ec374350419550a817b1d1edbd58f5826ee7072c0c0595cf321a7354bab30c2
883cc9e830f39b211d15eb0c874aad7fd26636ef7fa4fb91303b4b373ca88d2d
8ffe82758a0c85d08d57344299c819a437e039f074dde7a97826e32a4c816671
bfa0db91f56d44d0fb914f975988002f2827ba2ca2d110802f2a62fb45ec3caa
d1c89e66e1094e5ecdbb25f31e492927dcfeb7f8b1633dfa51956bdbc547c363
d25673af09081eadea40309e86030b5b440d27c492eb9c2c6d6b9786f023d03e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855