saldao-ame-pascoa.vip
Open in
urlscan Pro
34.123.236.60
Malicious Activity!
Public Scan
Submission: On March 21 via api from BR
Summary
TLS certificate: Issued by R3 on March 18th 2021. Valid for: 3 months.
This is the only time saldao-ame-pascoa.vip was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Lojas Americanas (Retail)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
9 | 34.123.236.60 34.123.236.60 | 15169 (GOOGLE) (GOOGLE) | |
3 | 2606:4700::68... 2606:4700::6810:135e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:809::200a | 15169 (GOOGLE) (GOOGLE) | |
3 | 2a02:26f0:710... 2a02:26f0:7100:2be::19fe | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
16 | 5 |
ASN15169 (GOOGLE, US)
PTR: 60.236.123.34.bc.googleusercontent.com
saldao-ame-pascoa.vip |
ASN20940 (AKAMAI-ASN1, NL)
images-americanas.b2w.io |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
saldao-ame-pascoa.vip
saldao-ame-pascoa.vip |
522 KB |
3 |
b2w.io
images-americanas.b2w.io |
199 KB |
3 |
cloudflare.com
cdnjs.cloudflare.com |
18 KB |
1 |
googleapis.com
ajax.googleapis.com |
30 KB |
16 | 4 |
Domain | Requested by | |
---|---|---|
9 | saldao-ame-pascoa.vip |
saldao-ame-pascoa.vip
|
3 | images-americanas.b2w.io |
saldao-ame-pascoa.vip
|
3 | cdnjs.cloudflare.com |
saldao-ame-pascoa.vip
|
1 | ajax.googleapis.com |
saldao-ame-pascoa.vip
|
16 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
images-americanas.b2w.io |
Subject Issuer | Validity | Valid | |
---|---|---|---|
saldao-ame-pascoa.vip R3 |
2021-03-18 - 2021-06-16 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-10-21 - 2021-10-20 |
a year | crt.sh |
upload.video.google.com GTS CA 1O1 |
2021-02-23 - 2021-05-18 |
3 months | crt.sh |
b2wdigital.com DigiCert SHA2 Secure Server CA |
2021-02-02 - 2022-02-06 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://saldao-ame-pascoa.vip/oferta/?COMON/=INDEX&id=5&cp23,2021,31,78,78,3,03,PM,Saturday,2021,2021,Saturday&fbclid=IwAR2GOC-0OUqDZ4OWQ9_5IKN03ue5K-LD-528POcRO71579Dm7_RdzEgCwmo
Frame ID: 7BEE1D3F2A319347671BD050CF834322
Requests: 18 HTTP requests in this frame
3 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
16 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
/
saldao-ame-pascoa.vip/oferta/ |
2 MB 520 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
photoswipe.min.js
cdnjs.cloudflare.com/ajax/libs/photoswipe/4.1.3/ |
31 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
photoswipe-ui-default.min.js
cdnjs.cloudflare.com/ajax/libs/photoswipe/4.1.3/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ |
84 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.mask.min.js
cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.16/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
brinquedos.png
saldao-ame-pascoa.vip/oferta/ame/img/ |
284 B 284 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
celular.png
saldao-ame-pascoa.vip/oferta/ame/img/ |
284 B 284 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
151 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
red.png
saldao-ame-pascoa.vip/oferta/ame/img/ |
284 B 284 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
acom.png
saldao-ame-pascoa.vip/oferta/ame/img/ |
284 B 284 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ban.png
saldao-ame-pascoa.vip/oferta/ame/img/ |
284 B 284 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
world.png
saldao-ame-pascoa.vip/oferta/ame/img/ |
284 B 284 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
crono.png
saldao-ame-pascoa.vip/oferta/ame/img/ |
284 B 284 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
134409901_1GG.jpg
images-americanas.b2w.io/produtos/01/00/img/134409/9/ |
43 KB 44 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
134409901_2GG.jpg
images-americanas.b2w.io/produtos/01/00/img/134409/9/ |
118 KB 119 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
134409901_3GG.jpg
images-americanas.b2w.io/produtos/01/00/img/134409/9/ |
34 KB 35 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sbara.png
saldao-ame-pascoa.vip/oferta/ame/img/ |
284 B 284 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Lojas Americanas (Retail)42 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| PhotoSwipe function| PhotoSwipeUI_Default function| $ function| jQuery object| $jscomp function| limpa_formulario_cep function| response function| pesquisacep function| validarPass function| valida function| sendForm function| validaCPF function| dataNs function| login function| loginface function| cadastro function| address function| comprar function| ccredito function| sonumb function| passwd function| Swiper object| _$_2fae object| swiper1 object| swiper2 function| setCounter function| getTimeRemaining function| initializeClock function| frete function| removeRes function| ExibirMenu function| iFrameResize object| last1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
saldao-ame-pascoa.vip/ | Name: PHPSESSID Value: p4eci7ld72cs9m3te9s3to8tup |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
cdnjs.cloudflare.com
images-americanas.b2w.io
saldao-ame-pascoa.vip
2606:4700::6810:135e
2a00:1450:4001:809::200a
2a02:26f0:7100:2be::19fe
34.123.236.60
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
2a0db34dc14ef4b5ce73b230701c7561e5012667a4c9cb274ecab646e1474995
50a9333a7ff0d660714662cb1ab49ec81e1ed716eba78c729600166f7338da95
5e4ac4d75693e825dbd726cf41b3fc31edd8caab6fe6b9daa2599c75f9ec9237
65f7a8a4cbc65331a575bc8a27b185415c4e5266fd6501bc08a2959f34ade2a0
76aac0cd2dc17dc7c2e86319f496cf53ff598ce6c7f32ca4f6c05dd22c64b9c3
78fc260a16dbbd76ec3b4da56ccdc7a076d21d31c501e0a17a4175c4a25d95ea
8cc65dc7aac3904a3dbfd2289dc5009218a4caaccfe39afd58e3b4290ad65b5b
bd06e938fd2363b98d758d1f76190d3cdea8c86f98e67e6370323f55087823a3
c61e7a26efabe9c33ee7f838ab7eeadc9ec3c5c8a422ddff6f6430eafe2272eb
f2787068b8e08596bdff9a69821d0132dbd3d7fa3d04bea790994252442846f7