urlscan.io logo urlscan.io
SecurityTrails logo

194.71.70.34.bc.googleusercontent.com Open in urlscan Pro
34.70.71.194  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://194.71.70.34.bc.googleusercontent.com/identificacao.php
Submission: On December 14 via api from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 7 countries across 12 domains to perform 25 HTTP transactions. The main IP is 34.70.71.194, located in United States and belongs to GOOGLE - Google LLC, US. The main domain is 194.71.70.34.bc.googleusercontent.com.
This is the only time 194.71.70.34.bc.googleusercontent.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Magazine Luiza (Consumer)

Domain & IP information

IP Address AS Autonomous System
1 34.70.71.194 15169 (GOOGLE)
4 151.80.204.62 16276 (OVH)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
4 13.224.196.41 16509 (AMAZON-02)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2a00:1288:f03... 10310 (YAHOO-1)
1 52.95.163.26 16509 (AMAZON-02)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 52.1.244.191 14618 (AMAZON-AES)
25 13
1    34.70.71.194 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 194.71.70.34.bc.googleusercontent.com
194.71.70.34.bc.googleusercontent.com
4    151.80.204.62 (Roubaix, France)

ASN16276 (OVH, FR)
PTR: ip62.ip-151-80-204.eu
sacola.magazineluiza.com.br
2    2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
4    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
2    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
4    13.224.196.41 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-224-196-41.fra2.r.cloudfront.net
gateway.foresee.com
2    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
bat.bing.com
2    2a00:1288:f03d:1fa::2000 (United Kingdom)

ASN10310 (YAHOO-1 - Oath Holdings Inc., US)
s.yimg.com
1    52.95.163.26 (São Paulo, Brazil)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-sa-east-1.amazonaws.com
s3-sa-east-1.amazonaws.com
1    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
1    2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
2    52.1.244.191 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-1-244-191.compute-1.amazonaws.com
analytics.foresee.com
Domain Requested by
4 gateway.foresee.com 194.71.70.34.bc.googleusercontent.com
gateway.foresee.com
4 www.google-analytics.com 1 redirects 194.71.70.34.bc.googleusercontent.com
www.google-analytics.com
4 sacola.magazineluiza.com.br 194.71.70.34.bc.googleusercontent.com
2 analytics.foresee.com sacola.magazineluiza.com.br
2 s.yimg.com 194.71.70.34.bc.googleusercontent.com
sacola.magazineluiza.com.br
2 bat.bing.com
2 connect.facebook.net connect.facebook.net
2 www.googletagmanager.com 194.71.70.34.bc.googleusercontent.com
www.googletagmanager.com
2 www.google.com 1 redirects 194.71.70.34.bc.googleusercontent.com
1 www.google.de
1 stats.g.doubleclick.net 1 redirects
1 s3-sa-east-1.amazonaws.com
1 194.71.70.34.bc.googleusercontent.com
25 13

This site contains links to these domains. Also see Links.

Domain
www.magazineluiza.com.br
www.internetsegura.org
www.ebit.com.br
Subject Issuer Validity Valid
*.magazineluiza.com.br
COMODO RSA Domain Validation Secure Server CA		 2018-07-16 -
2020-09-13		 2 years crt.sh
www.google.com
GTS CA 1O1		 2019-11-13 -
2020-02-05		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-11-13 -
2020-02-05		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-12-06 -
2020-03-05		 3 months crt.sh
www.bing.com
Microsoft IT TLS CA 2		 2019-04-30 -
2021-04-30		 2 years crt.sh
*.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2019-12-10 -
2020-01-24		 a month crt.sh
*.s3-sa-east-1.amazonaws.com
DigiCert Baltimore CA-2 G2		 2019-11-09 -
2020-12-10		 a year crt.sh
www.google.de
GTS CA 1O1		 2019-11-13 -
2020-02-05		 3 months crt.sh

This page contains 2 frames:

Primary Page: http://194.71.70.34.bc.googleusercontent.com/identificacao.php
Frame ID: 12E8D4D1083E9E9C91C2521F6DD99C3B
Requests: 25 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LduICwUAAAAAKAKuy-fjzvHxJFX9hs6MQHkuJGR&co=aHR0cHM6Ly9zYWNvbGEubWFnYXppbmVsdWl6YS5jb20uYnI6NDQz&hl=pt-BR&v=mhgGrlTs_PbFQOW4ejlxlxZn&size=invisible&cb=ehowqcgotlda
Frame ID: F92CA75881623ECF5ED12F99C4959797
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
  • headers server /php\/?([\d.]+)?/i
Overall confidence: 100%
Detected patterns
  • headers server /Win32|Win64/i
Overall confidence: 100%
Detected patterns
  • headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • html /<[^>]+data-react/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
  • script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Page Statistics

25
Requests

64 %
HTTPS

62 %
IPv6

12
Domains

13
Subdomains

13
IPs

7
Countries

1102 kB
Transfer

3627 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • http://connect.facebook.net/en_US/fbevents.js HTTP 307
  • https://connect.facebook.net/en_US/fbevents.js
Request Chain 10
  • http://bat.bing.com/bat.js HTTP 307
  • https://bat.bing.com/bat.js
Request Chain 16
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 17
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1016806275&t=pageview&_s=1&dl=http%3A%2F%2F194.71.70.34.bc.googleusercontent.com%2Fidentificacao.php&dp=%2Fcarrinho&ul=en-us&de=UTF-8&dt=Sacola%20de%20compras%20-%20Magazine%20Luiza&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGDAAEAL~&jid=2110342659&gjid=1452781787&cid=2034126330.1576341811&tid=UA-42817937-15&_gid=81462119.1576341811&_r=1&gtm=2wgc61MLGXC37&cd54=%7B%7B&z=1556123599 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-42817937-15&cid=2034126330.1576341811&jid=2110342659&_gid=81462119.1576341811&gjid=1452781787&_v=j79&z=1556123599 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-42817937-15&cid=2034126330.1576341811&jid=2110342659&_v=j79&z=1556123599 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-42817937-15&cid=2034126330.1576341811&jid=2110342659&_v=j79&z=1556123599&slf_rd=1&random=2886814865
Request Chain 18
  • http://bat.bing.com/action/0?ti=5283823&Ver=2&mid=d6bf3ba3-7aaf-6929-0275-1e56de7a41bc&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Sacola%20de%20compras%20-%20Magazine%20Luiza&p=http%3A%2F%2F194.71.70.34.bc.googleusercontent.com%2Fidentificacao.php%23%2F&r=&lt=1963&evt=pageLoad&msclkid=N&rn=922969 HTTP 307
  • https://bat.bing.com/action/0?ti=5283823&Ver=2&mid=d6bf3ba3-7aaf-6929-0275-1e56de7a41bc&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Sacola%20de%20compras%20-%20Magazine%20Luiza&p=http%3A%2F%2F194.71.70.34.bc.googleusercontent.com%2Fidentificacao.php%23%2F&r=&lt=1963&evt=pageLoad&msclkid=N&rn=922969

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request identificacao.php
194.71.70.34.bc.googleusercontent.com/ 		26 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://194.71.70.34.bc.googleusercontent.com/identificacao.php
Protocol
HTTP/1.1
Server
34.70.71.194 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
194.71.70.34.bc.googleusercontent.com
Software
Apache/2.4.41 (Win64) OpenSSL/1.1.1c PHP/7.3.12 / PHP/7.3.12
Resource Hash
d72fb107c95c2170e78e58796e350ec53681a2f768c49a3ed4e4840ea9999c5e

Request headers

Host
194.71.70.34.bc.googleusercontent.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 14 Dec 2019 16:43:29 GMT
Server
Apache/2.4.41 (Win64) OpenSSL/1.1.1c PHP/7.3.12
X-Powered-By
PHP/7.3.12
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
styles.bd5dbbb91315dac916b8.css
sacola.magazineluiza.com.br/static/ 		126 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sacola.magazineluiza.com.br/static/styles.bd5dbbb91315dac916b8.css
Requested by
Host: 194.71.70.34.bc.googleusercontent.com
URL: http://194.71.70.34.bc.googleusercontent.com/identificacao.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.80.204.62 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
ip62.ip-151-80-204.eu
Software
AmazonS3 /
Resource Hash
5dcba352761ff6f587b0a04958c66c864fdec539f8215612e92b42c6c6c5c46f

Request headers

Referer
http://194.71.70.34.bc.googleusercontent.com/identificacao.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 14 Dec 2019 16:43:29 GMT
content-encoding
gzip
last-modified
Fri, 06 Dec 2019 17:25:12 GMT
server
AmazonS3
x-amz-request-id
C4164E54CEC0DA97
etag
W/"3d021e4342b1c7e4f3aff3d741dafa6b"
vary
Accept-Encoding, User-Agent
content-type
text/css
status
200
cache-control
max-age=31536000
x-amz-id-2
Dmz6RRevy0wEA/1/sX60tRF0xevwYzEMbnsNa/9ylaRci3MwZn261Ycy/P9iH2jRH/fRQMfCq0E=
expires
Sun, 13 Dec 2020 16:43:29 GMT
settings.js
sacola.magazineluiza.com.br/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sacola.magazineluiza.com.br/settings.js
Requested by
Host: 194.71.70.34.bc.googleusercontent.com
URL: http://194.71.70.34.bc.googleusercontent.com/identificacao.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.80.204.62 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
ip62.ip-151-80-204.eu
Software
Python/3.5 aiohttp/1.0.5 /
Resource Hash
35f27aefe0ce354dbe29cc71f1e8475b022c54d2c01b1d5d4a617cdb7801f3d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
http://194.71.70.34.bc.googleusercontent.com/identificacao.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-version
5.15.0
date
Sat, 14 Dec 2019 16:43:29 GMT
via
1.1 google
x-content-type-options
nosniff
alt-svc
clear
server
Python/3.5 aiohttp/1.0.5
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
status
200
cache-control
max-age=0
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
vary
Accept-Encoding, User-Agent
x-xss-protection
1;mode=block
expires
Sat, 14 Dec 2019 16:43:29 GMT
app.bd5dbbb91315dac916b8.js
sacola.magazineluiza.com.br/static/ 		2 MB
626 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sacola.magazineluiza.com.br/static/app.bd5dbbb91315dac916b8.js
Requested by
Host: 194.71.70.34.bc.googleusercontent.com
URL: http://194.71.70.34.bc.googleusercontent.com/identificacao.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.80.204.62 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
ip62.ip-151-80-204.eu
Software
AmazonS3 /
Resource Hash
a04fc5dfd31c726717a79da8c1545ca2ae3705ce7cb2bd7e4d9bc9f08dc9e5f8

Request headers

Referer
http://194.71.70.34.bc.googleusercontent.com/identificacao.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 14 Dec 2019 16:43:29 GMT
content-encoding
gzip
last-modified
Fri, 06 Dec 2019 17:25:12 GMT
server
AmazonS3
x-amz-request-id
1EFCDEF964E62B9F
etag
W/"cfd99ddaf423b66e849d1214e23c7de6"
vary
Accept-Encoding, User-Agent
content-type
application/javascript
status
200
cache-control
max-age=31536000
x-amz-id-2
nqPjlVqm9r0NEd4GgNKR8iHJevoiox9QELxDqNip6bOexVT97BCCD5wNcBs7qFuUfjgzZIvyCiI=
expires
Sun, 13 Dec 2020 16:43:29 GMT
TokenEx-Lite.js
sacola.magazineluiza.com.br/static/ 		128 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sacola.magazineluiza.com.br/static/TokenEx-Lite.js
Requested by
Host: 194.71.70.34.bc.googleusercontent.com
URL: http://194.71.70.34.bc.googleusercontent.com/identificacao.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.80.204.62 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
ip62.ip-151-80-204.eu
Software
AmazonS3 /
Resource Hash
1f2fc2c1175d0e4fb096fbe5791aa619eea034bc52b6f13d6032fc087753ee46

Request headers

Referer
http://194.71.70.34.bc.googleusercontent.com/identificacao.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 14 Dec 2019 16:43:29 GMT
content-encoding
gzip
last-modified
Thu, 12 Dec 2019 13:58:38 GMT
server
AmazonS3
x-amz-request-id
5407604EAC0BEB70
etag
W/"fe3970480dd31670a0fe8557c7b1063a"
vary
Accept-Encoding, User-Agent
content-type
application/javascript
status
200
cache-control
max-age=86400
x-amz-id-2
rV8OX2O3J6kpsM1SRxQSmHSd/cQZfD87K/NLz8eLHllSRPAVeTuYwNXm1KHunbCpIjlrgUdUL5Y=
expires
Sun, 15 Dec 2019 16:43:29 GMT
anchor
www.google.com/recaptcha/api2/ Frame F92C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LduICwUAAAAAKAKuy-fjzvHxJFX9hs6MQHkuJGR&co=aHR0cHM6Ly9zYWNvbGEubWFnYXppbmVsdWl6YS5jb20uYnI6NDQz&hl=pt-BR&v=mhgGrlTs_PbFQOW4ejlxlxZn&size=invisible&cb=ehowqcgotlda
Requested by
Host: 194.71.70.34.bc.googleusercontent.com
URL: http://194.71.70.34.bc.googleusercontent.com/identificacao.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-PLxNeUXX2QlsL8TbyqJgJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LduICwUAAAAAKAKuy-fjzvHxJFX9hs6MQHkuJGR&co=aHR0cHM6Ly9zYWNvbGEubWFnYXppbmVsdWl6YS5jb20uYnI6NDQz&hl=pt-BR&v=mhgGrlTs_PbFQOW4ejlxlxZn&size=invisible&cb=ehowqcgotlda
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
http://194.71.70.34.bc.googleusercontent.com/identificacao.php
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://194.71.70.34.bc.googleusercontent.com/identificacao.php

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sat, 14 Dec 2019 16:43:30 GMT
content-security-policy
script-src 'report-sample' 'nonce-PLxNeUXX2QlsL8TbyqJgJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
9063
server
GSE
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
674f2e142c0c2672949779553e250874c544a583c64a5e42481cef0ae82c8ecc

Request headers

Referer
http://194.71.70.34.bc.googleusercontent.com/identificacao.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: 194.71.70.34.bc.googleusercontent.com
URL: http://194.71.70.34.bc.googleusercontent.com/identificacao.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://194.71.70.34.bc.googleusercontent.com/identificacao.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
593
date
Sat, 14 Dec 2019 16:33:37 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Sat, 14 Dec 2019 18:33:37 GMT
gtm.js
www.googletagmanager.com/ 		387 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.googletagmanager.com/gtm.js?id=GTM-5C2BX4
Requested by
Host: 194.71.70.34.bc.googleusercontent.com
URL: http://194.71.70.34.bc.googleusercontent.com/identificacao.php
Protocol
HTTP/1.1
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
58835d6f7913ba153b5e7179c3d3f99057e465bf89b59b98fdcd3bee493fee61
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://194.71.70.34.bc.googleusercontent.com/identificacao.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 14 Dec 2019 16:43:30 GMT
Content-Encoding
gzip
Server
Google Tag Manager
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
http://www.googletagmanager.com
Cache-Control
private, max-age=900
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Cache-Control
Content-Length
95948
X-XSS-Protection
0
Expires
Sat, 14 Dec 2019 16:43:30 GMT
fbevents.js
connect.facebook.net/en_US/
Redirect Chain
  • http://connect.facebook.net/en_US/fbevents.js
  • https://connect.facebook.net/en_US/fbevents.js
126 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
1ada5b4d0b63b06d2bd668cd7d6597689796da41a434a675cfdbd2a1bddf251a
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
http://194.71.70.34.bc.googleusercontent.com/identificacao.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
30426
x-xss-protection
0
pragma
public
x-fb-debug
h6E00A1LC1RtQVaXvIg60lzfMCPcKBd9xIzTRuFuIOY5Krar2KOQh6wOXmqbPi4Icc48/C2uKZ1Z8ZRmhxqvpw==
x-fb-trip-id
420120009
date
Sat, 14 Dec 2019 16:43:30 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT

Redirect headers

Location
https://connect.facebook.net/en_US/fbevents.js
Non-Authoritative-Reason
HSTS
gateway.min.js
gateway.foresee.com/sites/magazineluiza/production/ 		47 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://gateway.foresee.com/sites/magazineluiza/production/gateway.min.js
Requested by
Host: 194.71.70.34.bc.googleusercontent.com
URL: http://194.71.70.34.bc.googleusercontent.com/identificacao.php
Protocol
HTTP/1.1
Server
13.224.196.41 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-224-196-41.fra2.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
21cffb2be61e194e6622dbb444309980cdbe8b5aada9cb0b9bb24f859b9bd93c

Request headers

Referer
http://194.71.70.34.bc.googleusercontent.com/identificacao.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 14 Dec 2019 13:47:40 GMT
Content-Encoding
gzip
Age
10551
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Status
200
Connection
keep-alive
Via
1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
Last-Modified
Wed, 02 Oct 2019 19:55:41 GMT
Server
nginx/1.12.1
ETag
W/"767f9f968dd3d72535820078dcbef89d"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=14400
X-Amz-Cf-Pop
FRA2-C1
Access-Control-Allow-Headers
X-Requested-With
X-Amz-Cf-Id
jlXP4BhdTz0ThMTP37XOnsVYBGZwiTOkTgnpO83NwBK7Qwn6GUErLQ==
Expires
Sat, 14 Dec 2019 01:19:03 GMT
bat.js
bat.bing.com/
Redirect Chain
  • http://bat.bing.com/bat.js
  • https://bat.bing.com/bat.js
23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
b139982ce002c53ddfb65aec1e90704c0a3704fc5aa35247f9323b74a1d3f721

Request headers

Referer
http://194.71.70.34.bc.googleusercontent.com/identificacao.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 14 Dec 2019 16:43:30 GMT
content-encoding
gzip
last-modified
Tue, 10 Sep 2019 18:57:28 GMT
x-msedge-ref
Ref A: F7A0427E93E44A939DB2EA2A6EAF5C87 Ref B: VIEEDGE0817 Ref C: 2019-12-14T16:43:30Z
access-control-allow-origin
*
etag
"09c5197968d51:0"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
7148

Redirect headers

Location
https://bat.bing.com/bat.js
Non-Authoritative-Reason
HSTS
gtm.js
www.googletagmanager.com/ 		71 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.googletagmanager.com/gtm.js?id=GTM-MLGXC37&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtm.js?id=GTM-5C2BX4
Protocol
HTTP/1.1
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4c5c6aa428cf83ff1073d4cff543c65e5d3acffd51b189cde7bf24e35472a6c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://194.71.70.34.bc.googleusercontent.com/identificacao.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 14 Dec 2019 16:43:30 GMT
Content-Encoding
gzip
Last-Modified
Sat, 14 Dec 2019 15:00:00 GMT
Server
Google Tag Manager
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
http://www.googletagmanager.com
Cache-Control
private, max-age=900
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Cache-Control
Content-Length
23492
X-XSS-Protection
0
Expires
Sat, 14 Dec 2019 16:43:30 GMT
ytc.js
s.yimg.com/wi/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: 194.71.70.34.bc.googleusercontent.com
URL: http://194.71.70.34.bc.googleusercontent.com/identificacao.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1 - Oath Holdings Inc., US),
Reverse DNS
Software
ATS /
Resource Hash
7edb2213c1f4f569617389783ba544f9997d11a1fc5e54406582b25967bfde66
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://194.71.70.34.bc.googleusercontent.com/identificacao.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 14 Dec 2019 16:22:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1267
x-amz-server-side-encryption
AES256
status
200
strict-transport-security
max-age=15552000
x-amz-request-id
5949EEB1D88274AB
x-amz-id-2
Dgezi7yQNpIFKrTQJIBSgjJPKzwtsN2/etMCpUWLPlzDpcqGuseYTAdJB+zv5pKY6qgP14Xps7k=
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Thu, 12 Nov 2020 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Tue, 08 Oct 2019 10:16:59 GMT
server
ATS
etag
"254a43f994019deb4ca1830f04bd5d32-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
x-amz-version-id
x4Y4HVRbF4l0Lw4GKvYmVr0DuE8bwWr0
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
accept-ranges
bytes
content-type
application/javascript
bg.png
s3-sa-east-1.amazonaws.com/frame-image-br/ 		0
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-sa-east-1.amazonaws.com/frame-image-br/bg.png?x-id=mag&x-r=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.163.26 São Paulo, Brazil, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-sa-east-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://194.71.70.34.bc.googleusercontent.com/identificacao.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 14 Dec 2019 16:43:32 GMT
Last-Modified
Thu, 04 May 2017 08:21:21 GMT
Server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:502/gname:staff/uname:user/gid:20/mode:33188/mtime:1493416832/atime:1493796970/md5:d41d8cd98f00b204e9800998ecf8427e/ctime:1493416832
x-amz-request-id
CB393278095E7E9A
ETag
"d41d8cd98f00b204e9800998ecf8427e"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
0
x-amz-id-2
GvZLWnXuuvblu8T3q60OFxH/QlR7RDKBXIWp08OAQRg92F951kvPzSQ1/DIHQ03j9dRj7WyUDSQ=
1670642596499607
connect.facebook.net/signals/config/ 		447 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1670642596499607?v=2.9.15&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
fce0d7c618e3e5cd62b1081a11733dc34f9383fc961160fb8fbea9ec8e6433e8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
http://194.71.70.34.bc.googleusercontent.com/identificacao.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
huI63YUnDgwGZ2z4z0Y/BkFkKnjRv6tsoyIag2T+WUyR+/UkZNpF223Gf60U3ITzCcOSFPI9DrWlro/9mKgXiA==
x-fb-trip-id
420120009
date
Sat, 14 Dec 2019 16:43:31 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://194.71.70.34.bc.googleusercontent.com/identificacao.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 14 Dec 2019 15:43:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
3594
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1306
x-xss-protection
0
expires
Sat, 14 Dec 2019 16:43:36 GMT
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://194.71.70.34.bc.googleusercontent.com/identificacao.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
594
date
Sat, 14 Dec 2019 16:33:37 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Sat, 14 Dec 2019 18:33:37 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1016806275&t=pageview&_s=1&dl=http%3A%2F%2F194.71.70.34.bc.googleusercontent.com%2Fidentificacao.php&dp=%2Fcarrinho&ul=en-us&de=UTF-8&dt=Saco...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-42817937-15&cid=2034126330.1576341811&jid=2110342659&_gid=81462119.1576341811&gjid=1452781787&_v=j79&z=1556123599
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-42817937-15&cid=2034126330.1576341811&jid=2110342659&_v=j79&z=1556123599
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-42817937-15&cid=2034126330.1576341811&jid=2110342659&_v=j79&z=1556123599&slf_rd=1&random=2886814865
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-42817937-15&cid=2034126330.1576341811&jid=2110342659&_v=j79&z=1556123599&slf_rd=1&random=2886814865
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://194.71.70.34.bc.googleusercontent.com/identificacao.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 14 Dec 2019 16:43:31 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 14 Dec 2019 16:43:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-42817937-15&cid=2034126330.1576341811&jid=2110342659&_v=j79&z=1556123599&slf_rd=1&random=2886814865
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
0
bat.bing.com/action/
Redirect Chain
  • http://bat.bing.com/action/0?ti=5283823&Ver=2&mid=d6bf3ba3-7aaf-6929-0275-1e56de7a41bc&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Sacola%20de%20compras%20-%20Magazine%20Luiza&p=http%3A%2F%2F194.71.70.3...
  • https://bat.bing.com/action/0?ti=5283823&Ver=2&mid=d6bf3ba3-7aaf-6929-0275-1e56de7a41bc&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Sacola%20de%20compras%20-%20Magazine%20Luiza&p=http%3A%2F%2F194.71.70....
0
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5283823&Ver=2&mid=d6bf3ba3-7aaf-6929-0275-1e56de7a41bc&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Sacola%20de%20compras%20-%20Magazine%20Luiza&p=http%3A%2F%2F194.71.70.34.bc.googleusercontent.com%2Fidentificacao.php%23%2F&r=&lt=1963&evt=pageLoad&msclkid=N&rn=922969
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://194.71.70.34.bc.googleusercontent.com/identificacao.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
pragma
no-cache
date
Sat, 14 Dec 2019 16:43:30 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: 3DA8A73F6CDC45E8A4BAE8F212CC988F Ref B: VIEEDGE0817 Ref C: 2019-12-14T16:43:31Z
access-control-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://bat.bing.com/action/0?ti=5283823&Ver=2&mid=d6bf3ba3-7aaf-6929-0275-1e56de7a41bc&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Sacola%20de%20compras%20-%20Magazine%20Luiza&p=http%3A%2F%2F194.71.70.34.bc.googleusercontent.com%2Fidentificacao.php%23%2F&r=&lt=1963&evt=pageLoad&msclkid=N&rn=922969
Non-Authoritative-Reason
HSTS
10047579.json
s.yimg.com/wi/config/ 		2 B
482 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/config/10047579.json
Requested by
Host: sacola.magazineluiza.com.br
URL: https://sacola.magazineluiza.com.br/static/app.bd5dbbb91315dac916b8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1 - Oath Holdings Inc., US),
Reverse DNS
Software
ATS /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://194.71.70.34.bc.googleusercontent.com/identificacao.php
Origin
http://194.71.70.34.bc.googleusercontent.com

Response headers

date
Sat, 14 Dec 2019 16:43:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1
status
200
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id
498531FB91E440B5
x-amz-id-2
ihXbBSWDMMILiULN23f+Z6dr3wLUG5ZNVpVQ7SwHCHN7L9yMuY7u5cL0v/xbg5+PgDrU0DCl96c=
referrer-policy
no-referrer-when-downgrade
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
fs.record.js
gateway.foresee.com/code/19.6.6/ 		61 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://gateway.foresee.com/code/19.6.6/fs.record.js
Requested by
Host: gateway.foresee.com
URL: http://gateway.foresee.com/sites/magazineluiza/production/gateway.min.js
Protocol
HTTP/1.1
Server
13.224.196.41 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-224-196-41.fra2.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
2d011ef47ab1a688388b1f225bcbae5e2a1a55a83854299984bf26d90b800d23

Request headers

Referer
http://194.71.70.34.bc.googleusercontent.com/identificacao.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 17 Sep 2019 01:09:13 GMT
Content-Encoding
gzip
X-Amz-Cf-Pop
FRA2-C1
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Status
200
Connection
keep-alive
Via
1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
Last-Modified
Thu, 19 Apr 2018 00:56:18 GMT
Server
nginx/1.12.1
ETag
W/"f0dc4615275a05f670fe9abb1fe424c0"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2419200
Access-Control-Allow-Headers
X-Requested-With
X-Amz-Cf-Id
2cNLKeVwerooOR3vDb2yXcPQPgRRGLET_FEeOeuulSh5kaQZzE-X5A==
Expires
Tue, 15 Oct 2019 01:09:13 GMT
fs.utils.js
gateway.foresee.com/code/19.6.6/ 		82 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://gateway.foresee.com/code/19.6.6/fs.utils.js
Requested by
Host: gateway.foresee.com
URL: http://gateway.foresee.com/sites/magazineluiza/production/gateway.min.js
Protocol
HTTP/1.1
Server
13.224.196.41 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-224-196-41.fra2.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
a143c20a0df6ae06245a89e0dafe6270df1e28863bb4edd564d6e4ec2936964d

Request headers

Referer
http://194.71.70.34.bc.googleusercontent.com/identificacao.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 21 Oct 2019 19:14:31 GMT
Content-Encoding
gzip
Age
1958545
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Status
200
Connection
keep-alive
Via
1.1 1d67a4c00b06651cb6daa95ec3f21f9b.cloudfront.net (CloudFront)
Last-Modified
Thu, 19 Apr 2018 00:56:18 GMT
Server
nginx/1.12.1
ETag
W/"9eeeac238b98d0ea0c89552cf9b8bb3c"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2419200
X-Amz-Cf-Pop
FRA2-C1
Access-Control-Allow-Headers
X-Requested-With
X-Amz-Cf-Id
Ro-3fh66dXPpbqDfO1tni_gCTouBEQv7fKk_rlsQs3WVQiGtYZ6EGw==
Expires
Mon, 18 Nov 2019 19:14:31 GMT
fs.trigger.js
gateway.foresee.com/code/19.6.6/ 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://gateway.foresee.com/code/19.6.6/fs.trigger.js
Requested by
Host: gateway.foresee.com
URL: http://gateway.foresee.com/sites/magazineluiza/production/gateway.min.js
Protocol
HTTP/1.1
Server
13.224.196.41 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-224-196-41.fra2.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
b578b681e28e66b74d7086a4b4c186a944e5647ff254eec929442184a45bbe5d

Request headers

Referer
http://194.71.70.34.bc.googleusercontent.com/identificacao.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 13 Dec 2019 01:15:47 GMT
Content-Encoding
gzip
Age
142064
X-Cache
Hit from cloudfront
Status
200
Connection
keep-alive
Content-Length
10049
Via
1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
Last-Modified
Thu, 19 Apr 2018 00:56:18 GMT
Server
nginx/1.12.1
ETag
W/"a6cf3a671a698307ba47422eebc2f9b3"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2419200
X-Amz-Cf-Pop
FRA2-C1
Access-Control-Allow-Headers
X-Requested-With
X-Amz-Cf-Id
sFbkUJrZlk1WdgY_WPbhbKLtzGViSNXYeIJZsDI2gLYekmawBb9bzQ==
Expires
Tue, 24 Dec 2019 01:38:44 GMT
events
analytics.foresee.com/ingest/ 		0
426 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://analytics.foresee.com/ingest/events
Requested by
Host: sacola.magazineluiza.com.br
URL: https://sacola.magazineluiza.com.br/static/app.bd5dbbb91315dac916b8.js
Protocol
HTTP/1.1
Server
52.1.244.191 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-1-244-191.compute-1.amazonaws.com
Software
nginx/1.17.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
http://194.71.70.34.bc.googleusercontent.com
Referer
http://194.71.70.34.bc.googleusercontent.com/identificacao.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type,request-api-version

Response headers

Date
Sat, 14 Dec 2019 16:43:31 GMT
Via
1.1 linkerd, 1.1 linkerd
Server
nginx/1.17.3
Access-Control-Allow-Methods
POST,OPTIONS,GET,HEAD
Access-Control-Allow-Origin
*
l5d-success-class
1.0
Connection
keep-alive
Access-Control-Allow-Headers
Origin,Authorization,X-Requested-With,Accept,Access-Control-Allow-Origin,Request-API-Version,Content-Length,Content-Type
Keep-Alive
timeout=65
events
analytics.foresee.com/ingest/ 		44 B
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://analytics.foresee.com/ingest/events
Protocol
HTTP/1.1
Server
52.1.244.191 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-1-244-191.compute-1.amazonaws.com
Software
nginx/1.17.3 /
Resource Hash
5b0bd6db5dc4714868a5e5a0c844bc9fb9222d9e43a0a843850f56f808950360
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept
*/*
Referer
http://194.71.70.34.bc.googleusercontent.com/identificacao.php
Origin
http://194.71.70.34.bc.googleusercontent.com
Request-API-Version
1.0.0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Date
Sat, 14 Dec 2019 16:43:31 GMT
Via
1.1 linkerd, 1.1 linkerd
Brain-Server-Version
1.9.2
l5d-success-class
1.0
Connection
keep-alive
App-Info
fsevents 1.9.2
content-encoding
gzip
Content-Length
60
X-XSS-Protection
0
Pragma
no-cache
Server
nginx/1.17.3
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
private, no-cache, no-store, must-revalidate
Keep-Alive
timeout=65
Expires
-1

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Magazine Luiza (Consumer)

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| MAGALU_CHANNEL object| SENTRY_RELEASE object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| __SENTRY__ function| _ object| dataLayer string| GoogleAnalyticsObject function| ga object| JSEncryptExports function| JSEncrypt function| TxEncrypt object| KJUR object| Hex object| Base64 function| ASN1 object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager function| postscribe object| completeFunnel string| stringFunnel object| arrayFunnel number| stepIndex function| completeArrayFunnel function| toStringFunnel function| saveCurrentFunnel function| gaEventPush function| strSanitize function| getCookie function| getParameterByName function| setCookie function| getDirtyJSON object| ML_GTM object| CryptoJS string| fb_protocol function| fbq function| _fbq function| fsReady object| uetq function| GoopCookie undefined| goopBrand object| dotq function| UET object| YAHOO undefined| I13N_Conf undefined| YWA_Global_Conf function| _acsDefine function| _fsDefine function| _acsRequire function| _fsRequire object| FSR object| FSFB function| _acsNormalizeUrl function| _fsNormalizeUrl function| _fsNormalizeAssetUrl function| acsReady object| __fsJSONPCBr function| __fsJSONPCB function| __acsReady__ function| __fsReady__

3 Cookies

Domain/Path Name / Value
.googleusercontent.com/ Name: _gcl_au
Value: 1.1.2008178576.1576341811
.googleusercontent.com/ Name: _gid
Value: GA1.2.81462119.1576341811
.googleusercontent.com/ Name: _ga
Value: GA1.2.2034126330.1576341811

2 Console Messages

Source Level URL
Text
console-api log URL: https://sacola.magazineluiza.com.br/static/app.bd5dbbb91315dac916b8.js(Line 2)
Message:
[GOOP 0.9.14] '00.'
console-api log URL: https://sacola.magazineluiza.com.br/static/app.bd5dbbb91315dac916b8.js(Line 2)
Message:
[GOOP 0.9.14] '00.' Triggering event: 'goop_cookie_ready'

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

194.71.70.34.bc.googleusercontent.com
analytics.foresee.com
bat.bing.com
connect.facebook.net
gateway.foresee.com
s.yimg.com
s3-sa-east-1.amazonaws.com
sacola.magazineluiza.com.br
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
13.224.196.41
151.80.204.62
2620:1ec:c11::200
2a00:1288:f03d:1fa::2000
2a00:1450:4001:800::2004
2a00:1450:4001:808::200e
2a00:1450:4001:80b::2008
2a00:1450:4001:825::2003
2a00:1450:400c:c00::9a
2a03:2880:f01c:8012:face:b00c:0:3
34.70.71.194
52.1.244.191
52.95.163.26
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
1ada5b4d0b63b06d2bd668cd7d6597689796da41a434a675cfdbd2a1bddf251a
1f2fc2c1175d0e4fb096fbe5791aa619eea034bc52b6f13d6032fc087753ee46
21cffb2be61e194e6622dbb444309980cdbe8b5aada9cb0b9bb24f859b9bd93c
2d011ef47ab1a688388b1f225bcbae5e2a1a55a83854299984bf26d90b800d23
35f27aefe0ce354dbe29cc71f1e8475b022c54d2c01b1d5d4a617cdb7801f3d0
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4c5c6aa428cf83ff1073d4cff543c65e5d3acffd51b189cde7bf24e35472a6c5
58835d6f7913ba153b5e7179c3d3f99057e465bf89b59b98fdcd3bee493fee61
5b0bd6db5dc4714868a5e5a0c844bc9fb9222d9e43a0a843850f56f808950360
5dcba352761ff6f587b0a04958c66c864fdec539f8215612e92b42c6c6c5c46f
674f2e142c0c2672949779553e250874c544a583c64a5e42481cef0ae82c8ecc
7edb2213c1f4f569617389783ba544f9997d11a1fc5e54406582b25967bfde66
a04fc5dfd31c726717a79da8c1545ca2ae3705ce7cb2bd7e4d9bc9f08dc9e5f8
a143c20a0df6ae06245a89e0dafe6270df1e28863bb4edd564d6e4ec2936964d
b139982ce002c53ddfb65aec1e90704c0a3704fc5aa35247f9323b74a1d3f721
b578b681e28e66b74d7086a4b4c186a944e5647ff254eec929442184a45bbe5d
d72fb107c95c2170e78e58796e350ec53681a2f768c49a3ed4e4840ea9999c5e
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fce0d7c618e3e5cd62b1081a11733dc34f9383fc961160fb8fbea9ec8e6433e8