191.239.251.21 Open in urlscan Pro
191.239.251.21 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://191.239.251.21/promo-relampago/PROMOCAO/PRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT/Identificacao/
Submission: On June 27 via manual (June 27th 2019, 3:36:05 pm UTC) from BR

Summary HTTP 29 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 7 IPs in 4 countries across 8 domains to perform 29 HTTP transactions. The main IP is 191.239.251.21, located in Campinas, Brazil and belongs to MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US. The main domain is 191.239.251.21.

This is the only time 191.239.251.21 was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Magazine Luiza (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
16	191.239.251.21 191.239.251.21	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
6 6	18.184.44.178 18.184.44.178	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
4 8	216.58.206.6 216.58.206.6	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:815::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:819::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:818::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
29	7

16 191.239.251.21 (Campinas, Brazil)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

191.239.251.21	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.184.44.178 (Frankfurt am Main, Germany) 6 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-184-44-178.eu-central-1.compute.amazonaws.com

t.myvisualiq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 216.58.206.6 (Mountain View, United States) 4 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s20-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:815::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	doubleclick.net 4 redirects ad.doubleclick.net	3 KB
6	myvisualiq.net 6 redirects t.myvisualiq.net	3 KB
2	google.com.br www.google.com.br	535 B
2	google.com www.google.com	228 B
2	facebook.com www.facebook.com	250 B
1	gstatic.com www.gstatic.com	92 KB
0	exelator.com Failed loadus.exelator.com Failed
0	tapad.com Failed tapestry.tapad.com Failed
29	8

	Domain	Requested by
8	ad.doubleclick.net	4 redirects 191.239.251.21
6	t.myvisualiq.net	6 redirects
2	www.google.com.br	191.239.251.21
2	www.google.com	191.239.251.21
2	www.facebook.com	191.239.251.21
1	www.gstatic.com	191.239.251.21
0	loadus.exelator.com Failed	191.239.251.21
0	tapestry.tapad.com Failed	191.239.251.21
29	8

This site contains links to these domains. Also see Links.

Domain
www.magazineluiza.com.br
sacola.magazineluiza.com.br
www.internetsegura.org
www.ebit.com.br

Subject Issuer	Validity	Valid
	`1970-01-01` - `1970-01-01`	a few seconds	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-06-06` - `2019-09-04`	3 months	crt.sh
*.doubleclick.net Google Internet Authority G3	`2019-06-11` - `2019-09-03`	3 months	crt.sh
www.google.com Google Internet Authority G3	`2019-06-11` - `2019-09-03`	3 months	crt.sh
*.google.com Google Internet Authority G3	`2019-06-11` - `2019-09-03`	3 months	crt.sh

This page contains 5 frames:

Primary Page: http://191.239.251.21/promo-relampago/PROMOCAO/PRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT/Identificacao/
Frame ID: 2C4DDC11EEE2A3512DD6A63DD7FB1A8F
Requests: 25 HTTP requests in this frame

Frame: http://191.239.251.21/promo-relampago/Files/saved_resource(4).html
Frame ID: 96585710CB295C36AC480F098C6FF56F
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v3.3/plugins/login_button.php?app_id=113869198637480&auto_logout_link=false&button_type=continue_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df2629f8e195ee08%26domain%3Ddevelopers.facebook.com%26origin%3Dhttps%253A%252F%252Fdevelopers.facebook.com%252Ff2416350f6cfaf4%26relation%3Dparent.parent&container_width=734&locale=pt_BR&sdk=joey&size=large&use_continue_as=true&width=450
Frame ID: A0EA38FAE66F9F4E0F4205440BCA5BE7
Requests: 1 HTTP requests in this frame

Frame: http://191.239.251.21/promo-relampago/Files/j-GHT1gpo6-.html
Frame ID: 59A1AC94660E34E32ADE6986C7251573
Requests: 1 HTTP requests in this frame

Frame: http://191.239.251.21/promo-relampago/Files/bframe.html
Frame ID: 4BA49AD7A1D9885F8CE5FB13FA6F0C15
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Page Statistics

29
Requests

38 %
HTTPS

57 %
IPv6

8
Domains

8
Subdomains

7
IPs

4
Countries

240 kB
Transfer

743 kB
Size

0
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.magazineluiza.com.br/
Title: .cls-1{fill:#fff;fill-rule:evenodd}Logo_Magalu

Search URL Search Domain Scan URL

URL: http://www.magazineluiza.com.br/central-de-atendimento/
Title: fale conosco

Search URL Search Domain Scan URL

URL: https://sacola.magazineluiza.com.br/
Title: e-mail

Search URL Search Domain Scan URL

URL: http://www.magazineluiza.com.br/estaticas/seguranca-maxima/
Title: Certificados e segurança

Search URL Search Domain Scan URL

URL: http://www.internetsegura.org/

Search URL Search Domain Scan URL

URL: https://www.ebit.com.br/magazine-luiza

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://t.myvisualiq.net/sync?prid=EEAEPNR1&red=https%3A%2F%2Floadus.exelator.com%2Fload%2F%3Fp%3D204%26g%3D1260%26buid%3D%24%7BUUID%7D HTTP 302
https://t.myvisualiq.net/ul_cb/sync?prid=EEAEPNR1&red=https%3A%2F%2Floadus.exelator.com%2Fload%2F%3Fp%3D204%26g%3D1260%26buid%3D%24%7BUUID%7D HTTP 302
https://loadus.exelator.com/load/?p=204&g=1260&buid=df942f2d-7573-480c-9d39-9a56f61ada0c

Request Chain 12

https://t.myvisualiq.net/sync?prid=123&ao=0&red=https%3A%2F%2Fwww.facebook.com%2Ftr%3Fid%3D1301318973328695%26ev%3DPageView%26cd%5Border_id%5D%3D%24%7BUUID%7D HTTP 302
https://t.myvisualiq.net/ul_cb/sync?prid=123&ao=0&red=https%3A%2F%2Fwww.facebook.com%2Ftr%3Fid%3D1301318973328695%26ev%3DPageView%26cd%5Border_id%5D%3D%24%7BUUID%7D HTTP 302
https://www.facebook.com/tr?id=1301318973328695&ev=PageView&cd[order_id]=101bbc65-3fa9-4304-a38a-1aeddf44e4f9

Request Chain 13

https://t.myvisualiq.net/sync?prid=Test&ao=0&red=https%3A%2F%2Fad.doubleclick.net%2Fddm%2Ftrackimp%2FN505804.547841VISUALIQINC%2FB20152546.203195786%3Bdc_trk_aid%3D402976504%3Bdc_trk_cid%3D91863518%3Bsz%3D1x1%3Bu%3D%7CVIQ_%24%7BUUID%7D%7C%7Chttp%253A%252F%252F191.239.251.21%252Fpromo-relampago%252FPROMOCAO%252FPRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT%252FIdentificacao%252F%3Bord%3D6532684 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N505804.547841VISUALIQINC/B20152546.203195786;dc_trk_aid=402976504;dc_trk_cid=91863518;sz=1x1;u=%7CVIQ_0-0b977762-cc42-4db3-ace3-5bc3f4879a23%7C%7Chttp%3A%2F%2F191.239.251.21%2Fpromo-relampago%2FPROMOCAO%2FPRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT%2FIdentificacao%2F;ord=6532684 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N505804.547841VISUALIQINC/B20152546.203195786;dc_pre=CP7jxc3-ieMCFZUHiwodoF0LAw;dc_trk_aid=402976504;dc_trk_cid=91863518;sz=1x1;u=%7CVIQ_0-0b977762-cc42-4db3-ace3-5bc3f4879a23%7C%7Chttp%3A%2F%2F191.239.251.21%2Fpromo-relampago%2FPROMOCAO%2FPRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT%2FIdentificacao%2F;ord=6532684

Request Chain 16

https://t.myvisualiq.net/sync?prid=Test&ao=0&red=https%3A%2F%2Fad.doubleclick.net%2Fddm%2Ftrackimp%2FN505804.547841VISUALIQINC%2FB20152546.203195786%3Bdc_trk_aid%3D402976504%3Bdc_trk_cid%3D91863518%3Bsz%3D1x1%3Bu%3D%7CVIQ_%24%7BUUID%7D%7C%7Chttp%253A%252F%252F191.239.251.21%252Fpromo-relampago%252FPROMOCAO%252FPRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT%252FIdentificacao%252F%3Bord%3D1845853 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N505804.547841VISUALIQINC/B20152546.203195786;dc_trk_aid=402976504;dc_trk_cid=91863518;sz=1x1;u=%7CVIQ_0-eb9a54d5-38c0-4e03-86e5-4413af35f583%7C%7Chttp%3A%2F%2F191.239.251.21%2Fpromo-relampago%2FPROMOCAO%2FPRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT%2FIdentificacao%2F;ord=1845853 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N505804.547841VISUALIQINC/B20152546.203195786;dc_pre=CMnnxc3-ieMCFVP1dwodUX0B0Q;dc_trk_aid=402976504;dc_trk_cid=91863518;sz=1x1;u=%7CVIQ_0-eb9a54d5-38c0-4e03-86e5-4413af35f583%7C%7Chttp%3A%2F%2F191.239.251.21%2Fpromo-relampago%2FPROMOCAO%2FPRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT%2FIdentificacao%2F;ord=1845853

Request Chain 17

https://t.myvisualiq.net/sync?prid=Test&ao=0&red=https%3A%2F%2Fad.doubleclick.net%2Fddm%2Ftrackimp%2FN505804.547841VISUALIQINC%2FB20152546.203195786%3Bdc_trk_aid%3D402976504%3Bdc_trk_cid%3D91863518%3Bsz%3D1x1%3Bu%3D%7CVIQ_%24%7BUUID%7D%7C%7Chttp%253A%252F%252F191.239.251.21%252Fpromo-relampago%252FPROMOCAO%252FPRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT%252FIdentificacao%252F%3Bord%3D9752102 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N505804.547841VISUALIQINC/B20152546.203195786;dc_trk_aid=402976504;dc_trk_cid=91863518;sz=1x1;u=%7CVIQ_0-dd41a533-466f-4b12-8105-f810c8e43b90%7C%7Chttp%3A%2F%2F191.239.251.21%2Fpromo-relampago%2FPROMOCAO%2FPRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT%2FIdentificacao%2F;ord=9752102 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N505804.547841VISUALIQINC/B20152546.203195786;dc_pre=CIrlxc3-ieMCFRYIiwod_1MKpw;dc_trk_aid=402976504;dc_trk_cid=91863518;sz=1x1;u=%7CVIQ_0-dd41a533-466f-4b12-8105-f810c8e43b90%7C%7Chttp%3A%2F%2F191.239.251.21%2Fpromo-relampago%2FPROMOCAO%2FPRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT%2FIdentificacao%2F;ord=9752102

Request Chain 18

https://t.myvisualiq.net/sync?prid=Test&ao=0&red=https%3A%2F%2Fad.doubleclick.net%2Fddm%2Ftrackimp%2FN505804.547841VISUALIQINC%2FB20152546.203195786%3Bdc_trk_aid%3D402976504%3Bdc_trk_cid%3D91863518%3Bsz%3D1x1%3Bu%3D%7CVIQ_%24%7BUUID%7D%7C%7Chttp%253A%252F%252F191.239.251.21%252Fpromo-relampago%252FPROMOCAO%252FPRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT%252FIdentificacao%252F%3Bord%3D3209075 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N505804.547841VISUALIQINC/B20152546.203195786;dc_trk_aid=402976504;dc_trk_cid=91863518;sz=1x1;u=%7CVIQ_101bbc65-3fa9-4304-a38a-1aeddf44e4f9%7C%7Chttp%3A%2F%2F191.239.251.21%2Fpromo-relampago%2FPROMOCAO%2FPRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT%2FIdentificacao%2F;ord=3209075 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N505804.547841VISUALIQINC/B20152546.203195786;dc_pre=CPSoxs3-ieMCFY-HdwodE2QFeA;dc_trk_aid=402976504;dc_trk_cid=91863518;sz=1x1;u=%7CVIQ_101bbc65-3fa9-4304-a38a-1aeddf44e4f9%7C%7Chttp%3A%2F%2F191.239.251.21%2Fpromo-relampago%2FPROMOCAO%2FPRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT%2FIdentificacao%2F;ord=3209075

29 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
191.239.251.21/promo-relampago/PROMOCAO/PRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT/Identificacao/ 38 KB
12 KB 724ms
525ms Document
text/html 191.239.251.21
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: http://191.239.251.21/promo-relampago/PROMOCAO/PRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT/Identificacao/
Protocol: HTTP/1.1
Server: 191.239.251.21 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: a5446ff4b37ef8250713e6fb45c979f02d58234c4669a2c451a75acfe2300441

Request headers

Host: 191.239.251.21
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 27 Jun 2019 15:35:30 GMT
Server: Apache/2.4.29 (Ubuntu)
Set-Cookie: PHPSESSID=6sl1qgua1pm2ajut7kqh4biphh; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12202
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK styles.2a92f7fa3e82cdb79e53.css
191.239.251.21/promo-relampago/Files/ 242 KB
69 KB 395ms
206ms Stylesheet
text/css 191.239.251.21
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: http://191.239.251.21/promo-relampago/Files/styles.2a92f7fa3e82cdb79e53.css
Requested by: Host: 191.239.251.21
URL: http://191.239.251.21/promo-relampago/PROMOCAO/PRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT/Identificacao/
Protocol: HTTP/1.1
Security: , ,
Server: 191.239.251.21 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: f88208ee4b204209e8ad1ed2042699b0b73bce01dcb9a2fdbb04d7d237c0d0a2

Request headers

Referer: http://191.239.251.21/promo-relampago/PROMOCAO/PRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT/Identificacao/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 27 Jun 2019 15:35:31 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Jun 2019 17:11:51 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "3c6d8-58c14e8873ea1-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK fs.record.js.download Show response
191.239.251.21/promo-relampago/Files/ 61 KB
19 KB 1398ms
202ms Script
application/javascript 191.239.251.21
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: http://191.239.251.21/promo-relampago/Files/fs.record.js.download
Requested by: Host: 191.239.251.21
URL: http://191.239.251.21/promo-relampago/PROMOCAO/PRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT/Identificacao/
Protocol: HTTP/1.1
Security: , ,
Server: 191.239.251.21 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 2d011ef47ab1a688388b1f225bcbae5e2a1a55a83854299984bf26d90b800d23

Request headers

Referer: http://191.239.251.21/promo-relampago/PROMOCAO/PRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT/Identificacao/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 27 Jun 2019 15:35:32 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Jun 2019 17:11:51 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "f5f8-58c14e8872f01-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 18712

GET
H/1.1 200
OK fs.utils.js.download Show response
191.239.251.21/promo-relampago/Files/ 82 KB
24 KB 2204ms
203ms Script
application/javascript 191.239.251.21
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: http://191.239.251.21/promo-relampago/Files/fs.utils.js.download
Requested by: Host: 191.239.251.21
URL: http://191.239.251.21/promo-relampago/PROMOCAO/PRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT/Identificacao/
Protocol: HTTP/1.1
Security: , ,
Server: 191.239.251.21 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: a143c20a0df6ae06245a89e0dafe6270df1e28863bb4edd564d6e4ec2936964d

Request headers

Referer: http://191.239.251.21/promo-relampago/PROMOCAO/PRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT/Identificacao/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 27 Jun 2019 15:35:33 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Jun 2019 17:11:51 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "146ed-58c14e8872f01-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 24360

GET
H/1.1 200
OK fs.trigger.js.download Show response
191.239.251.21/promo-relampago/Files/ 30 KB
10 KB 1210ms
200ms Script
application/javascript 191.239.251.21
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: http://191.239.251.21/promo-relampago/Files/fs.trigger.js.download
Requested by: Host: 191.239.251.21
URL: http://191.239.251.21/promo-relampago/PROMOCAO/PRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT/Identificacao/
Protocol: HTTP/1.1
Security: , ,
Server: 191.239.251.21 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: b578b681e28e66b74d7086a4b4c186a944e5647ff254eec929442184a45bbe5d

Request headers

Referer: http://191.239.251.21/promo-relampago/PROMOCAO/PRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT/Identificacao/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 27 Jun 2019 15:35:33 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Jun 2019 17:11:51 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "7890-58c14e8872f01-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 9722

GET
H/1.1 200
OK loader.js.download Show response
191.239.251.21/promo-relampago/Files/ 5 KB
2 KB 1413ms
199ms Script
application/javascript 191.239.251.21
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: http://191.239.251.21/promo-relampago/Files/loader.js.download
Requested by: Host: 191.239.251.21
URL: http://191.239.251.21/promo-relampago/PROMOCAO/PRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT/Identificacao/
Protocol: HTTP/1.1
Security: , ,
Server: 191.239.251.21 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 5bbc4f4a2ce601b786190fb40ea1303018598e40125f114da4c2208094be356e

Request headers

Referer: http://191.239.251.21/promo-relampago/PROMOCAO/PRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT/Identificacao/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 27 Jun 2019 15:35:33 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Jun 2019 17:11:51 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "133f-58c14e8872f01-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=89
Content-Length: 2161

GET
H/1.1 200
OK vt-184.js.download Show response
191.239.251.21/promo-relampago/Files/ 14 KB
4 KB 795ms
200ms Script
application/javascript 191.239.251.21
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: http://191.239.251.21/promo-relampago/Files/vt-184.js.download
Requested by: Host: 191.239.251.21
URL: http://191.239.251.21/promo-relampago/PROMOCAO/PRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT/Identificacao/
Protocol: HTTP/1.1
Security: , ,
Server: 191.239.251.21 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 0818683ac0ee8979cd8e9d504c275501af0c3447dfdc6464c700ce71f2077756

Request headers

Referer: http://191.239.251.21/promo-relampago/PROMOCAO/PRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT/Identificacao/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 27 Jun 2019 15:35:31 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Jun 2019 17:11:51 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "3854-58c14e8873ea1-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 3796

GET
H/1.1 200
OK f.txt Show response
191.239.251.21/promo-relampago/Files/ 3 KB
1 KB 995ms
199ms Script
text/plain 191.239.251.21
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: http://191.239.251.21/promo-relampago/Files/f.txt
Requested by: Host: 191.239.251.21
URL: http://191.239.251.21/promo-relampago/PROMOCAO/PRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT/Identificacao/
Protocol: HTTP/1.1
Security: , ,
Server: 191.239.251.21 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: eaef892d7d49739efad3bc652f837d1411c14834bd9179f64c8bbca0362d6079

Request headers

Referer: http://191.239.251.21/promo-relampago/PROMOCAO/PRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT/Identificacao/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 27 Jun 2019 15:35:32 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Jun 2019 17:11:51 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "adb-58c14e8872f01-gzip"
Vary: Accept-Encoding
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1113

GET
H/1.1 200
OK api.js.download Show response
191.239.251.21/promo-relampago/Files/ 847 B
825 B 1614ms
200ms Script
application/javascript 191.239.251.21
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: http://191.239.251.21/promo-relampago/Files/api.js.download
Requested by: Host: 191.239.251.21
URL: http://191.239.251.21/promo-relampago/PROMOCAO/PRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT/Identificacao/
Protocol: HTTP/1.1
Security: , ,
Server: 191.239.251.21 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: cb301c47373b3d6a900af2f6171b97c3b35b1c2386971706ba6feb59ee1bcf57

Request headers

Referer: http://191.239.251.21/promo-relampago/PROMOCAO/PRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT/Identificacao/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 27 Jun 2019 15:35:33 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Jun 2019 17:11:51 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "34f-58c14e8872f01-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=88
Content-Length: 476

GET
H/1.1 404
Not Found platform.js.download
191.239.251.21/promo-relampago/Files/ 0
0 1816ms
201ms Script
text/html 191.239.251.21
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: http://191.239.251.21/promo-relampago/Files/platform.js.download
Requested by: Host: 191.239.251.21
URL: http://191.239.251.21/promo-relampago/PROMOCAO/PRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT/Identificacao/
Protocol: HTTP/1.1
Security: , ,
Server: 191.239.251.21 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash

Request headers

Referer: http://191.239.251.21/promo-relampago/PROMOCAO/PRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT/Identificacao/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 27 Jun 2019 15:35:34 GMT
Server: Apache/2.4.29 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=87
Content-Length: 320
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK f(1).txt Show response
191.239.251.21/promo-relampago/Files/ 3 KB
1 KB 1195ms
199ms Script
text/plain 191.239.251.21
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: http://191.239.251.21/promo-relampago/Files/f(1).txt
Requested by: Host: 191.239.251.21
URL: http://191.239.251.21/promo-relampago/PROMOCAO/PRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT/Identificacao/
Protocol: HTTP/1.1
Security: , ,
Server: 191.239.251.21 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 2791c040b021b63ca35b46e1e5bfe5697a795d6bb8d9b62e1baeab897964c47a

Request headers

Referer: http://191.239.251.21/promo-relampago/PROMOCAO/PRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT/Identificacao/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 27 Jun 2019 15:35:32 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Jun 2019 17:11:51 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "adf-58c14e8872f01-gzip"
Vary: Accept-Encoding
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 1125

GET 1
tapestry.tapad.com/tapestry/ 0
0

GET

/
loadus.exelator.com/load/
Redirect Chain

https://t.myvisualiq.net/sync?prid=EEAEPNR1&red=https%3A%2F%2Floadus.exelator.com%2Fload%2F%3Fp%3D204%26g%3D1260%26buid%3D%24%7BUUID%7D
https://t.myvisualiq.net/ul_cb/sync?prid=EEAEPNR1&red=https%3A%2F%2Floadus.exelator.com%2Fload%2F%3Fp%3D204%26g%3D1260%26buid%3D%24%7BUUID%7D
https://loadus.exelator.com/load/?p=204&g=1260&buid=df942f2d-7573-480c-9d39-9a56f61ada0c

0
0

GET
H2

200

tr
www.facebook.com/
Redirect Chain

https://t.myvisualiq.net/sync?prid=123&ao=0&red=https%3A%2F%2Fwww.facebook.com%2Ftr%3Fid%3D1301318973328695%26ev%3DPageView%26cd%5Border_id%5D%3D%24%7BUUID%7D
https://t.myvisualiq.net/ul_cb/sync?prid=123&ao=0&red=https%3A%2F%2Fwww.facebook.com%2Ftr%3Fid%3D1301318973328695%26ev%3DPageView%26cd%5Border_id%5D%3D%24%7BUUID%7D
https://www.facebook.com/tr?id=1301318973328695&ev=PageView&cd[order_id]=101bbc65-3fa9-4304-a38a-1aeddf44e4f9

44 B
250 B

6ms
6ms

Image
image/gif

2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=1301318973328695&ev=PageView&cd[order_id]=101bbc65-3fa9-4304-a38a-1aeddf44e4f9

Requested by

Host: 191.239.251.21
URL: http://191.239.251.21/promo-relampago/PROMOCAO/PRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT/Identificacao/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://191.239.251.21/promo-relampago/PROMOCAO/PRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT/Identificacao/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 27 Jun 2019 15:35:33 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Thu, 27 Jun 2019 15:35:33 GMT

Redirect headers

Location: https://www.facebook.com/tr?id=1301318973328695&ev=PageView&cd[order_id]=101bbc65-3fa9-4304-a38a-1aeddf44e4f9
Date: Thu, 27 Jun 2019 15:35:33 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

B20152546.203195786;dc_pre=CP7jxc3-ieMCFZUHiwodoF0LAw;dc_trk_aid=402976504;dc_trk_cid=91863518;sz=1x1;u=%7CVIQ_0-0b977762-cc42-4db3-ace3-5bc3f4879a23%7C%7Chttp%3A%2F%2F191.239.251.21%2Fpromo-relamp...
ad.doubleclick.net/ddm/trackimp/N505804.547841VISUALIQINC/
Redirect Chain

https://t.myvisualiq.net/sync?prid=Test&ao=0&red=https%3A%2F%2Fad.doubleclick.net%2Fddm%2Ftrackimp%2FN505804.547841VISUALIQINC%2FB20152546.203195786%3Bdc_trk_aid%3D402976504%3Bdc_trk_cid%3D91863518...
https://ad.doubleclick.net/ddm/trackimp/N505804.547841VISUALIQINC/B20152546.203195786;dc_trk_aid=402976504;dc_trk_cid=91863518;sz=1x1;u=%7CVIQ_0-0b977762-cc42-4db3-ace3-5bc3f4879a23%7C%7Chttp%3A%2F...
https://ad.doubleclick.net/ddm/trackimp/N505804.547841VISUALIQINC/B20152546.203195786;dc_pre=CP7jxc3-ieMCFZUHiwodoF0LAw;dc_trk_aid=402976504;dc_trk_cid=91863518;sz=1x1;u=%7CVIQ_0-0b977762-cc42-4db3...

42 B
308 B

35ms
34ms

Image
image/gif

216.58.206.6
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N505804.547841VISUALIQINC/B20152546.203195786;dc_pre=CP7jxc3-ieMCFZUHiwodoF0LAw;dc_trk_aid=402976504;dc_trk_cid=91863518;sz=1x1;u=%7CVIQ_0-0b977762-cc42-4db3-ace3-5bc3f4879a23%7C%7Chttp%3A%2F%2F191.239.251.21%2Fpromo-relampago%2FPROMOCAO%2FPRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT%2FIdentificacao%2F;ord=6532684

Requested by

Host: 191.239.251.21
URL: http://191.239.251.21/promo-relampago/PROMOCAO/PRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT/Identificacao/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.6 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://191.239.251.21/promo-relampago/PROMOCAO/PRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT/Identificacao/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jun 2019 15:35:34 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Jun 2019 15:35:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://ad.doubleclick.net/ddm/trackimp/N505804.547841VISUALIQINC/B20152546.203195786;dc_pre=CP7jxc3-ieMCFZUHiwodoF0LAw;dc_trk_aid=402976504;dc_trk_cid=91863518;sz=1x1;u=%7CVIQ_0-0b977762-cc42-4db3-ace3-5bc3f4879a23%7C%7Chttp%3A%2F%2F191.239.251.21%2Fpromo-relampago%2FPROMOCAO%2FPRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT%2FIdentificacao%2F;ord=6532684
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1043555940/ 42 B
114 B 24ms
23ms Image
image/gif 2a00:1450:4001:815::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1043555940/?random=1546298985423&cv=9&fst=1546297200000&num=1&guid=ON&eid=659255991&u_h=1024&u_w=1280&u_ah=980&u_aw=1280&u_cd=24&u_his=6&u_tz=-120&u_java=false&u_nplug=3&u_nmime=4&data=ecomm_prodid%3D155539200%2C229154000%3Becomm_pagetype%3Dcart%3Becomm_totalvalue%3D1157.04&sendb=1&frm=0&url=https%3A%2F%2Fsacola.magazineluiza.com.br%2F&ref=https%3A%2F%2Fwww.magazineluiza.com.br%2Fproduto%2Fgarantia-plus%2F%3Fproduct%3D155539200%26marketplaceSellerId%3Dmagazineluiza%26productDiscountPrice%3D1099.00%26productCashPrice%3D1022.07%26productQuantity%3D10&tiba=Sacola%20de%20compras%20-%20Magazine%20Luiza&fmt=3&crd=CITQGw&cdct=2&is_vtc=1&random=1114449891&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: 191.239.251.21
URL: http://191.239.251.21/promo-relampago/PROMOCAO/PRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT/Identificacao/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://191.239.251.21/promo-relampago/PROMOCAO/PRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT/Identificacao/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jun 2019 15:35:32 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com.br/pagead/1p-user-list/1043555940/ 42 B
424 B 77ms
28ms Image
image/gif 2a00:1450:4001:819::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.br/pagead/1p-user-list/1043555940/?random=1546298985423&cv=9&fst=1546297200000&num=1&guid=ON&eid=659255991&u_h=1024&u_w=1280&u_ah=980&u_aw=1280&u_cd=24&u_his=6&u_tz=-120&u_java=false&u_nplug=3&u_nmime=4&data=ecomm_prodid%3D155539200%2C229154000%3Becomm_pagetype%3Dcart%3Becomm_totalvalue%3D1157.04&sendb=1&frm=0&url=https%3A%2F%2Fsacola.magazineluiza.com.br%2F&ref=https%3A%2F%2Fwww.magazineluiza.com.br%2Fproduto%2Fgarantia-plus%2F%3Fproduct%3D155539200%26marketplaceSellerId%3Dmagazineluiza%26productDiscountPrice%3D1099.00%26productCashPrice%3D1022.07%26productQuantity%3D10&tiba=Sacola%20de%20compras%20-%20Magazine%20Luiza&fmt=3&crd=CITQGw&cdct=2&is_vtc=1&random=1114449891&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: 191.239.251.21
URL: http://191.239.251.21/promo-relampago/PROMOCAO/PRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT/Identificacao/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://191.239.251.21/promo-relampago/PROMOCAO/PRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT/Identificacao/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jun 2019 15:35:32 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

B20152546.203195786;dc_pre=CMnnxc3-ieMCFVP1dwodUX0B0Q;dc_trk_aid=402976504;dc_trk_cid=91863518;sz=1x1;u=%7CVIQ_0-eb9a54d5-38c0-4e03-86e5-4413af35f583%7C%7Chttp%3A%2F%2F191.239.251.21%2Fpromo-relamp...
ad.doubleclick.net/ddm/trackimp/N505804.547841VISUALIQINC/
Redirect Chain

https://t.myvisualiq.net/sync?prid=Test&ao=0&red=https%3A%2F%2Fad.doubleclick.net%2Fddm%2Ftrackimp%2FN505804.547841VISUALIQINC%2FB20152546.203195786%3Bdc_trk_aid%3D402976504%3Bdc_trk_cid%3D91863518...
https://ad.doubleclick.net/ddm/trackimp/N505804.547841VISUALIQINC/B20152546.203195786;dc_trk_aid=402976504;dc_trk_cid=91863518;sz=1x1;u=%7CVIQ_0-eb9a54d5-38c0-4e03-86e5-4413af35f583%7C%7Chttp%3A%2F...
https://ad.doubleclick.net/ddm/trackimp/N505804.547841VISUALIQINC/B20152546.203195786;dc_pre=CMnnxc3-ieMCFVP1dwodUX0B0Q;dc_trk_aid=402976504;dc_trk_cid=91863518;sz=1x1;u=%7CVIQ_0-eb9a54d5-38c0-4e03...

42 B
319 B

35ms
34ms

Image
image/gif

216.58.206.6
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N505804.547841VISUALIQINC/B20152546.203195786;dc_pre=CMnnxc3-ieMCFVP1dwodUX0B0Q;dc_trk_aid=402976504;dc_trk_cid=91863518;sz=1x1;u=%7CVIQ_0-eb9a54d5-38c0-4e03-86e5-4413af35f583%7C%7Chttp%3A%2F%2F191.239.251.21%2Fpromo-relampago%2FPROMOCAO%2FPRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT%2FIdentificacao%2F;ord=1845853

Requested by

Host: 191.239.251.21
URL: http://191.239.251.21/promo-relampago/PROMOCAO/PRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT/Identificacao/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.6 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://191.239.251.21/promo-relampago/PROMOCAO/PRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT/Identificacao/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jun 2019 15:35:34 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Jun 2019 15:35:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://ad.doubleclick.net/ddm/trackimp/N505804.547841VISUALIQINC/B20152546.203195786;dc_pre=CMnnxc3-ieMCFVP1dwodUX0B0Q;dc_trk_aid=402976504;dc_trk_cid=91863518;sz=1x1;u=%7CVIQ_0-eb9a54d5-38c0-4e03-86e5-4413af35f583%7C%7Chttp%3A%2F%2F191.239.251.21%2Fpromo-relampago%2FPROMOCAO%2FPRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT%2FIdentificacao%2F;ord=1845853
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

B20152546.203195786;dc_pre=CIrlxc3-ieMCFRYIiwod_1MKpw;dc_trk_aid=402976504;dc_trk_cid=91863518;sz=1x1;u=%7CVIQ_0-dd41a533-466f-4b12-8105-f810c8e43b90%7C%7Chttp%3A%2F%2F191.239.251.21%2Fpromo-relamp...
ad.doubleclick.net/ddm/trackimp/N505804.547841VISUALIQINC/
Redirect Chain

https://t.myvisualiq.net/sync?prid=Test&ao=0&red=https%3A%2F%2Fad.doubleclick.net%2Fddm%2Ftrackimp%2FN505804.547841VISUALIQINC%2FB20152546.203195786%3Bdc_trk_aid%3D402976504%3Bdc_trk_cid%3D91863518...
https://ad.doubleclick.net/ddm/trackimp/N505804.547841VISUALIQINC/B20152546.203195786;dc_trk_aid=402976504;dc_trk_cid=91863518;sz=1x1;u=%7CVIQ_0-dd41a533-466f-4b12-8105-f810c8e43b90%7C%7Chttp%3A%2F...
https://ad.doubleclick.net/ddm/trackimp/N505804.547841VISUALIQINC/B20152546.203195786;dc_pre=CIrlxc3-ieMCFRYIiwod_1MKpw;dc_trk_aid=402976504;dc_trk_cid=91863518;sz=1x1;u=%7CVIQ_0-dd41a533-466f-4b12...

42 B
307 B

45ms
43ms

Image
image/gif

216.58.206.6
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N505804.547841VISUALIQINC/B20152546.203195786;dc_pre=CIrlxc3-ieMCFRYIiwod_1MKpw;dc_trk_aid=402976504;dc_trk_cid=91863518;sz=1x1;u=%7CVIQ_0-dd41a533-466f-4b12-8105-f810c8e43b90%7C%7Chttp%3A%2F%2F191.239.251.21%2Fpromo-relampago%2FPROMOCAO%2FPRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT%2FIdentificacao%2F;ord=9752102

Requested by

Host: 191.239.251.21
URL: http://191.239.251.21/promo-relampago/PROMOCAO/PRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT/Identificacao/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.6 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://191.239.251.21/promo-relampago/PROMOCAO/PRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT/Identificacao/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jun 2019 15:35:34 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Jun 2019 15:35:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://ad.doubleclick.net/ddm/trackimp/N505804.547841VISUALIQINC/B20152546.203195786;dc_pre=CIrlxc3-ieMCFRYIiwod_1MKpw;dc_trk_aid=402976504;dc_trk_cid=91863518;sz=1x1;u=%7CVIQ_0-dd41a533-466f-4b12-8105-f810c8e43b90%7C%7Chttp%3A%2F%2F191.239.251.21%2Fpromo-relampago%2FPROMOCAO%2FPRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT%2FIdentificacao%2F;ord=9752102
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

B20152546.203195786;dc_pre=CPSoxs3-ieMCFY-HdwodE2QFeA;dc_trk_aid=402976504;dc_trk_cid=91863518;sz=1x1;u=%7CVIQ_101bbc65-3fa9-4304-a38a-1aeddf44e4f9%7C%7Chttp%3A%2F%2F191.239.251.21%2Fpromo-relampag...
ad.doubleclick.net/ddm/trackimp/N505804.547841VISUALIQINC/
Redirect Chain

https://t.myvisualiq.net/sync?prid=Test&ao=0&red=https%3A%2F%2Fad.doubleclick.net%2Fddm%2Ftrackimp%2FN505804.547841VISUALIQINC%2FB20152546.203195786%3Bdc_trk_aid%3D402976504%3Bdc_trk_cid%3D91863518...
https://ad.doubleclick.net/ddm/trackimp/N505804.547841VISUALIQINC/B20152546.203195786;dc_trk_aid=402976504;dc_trk_cid=91863518;sz=1x1;u=%7CVIQ_101bbc65-3fa9-4304-a38a-1aeddf44e4f9%7C%7Chttp%3A%2F%2...
https://ad.doubleclick.net/ddm/trackimp/N505804.547841VISUALIQINC/B20152546.203195786;dc_pre=CPSoxs3-ieMCFY-HdwodE2QFeA;dc_trk_aid=402976504;dc_trk_cid=91863518;sz=1x1;u=%7CVIQ_101bbc65-3fa9-4304-a...

42 B
307 B

34ms
33ms

Image
image/gif

216.58.206.6
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N505804.547841VISUALIQINC/B20152546.203195786;dc_pre=CPSoxs3-ieMCFY-HdwodE2QFeA;dc_trk_aid=402976504;dc_trk_cid=91863518;sz=1x1;u=%7CVIQ_101bbc65-3fa9-4304-a38a-1aeddf44e4f9%7C%7Chttp%3A%2F%2F191.239.251.21%2Fpromo-relampago%2FPROMOCAO%2FPRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT%2FIdentificacao%2F;ord=3209075

Requested by

Host: 191.239.251.21
URL: http://191.239.251.21/promo-relampago/PROMOCAO/PRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT/Identificacao/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.6 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://191.239.251.21/promo-relampago/PROMOCAO/PRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT/Identificacao/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jun 2019 15:35:34 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Jun 2019 15:35:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://ad.doubleclick.net/ddm/trackimp/N505804.547841VISUALIQINC/B20152546.203195786;dc_pre=CPSoxs3-ieMCFY-HdwodE2QFeA;dc_trk_aid=402976504;dc_trk_cid=91863518;sz=1x1;u=%7CVIQ_101bbc65-3fa9-4304-a38a-1aeddf44e4f9%7C%7Chttp%3A%2F%2F191.239.251.21%2Fpromo-relampago%2FPROMOCAO%2FPRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT%2FIdentificacao%2F;ord=3209075
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1043555940/ 42 B
114 B 28ms
27ms Image
image/gif 2a00:1450:4001:815::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1043555940/?random=1546298993159&cv=9&fst=1546297200000&num=2&guid=ON&eid=376635470%2C659255991&u_h=1024&u_w=1280&u_ah=980&u_aw=1280&u_cd=24&u_his=7&u_tz=-120&u_java=false&u_nplug=3&u_nmime=4&data=ecomm_prodid%3D229154000%3Becomm_pagetype%3Dpurchase%3Becomm_totalvalue%3D134.97&sendb=1&frm=0&url=https%3A%2F%2Fsacola.magazineluiza.com.br%2F&ref=https%3A%2F%2Fwww.magazineluiza.com.br%2Fproduto%2Fgarantia-plus%2F%3Fproduct%3D155539200%26marketplaceSellerId%3Dmagazineluiza%26productDiscountPrice%3D1099.00%26productCashPrice%3D1022.07%26productQuantity%3D10&tiba=Sacola%20de%20compras%20-%20Magazine%20Luiza&fmt=3&crd=CITQGw&cdct=2&is_vtc=1&random=508031351&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: 191.239.251.21
URL: http://191.239.251.21/promo-relampago/PROMOCAO/PRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT/Identificacao/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://191.239.251.21/promo-relampago/PROMOCAO/PRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT/Identificacao/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jun 2019 15:35:33 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com.br/pagead/1p-user-list/1043555940/ 42 B
111 B 31ms
30ms Image
image/gif 2a00:1450:4001:819::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.br/pagead/1p-user-list/1043555940/?random=1546298993159&cv=9&fst=1546297200000&num=2&guid=ON&eid=376635470%2C659255991&u_h=1024&u_w=1280&u_ah=980&u_aw=1280&u_cd=24&u_his=7&u_tz=-120&u_java=false&u_nplug=3&u_nmime=4&data=ecomm_prodid%3D229154000%3Becomm_pagetype%3Dpurchase%3Becomm_totalvalue%3D134.97&sendb=1&frm=0&url=https%3A%2F%2Fsacola.magazineluiza.com.br%2F&ref=https%3A%2F%2Fwww.magazineluiza.com.br%2Fproduto%2Fgarantia-plus%2F%3Fproduct%3D155539200%26marketplaceSellerId%3Dmagazineluiza%26productDiscountPrice%3D1099.00%26productCashPrice%3D1022.07%26productQuantity%3D10&tiba=Sacola%20de%20compras%20-%20Magazine%20Luiza&fmt=3&crd=CITQGw&cdct=2&is_vtc=1&random=508031351&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: 191.239.251.21
URL: http://191.239.251.21/promo-relampago/PROMOCAO/PRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT/Identificacao/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://191.239.251.21/promo-relampago/PROMOCAO/PRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT/Identificacao/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jun 2019 15:35:33 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 404
Not Found saved_resource(4).html Show response
191.239.251.21/promo-relampago/Files/ Frame 9658 322 B
538 B 396ms
199ms Document
text/html 191.239.251.21
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: http://191.239.251.21/promo-relampago/Files/saved_resource(4).html
Requested by: Host: 191.239.251.21
URL: http://191.239.251.21/promo-relampago/PROMOCAO/PRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT/Identificacao/
Protocol: HTTP/1.1
Server: 191.239.251.21 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 8f345b46cce02748915f83e43744b49052201f81e99cf8424c054e2287684f79

Request headers

Host: 191.239.251.21
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://191.239.251.21/promo-relampago/PROMOCAO/PRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT/Identificacao/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://191.239.251.21/promo-relampago/PROMOCAO/PRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT/Identificacao/

Response headers

Date: Thu, 27 Jun 2019 15:35:32 GMT
Server: Apache/2.4.29 (Ubuntu)
Content-Length: 322
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 login_button.php
www.facebook.com/v3.3/plugins/ Frame A0EA 0
0 66ms
65ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v3.3/plugins/login_button.php?app_id=113869198637480&auto_logout_link=false&button_type=continue_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df2629f8e195ee08%26domain%3Ddevelopers.facebook.com%26origin%3Dhttps%253A%252F%252Fdevelopers.facebook.com%252Ff2416350f6cfaf4%26relation%3Dparent.parent&container_width=734&locale=pt_BR&sdk=joey&size=large&use_continue_as=true&width=450

Requested by

Host: 191.239.251.21
URL: http://191.239.251.21/promo-relampago/PROMOCAO/PRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT/Identificacao/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v3.3/plugins/login_button.php?app_id=113869198637480&auto_logout_link=false&button_type=continue_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df2629f8e195ee08%26domain%3Ddevelopers.facebook.com%26origin%3Dhttps%253A%252F%252Fdevelopers.facebook.com%252Ff2416350f6cfaf4%26relation%3Dparent.parent&container_width=734&locale=pt_BR&sdk=joey&size=large&use_continue_as=true&width=450
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: http://191.239.251.21/promo-relampago/PROMOCAO/PRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT/Identificacao/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://191.239.251.21/promo-relampago/PROMOCAO/PRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT/Identificacao/

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary: Accept-Encoding
x-content-type-options: nosniff
facebook-api-version: v3.3
x-xss-protection: 0
content-type: text/html; charset="utf-8"
x-fb-debug: aVU+Hjjxr9ZjhjZ+9PHEwwc62lye4DDhXpP+vHGsVGRISmr8UEIbQospxKDCEbiMvP+jwWR9DmJxG/QIEw+RTw==
date: Thu, 27 Jun 2019 15:35:32 GMT

GET
H/1.1 404
Not Found j-GHT1gpo6-.html Show response
191.239.251.21/promo-relampago/Files/ Frame 59A1 316 B
532 B 578ms
200ms Document
text/html 191.239.251.21
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: http://191.239.251.21/promo-relampago/Files/j-GHT1gpo6-.html
Requested by: Host: 191.239.251.21
URL: http://191.239.251.21/promo-relampago/PROMOCAO/PRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT/Identificacao/
Protocol: HTTP/1.1
Server: 191.239.251.21 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: e972ea862a730684b2b3e7c2759ea277d12ab4809e50dfa8f01e42526e8f1bbd

Request headers

Host: 191.239.251.21
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://191.239.251.21/promo-relampago/PROMOCAO/PRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT/Identificacao/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://191.239.251.21/promo-relampago/PROMOCAO/PRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT/Identificacao/

Response headers

Date: Thu, 27 Jun 2019 15:35:32 GMT
Server: Apache/2.4.29 (Ubuntu)
Content-Length: 316
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found bframe.html Show response
191.239.251.21/promo-relampago/Files/ Frame 4BA4 311 B
527 B 774ms
199ms Document
text/html 191.239.251.21
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: http://191.239.251.21/promo-relampago/Files/bframe.html
Requested by: Host: 191.239.251.21
URL: http://191.239.251.21/promo-relampago/PROMOCAO/PRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT/Identificacao/
Protocol: HTTP/1.1
Server: 191.239.251.21 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 44804061336a997b14d156e686e4c3262f62e035593157d4a6f08e8edcd2d3be

Request headers

Host: 191.239.251.21
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://191.239.251.21/promo-relampago/PROMOCAO/PRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT/Identificacao/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://191.239.251.21/promo-relampago/PROMOCAO/PRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT/Identificacao/

Response headers

Date: Thu, 27 Jun 2019 15:35:33 GMT
Server: Apache/2.4.29 (Ubuntu)
Content-Length: 311
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found loader.js
191.239.251.21/search/generated/magazineluiza/ 0
0 598ms
201ms Script
text/html 191.239.251.21
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: http://191.239.251.21/search/generated/magazineluiza/loader.js?t=1735166
Requested by: Host: 191.239.251.21
URL: http://191.239.251.21/promo-relampago/Files/loader.js.download
Protocol: HTTP/1.1
Security: , ,
Server: 191.239.251.21 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash

Request headers

Referer: http://191.239.251.21/promo-relampago/PROMOCAO/PRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT/Identificacao/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 27 Jun 2019 15:35:34 GMT
Server: Apache/2.4.29 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=86
Content-Length: 318
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found current.js
191.239.251.21/promo-relampago/Files/magazineluiza/ 0
0 798ms
199ms Script
text/html 191.239.251.21
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: http://191.239.251.21/promo-relampago/Files/magazineluiza/current.js?t=1735166
Requested by: Host: 191.239.251.21
URL: http://191.239.251.21/promo-relampago/Files/loader.js.download
Protocol: HTTP/1.1
Security: , ,
Server: 191.239.251.21 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash

Request headers

Referer: http://191.239.251.21/promo-relampago/PROMOCAO/PRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT/Identificacao/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 27 Jun 2019 15:35:34 GMT
Server: Apache/2.4.29 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=85
Content-Length: 324
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 recaptcha__pt_br.js Show response
www.gstatic.com/recaptcha/api2/v1545073489967/ 263 KB
92 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:818::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/api2/v1545073489967/recaptcha__pt_br.js

Requested by

Host: 191.239.251.21
URL: http://191.239.251.21/promo-relampago/Files/api.js.download

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

d58db03a73fb2392cba14e025099745d5a806d81f037ba47a937c4a30cd8f7ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://191.239.251.21/promo-relampago/PROMOCAO/PRODUTO1df2b8e0d3663b59447b3d7af7d2a189MRBT/Identificacao/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Jun 2019 16:49:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 17 Dec 2018 21:15:00 GMT
server: sffe
age: 1118755
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 93621
x-xss-protection: 0
expires: Sat, 13 Jun 2020 16:49:39 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tapestry.tapad.com
URL: https://tapestry.tapad.com/tapestry/1?ta_partner_id=950&ta_redirect=https%3A%2F%2Ft.myvisualiq.net%2Fsync%3Fprid%3D1001%26ao%3D0%26pruuid%3DTAPAD_%24%7BIDS%3Akey%7D

Domain: loadus.exelator.com
URL: https://loadus.exelator.com/load/?p=204&g=1260&buid=df942f2d-7573-480c-9d39-9a56f61ada0c

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Magazine Luiza (Consumer)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.gstatic.com/recaptcha/api2/v1545073489967/recaptcha__pt_br.js(Line 508) Message: reCAPTCHA couldn't find user-provided function: onloadCaptchaCallback

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
loadus.exelator.com
t.myvisualiq.net
tapestry.tapad.com
www.facebook.com
www.google.com
www.google.com.br
www.gstatic.com
loadus.exelator.com
tapestry.tapad.com
18.184.44.178
191.239.251.21
216.58.206.6
2a00:1450:4001:815::2004
2a00:1450:4001:818::2003
2a00:1450:4001:819::2003
2a03:2880:f12d:83:face:b00c:0:25de
0818683ac0ee8979cd8e9d504c275501af0c3447dfdc6464c700ce71f2077756
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
2791c040b021b63ca35b46e1e5bfe5697a795d6bb8d9b62e1baeab897964c47a
2d011ef47ab1a688388b1f225bcbae5e2a1a55a83854299984bf26d90b800d23
44804061336a997b14d156e686e4c3262f62e035593157d4a6f08e8edcd2d3be
5bbc4f4a2ce601b786190fb40ea1303018598e40125f114da4c2208094be356e
8f345b46cce02748915f83e43744b49052201f81e99cf8424c054e2287684f79
a143c20a0df6ae06245a89e0dafe6270df1e28863bb4edd564d6e4ec2936964d
a5446ff4b37ef8250713e6fb45c979f02d58234c4669a2c451a75acfe2300441
b578b681e28e66b74d7086a4b4c186a944e5647ff254eec929442184a45bbe5d
cb301c47373b3d6a900af2f6171b97c3b35b1c2386971706ba6feb59ee1bcf57
d58db03a73fb2392cba14e025099745d5a806d81f037ba47a937c4a30cd8f7ed
e972ea862a730684b2b3e7c2759ea277d12ab4809e50dfa8f01e42526e8f1bbd
eaef892d7d49739efad3bc652f837d1411c14834bd9179f64c8bbca0362d6079
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f88208ee4b204209e8ad1ed2042699b0b73bce01dcb9a2fdbb04d7d237c0d0a2

191.239.251.21 Open in urlscan Pro 191.239.251.21 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

29 Requests

38 %HTTPS

57 %IPv6

8 Domains

8 Subdomains

7 IPs

4 Countries

240 kBTransfer

743 kBSize

0 Cookies

6 Outgoing links

Redirected requests

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

191.239.251.21 Open in urlscan Pro
191.239.251.21 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

29
Requests

38 %
HTTPS

57 %
IPv6

8
Domains

8
Subdomains

7
IPs

4
Countries

240 kB
Transfer

743 kB
Size

0
Cookies

29 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!