app.rdstation.email Open in urlscan Pro
104.198.189.172 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://secure-web.cisco.com/1M_8ydsSBSj48PE2j-8SVl7IZdY0RDsp_wWXTT7rqmFaHJreRj3oL69q0gj5MrgMMsc9HE2vJi5mWSIGV6q2tEYVMzRi8M8d...
Effective URL:
https://app.rdstation.email/mail/8196d256-ec4f-4c6c-b55c-34b0521a334a?utm_campaign=13-11-19-08h-green-flag-nc-turismo&utm_me...
Submission: On November 13 via api (November 13th 2019, 11:41:28 am UTC) from US

Summary HTTP 9 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 6 domains to perform 9 HTTP transactions. The main IP is 104.198.189.172, located in United States and belongs to GOOGLE - Google LLC, US. The main domain is app.rdstation.email.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 26th 2019. Valid for: 2 years.

This is the only time app.rdstation.email was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2620:101:2005... 2620:101:2005:11f0::1001	16417 (IRONPORT-...) (IRONPORT-SYSTEMS-INC - Cisco Systems Ironport Division)
1 1	167.89.115.56 167.89.115.56	11377 (SENDGRID) (SENDGRID - SendGrid)
1	104.198.189.172 104.198.189.172	15169 (GOOGLE) (GOOGLE - Google LLC)
5	151.80.204.61 151.80.204.61	16276 (OVH) (OVH)
1	13.225.84.2 13.225.84.2	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	151.101.114.110 151.101.114.110	54113 (FASTLY) (FASTLY - Fastly)
1	162.247.242.19 162.247.242.19	23467 (NEWRELIC-...) (NEWRELIC-AS-1 - New Relic)
9	5

1 2620:101:2005:11f0::1001 (United States) 1 redirects

ASN16417 (IRONPORT-SYSTEMS-INC - Cisco Systems Ironport Division, US)

secure-web.cisco.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.89.115.56 (United States) 1 redirects

ASN11377 (SENDGRID - SendGrid, Inc., US)
PTR: o16789115x56.outbound-mail.sendgrid.net

t.news.lacadordeofertas.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.198.189.172 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 172.189.198.104.bc.googleusercontent.com

app.rdstation.email	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.80.204.61 (Roubaix, France)

ASN16276 (OVH, FR)
PTR: ip61.ip-151-80-204.eu

img.lacadordeofertas.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.84.2 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-225-84-2.fra2.r.cloudfront.net

d335luupugsy2.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.242.19 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1 - New Relic, US)
PTR: bam-7.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	lacadordeofertas.com.br 1 redirects t.news.lacadordeofertas.com.br img.lacadordeofertas.com.br	137 KB
1	nr-data.net bam.nr-data.net	261 B
1	newrelic.com js-agent.newrelic.com	9 KB
1	cloudfront.net d335luupugsy2.cloudfront.net	123 KB
1	rdstation.email app.rdstation.email	12 KB
1	cisco.com 1 redirects secure-web.cisco.com	1 KB
9	6

	Domain	Requested by
5	img.lacadordeofertas.com.br	app.rdstation.email
1	bam.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	app.rdstation.email
1	d335luupugsy2.cloudfront.net	app.rdstation.email
1	app.rdstation.email
1	t.news.lacadordeofertas.com.br	1 redirects
1	secure-web.cisco.com	1 redirects
9	7

This site contains links to these domains. Also see Links.

Domain
www.lacadordeofertas.com.br

Subject Issuer	Validity	Valid
*.rdstation.email Sectigo RSA Domain Validation Secure Server CA	`2019-09-26` - `2021-09-25`	2 years	crt.sh
azion.com GlobalSign CloudSSL CA - SHA256 - G3	`2019-04-01` - `2020-04-30`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-04-10` - `2020-03-21`	a year	crt.sh
*.nr-data.net GeoTrust RSA CA 2018	`2018-01-11` - `2020-03-17`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://app.rdstation.email/mail/8196d256-ec4f-4c6c-b55c-34b0521a334a?utm_campaign=13-11-19-08h-green-flag-nc-turismo&utm_medium=email&utm_source=RD+Station
Frame ID: 2715D92B0E89D55C5526404E79048397
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://secure-web.cisco.com/1M_8ydsSBSj48PE2j-8SVl7IZdY0RDsp_wWXTT7rqmFaHJreRj3oL69q0gj5MrgMMsc9HE2vJi5m... HTTP 302
http://t.news.lacadordeofertas.com.br/wf/click?upn=dqbpew86tEapEnV8R4i4B4xlvhextm-2F6XeitgT5baxWOjjoJluVMcsy6hNHV8... HTTP 302
https://app.rdstation.email/mail/8196d256-ec4f-4c6c-b55c-34b0521a334a?utm_campaign=13-11-19-08h-green-fl... Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

9
Requests

100 %
HTTPS

14 %
IPv6

6
Domains

7
Subdomains

5
IPs

3
Countries

281 kB
Transfer

349 kB
Size

1
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.lacadordeofertas.com.br/?utm_campaign=13-11-19-08h-green-flag-nc-turismo&utm_medium=email&utm_source=RD+Station
Title:

Search URL Search Domain Scan URL

URL: https://www.lacadordeofertas.com.br/categorias/vem-feriado/rs?utm_campaign=13-11-19-08h-green-flag-nc-turismo&utm_medium=email&utm_source=RD+Station
Title:

Search URL Search Domain Scan URL

URL: https://www.lacadordeofertas.com.br/oferta/novo-hamburgo/grupo-primavera-novo-hamburgo/grupo-primavera-churrasco-buffet-completo-sobremesa-novo-hamburgo?utm_campaign=13-11-19-08h-green-flag-nc-turismo&utm_medium=email&utm_source=RD+Station
Title: Quero essa oferta

Search URL Search Domain Scan URL

URL: https://www.lacadordeofertas.com.br/oferta/gramado-canela/pizzaria-hector-gramado/rodizio-de-pizzas-tematicas-gramado-desconto-promocao?utm_campaign=13-11-19-08h-green-flag-nc-turismo&utm_medium=email&utm_source=RD+Station
Title: Quero essa oferta

Search URL Search Domain Scan URL

URL: https://www.lacadordeofertas.com.br/oferta/gramado-canela/alpine-la-table/fondue-na-pedra-sequencia-semana-das-criancas?utm_campaign=13-11-19-08h-green-flag-nc-turismo&utm_medium=email&utm_source=RD+Station
Title: Quero essa oferta

Search URL Search Domain Scan URL

URL: https://www.lacadordeofertas.com.br/oferta/gramado-canela/salao-super-carros/ingresso-salao-super-carros-cinema-9d-aniversario?utm_campaign=13-11-19-08h-green-flag-nc-turismo&utm_medium=email&utm_source=RD+Station
Title: Quero essa oferta

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://secure-web.cisco.com/1M_8ydsSBSj48PE2j-8SVl7IZdY0RDsp_wWXTT7rqmFaHJreRj3oL69q0gj5MrgMMsc9HE2vJi5mWSIGV6q2tEYVMzRi8M8dKv5Ky3I8Y3mmvFwoxtDpnIs7m7zkyQ1XHTLgF7oGAfhL311hL_OEhsyp_bNKoncSEJmS3D9qBB_A83jUxph-dLFJBXg-EkOESnonjgIT-vKnh9VhbehvR0eT0AUPViT3mIWdCtxN1g7ek0CzfFIEj2tHEcgk06FWqo7TdRB-sLkXKpjdowfR9XHjCgW2N-V-226pC-ig1IbRxwOPkm1kMMj3uSLYCtOjmhXF3kTzpZ5H33ce-0zJJcg/http%3A%2F%2Ft.news.lacadordeofertas.com.br%2Fwf%2Fclick%3Fupn%3Ddqbpew86tEapEnV8R4i4B4xlvhextm-2F6XeitgT5baxWOjjoJluVMcsy6hNHV8u350myxMMB7NQeYWdWo-2BWojh9QgKtSpAb8y9HUv2CGNSoUWSB6pw8Edi-2FGq6fBc6PlD7heD3WpOeeU96jF13zXQ4QDimoyVvDzdooEQJnI-2Bsmipcfg9rOCfsGMByLpvkagb05rcwhGFJfFKtxv-2FLhjsP6h0ssBeUKukWvJaFsQyyQM-3D_a0CozdHDIYk-2F-2FE-2BofPglZvaqraPvc9UKAnsYWwllAxd7ZAJzyge-2FMncBcqa8HECI4m1xGs2f5sgqX-2BVIP9Rad46Q97vcnJooGVFJgthipv-2BYJOVJpcJBvqxC5iSjEzQuzY0YXomrpFt0hpS1Q6HuSwVVUZrmC9fz2uwtCqMXBJFPgyW5g5epm-2BoAzZvQFM7D8VTziSFgcBfvQaqDz7VXt8fI3RbAdVXyWI95OBTXy9IE2zW3urFZhLfss90luBOchCYhTW4iaZYZXTzMsIZvXkfSmxCkYPELuEGVKzwPk5D9VWnUty5C6lg4cDWDbWe1tAexI1PiX2allHTRdrvgHUksbVUn-2BqAaWXh8zjzPzyO8IeStb5Gd0jkx7YjexF62vC7jYq5dPbA8HTcOxYqDVgCgpUhLFeIJoUNG6I0JBzTzLvr42Lt-2Fsyj743COo4DTcrM0-2BBXUu9DzwCUzk5aXZuAvM8pVTf9s3deRXAjDelvJfBK2oEUF-2BsDE1prypGhN HTTP 302
http://t.news.lacadordeofertas.com.br/wf/click?upn=dqbpew86tEapEnV8R4i4B4xlvhextm-2F6XeitgT5baxWOjjoJluVMcsy6hNHV8u350myxMMB7NQeYWdWo-2BWojh9QgKtSpAb8y9HUv2CGNSoUWSB6pw8Edi-2FGq6fBc6PlD7heD3WpOeeU96jF13zXQ4QDimoyVvDzdooEQJnI-2Bsmipcfg9rOCfsGMByLpvkagb05rcwhGFJfFKtxv-2FLhjsP6h0ssBeUKukWvJaFsQyyQM-3D_a0CozdHDIYk-2F-2FE-2BofPglZvaqraPvc9UKAnsYWwllAxd7ZAJzyge-2FMncBcqa8HECI4m1xGs2f5sgqX-2BVIP9Rad46Q97vcnJooGVFJgthipv-2BYJOVJpcJBvqxC5iSjEzQuzY0YXomrpFt0hpS1Q6HuSwVVUZrmC9fz2uwtCqMXBJFPgyW5g5epm-2BoAzZvQFM7D8VTziSFgcBfvQaqDz7VXt8fI3RbAdVXyWI95OBTXy9IE2zW3urFZhLfss90luBOchCYhTW4iaZYZXTzMsIZvXkfSmxCkYPELuEGVKzwPk5D9VWnUty5C6lg4cDWDbWe1tAexI1PiX2allHTRdrvgHUksbVUn-2BqAaWXh8zjzPzyO8IeStb5Gd0jkx7YjexF62vC7jYq5dPbA8HTcOxYqDVgCgpUhLFeIJoUNG6I0JBzTzLvr42Lt-2Fsyj743COo4DTcrM0-2BBXUu9DzwCUzk5aXZuAvM8pVTf9s3deRXAjDelvJfBK2oEUF-2BsDE1prypGhN HTTP 302
https://app.rdstation.email/mail/8196d256-ec4f-4c6c-b55c-34b0521a334a?utm_campaign=13-11-19-08h-green-flag-nc-turismo&utm_medium=email&utm_source=RD+Station Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 8196d256-ec4f-4c6c-b55c-34b0521a334a Show response
app.rdstation.email/mail/
Redirect Chain

http://secure-web.cisco.com/1M_8ydsSBSj48PE2j-8SVl7IZdY0RDsp_wWXTT7rqmFaHJreRj3oL69q0gj5MrgMMsc9HE2vJi5mWSIGV6q2tEYVMzRi8M8dKv5Ky3I8Y3mmvFwoxtDpnIs7m7zkyQ1XHTLgF7oGAfhL311hL_OEhsyp_bNKoncSEJmS3D9qB...
http://t.news.lacadordeofertas.com.br/wf/click?upn=dqbpew86tEapEnV8R4i4B4xlvhextm-2F6XeitgT5baxWOjjoJluVMcsy6hNHV8u350myxMMB7NQeYWdWo-2BWojh9QgKtSpAb8y9HUv2CGNSoUWSB6pw8Edi-2FGq6fBc6PlD7heD3WpOeeU9...
https://app.rdstation.email/mail/8196d256-ec4f-4c6c-b55c-34b0521a334a?utm_campaign=13-11-19-08h-green-flag-nc-turismo&utm_medium=email&utm_source=RD+Station

67 KB
12 KB

555ms
298ms

Document
text/html

104.198.189.172
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://app.rdstation.email/mail/8196d256-ec4f-4c6c-b55c-34b0521a334a?utm_campaign=13-11-19-08h-green-flag-nc-turismo&utm_medium=email&utm_source=RD+Station

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.198.189.172 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

172.189.198.104.bc.googleusercontent.com

Software

nginx/1.15.8 /

Resource Hash

67edc86bb41d19e6e21c6dbd69b86a389f84f565c19cc68af9f3854084d14b0a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: http: wss:; font-src 'self' https: data:; img-src 'self' https: data: http:; object-src 'self'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' http: blob:; style-src 'self' https: 'unsafe-inline' http: blob:
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: app.rdstation.email
:scheme: https
:path: /mail/8196d256-ec4f-4c6c-b55c-34b0521a334a?utm_campaign=13-11-19-08h-green-flag-nc-turismo&utm_medium=email&utm_source=RD+Station
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
server: nginx/1.15.8
date: Wed, 13 Nov 2019 11:41:09 GMT
content-type: text/html; charset=utf-8
etag: W/"67edc86bb41d19e6e21c6dbd69b86a38"
cache-control: max-age=0, private, must-revalidate
vary: Accept-Encoding
content-encoding: gzip
set-cookie: _session_id=ef9640961885900e3654ac15958d064e; path=/; expires=Thu, 14 Nov 2019 11:41:09 -0000; HttpOnly; secure; SameSite=Lax
x-request-id: 15dad674fe168aa71982d7704803104f
x-runtime: 0.181179
content-security-policy: default-src 'self' https: http: wss:; font-src 'self' https: data:; img-src 'self' https: data: http:; object-src 'self'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' http: blob:; style-src 'self' https: 'unsafe-inline' http: blob:
strict-transport-security: max-age=15724800; includeSubDomains
referrer-policy: unsafe-url
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block

Redirect headers

Server: nginx
Date: Wed, 13 Nov 2019 11:41:08 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://app.rdstation.email/mail/8196d256-ec4f-4c6c-b55c-34b0521a334a?utm_campaign=13-11-19-08h-green-flag-nc-turismo&utm_medium=email&utm_source=RD+Station
X-Robots-Tag: noindex, nofollow

GET
H2 200 NTU0Nl8vdG1wL3BocFpvNHdTcV8xNTAwNTc0NzM5.png
img.lacadordeofertas.com.br/site/ 5 KB
5 KB 258ms
13ms Image
image/webp 151.80.204.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.lacadordeofertas.com.br/site/NTU0Nl8vdG1wL3BocFpvNHdTcV8xNTAwNTc0NzM5.png?ims=130x48
Requested by: Host: app.rdstation.email
URL: https://app.rdstation.email/mail/8196d256-ec4f-4c6c-b55c-34b0521a334a?utm_campaign=13-11-19-08h-green-flag-nc-turismo&utm_medium=email&utm_source=RD+Station
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.80.204.61 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-151-80-204.eu
Software: Azion IMS /
Resource Hash: 13bf3622b7e74002dc429c2556716ed766a7bab778261b5673b0693fb6aa957c

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://app.rdstation.email/mail/8196d256-ec4f-4c6c-b55c-34b0521a334a?utm_campaign=13-11-19-08h-green-flag-nc-turismo&utm_medium=email&utm_source=RD+Station
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 Nov 2019 11:41:09 GMT
status: 200
server: Azion IMS
x-ims: Enabled
vary: Accept
content-type: image/webp
x-original-image-size: 34252
cache-control: max-age=604800
content-length: 4670
expires: Wed, 20 Nov 2019 11:41:09 GMT

GET
H2 200 $cn9m1urzpgo
d335luupugsy2.cloudfront.net/cms/files/28140/1573577329/ 122 KB
123 KB 1080ms
1047ms Image
image/png 13.225.84.2
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d335luupugsy2.cloudfront.net/cms/files/28140/1573577329/$cn9m1urzpgo
Requested by: Host: app.rdstation.email
URL: https://app.rdstation.email/mail/8196d256-ec4f-4c6c-b55c-34b0521a334a?utm_campaign=13-11-19-08h-green-flag-nc-turismo&utm_medium=email&utm_source=RD+Station
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.84.2 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-225-84-2.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: de6e2fc802d0a2298e9adae01ece79f0e41271367515b51aca66b5f08672b6bf

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://app.rdstation.email/mail/8196d256-ec4f-4c6c-b55c-34b0521a334a?utm_campaign=13-11-19-08h-green-flag-nc-turismo&utm_medium=email&utm_source=RD+Station
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 Nov 2019 11:41:11 GMT
via: 1.1 6c9a2d99a25484f38efa27d58a726b2d.cloudfront.net (CloudFront)
last-modified: Tue, 12 Nov 2019 17:42:51 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "4f5ab5258b42861533cf9de53a10ee87"
x-cache: Miss from cloudfront
x-amz-version-id: YLzE3MTzogWqtTspoZk_jaZDizmXP6Xl
status: 200
accept-ranges: bytes
content-type: image/png
content-length: 125162
x-amz-cf-id: 5mKQFIGTo6Wd1f3_R9axP9XBusDi_JQU2DlpdD-uZDItlqbp3U_j8A==

GET
H2 200 NjE0N18vdG1wL3BocElNWWlyVV8xNDY2NjI2MTQ0.jpg
img.lacadordeofertas.com.br/site/ 22 KB
22 KB 255ms
13ms Image
image/webp 151.80.204.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.lacadordeofertas.com.br/site/NjE0N18vdG1wL3BocElNWWlyVV8xNDY2NjI2MTQ0.jpg?ims=280x181
Requested by: Host: app.rdstation.email
URL: https://app.rdstation.email/mail/8196d256-ec4f-4c6c-b55c-34b0521a334a?utm_campaign=13-11-19-08h-green-flag-nc-turismo&utm_medium=email&utm_source=RD+Station
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.80.204.61 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-151-80-204.eu
Software: Azion IMS /
Resource Hash: 250e643074a5edad975de32182be6bdffe827403dc621a30ea2dd6b4797df8ae

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://app.rdstation.email/mail/8196d256-ec4f-4c6c-b55c-34b0521a334a?utm_campaign=13-11-19-08h-green-flag-nc-turismo&utm_medium=email&utm_source=RD+Station
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 Nov 2019 11:41:09 GMT
status: 200
server: Azion IMS
x-ims: Enabled
vary: Accept
content-type: image/webp
x-original-image-size: 122403
cache-control: max-age=604800
content-length: 22116
expires: Wed, 20 Nov 2019 11:41:09 GMT

GET
H2 200 MTU4NTFfL3RtcC9waHBZWG12Wm1fMTU3MTQyNzM3OQ==.jpg
img.lacadordeofertas.com.br/site/ 12 KB
13 KB 255ms
14ms Image
image/webp 151.80.204.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.lacadordeofertas.com.br/site/MTU4NTFfL3RtcC9waHBZWG12Wm1fMTU3MTQyNzM3OQ==.jpg?ims=280x181
Requested by: Host: app.rdstation.email
URL: https://app.rdstation.email/mail/8196d256-ec4f-4c6c-b55c-34b0521a334a?utm_campaign=13-11-19-08h-green-flag-nc-turismo&utm_medium=email&utm_source=RD+Station
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.80.204.61 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-151-80-204.eu
Software: Azion IMS /
Resource Hash: a63d265e9998d34c7a74fd38fa259cdb5fee1d64d92bbdc132a4b3f0db0ebb99

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://app.rdstation.email/mail/8196d256-ec4f-4c6c-b55c-34b0521a334a?utm_campaign=13-11-19-08h-green-flag-nc-turismo&utm_medium=email&utm_source=RD+Station
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 Nov 2019 11:41:09 GMT
status: 200
server: Azion IMS
x-ims: Enabled
vary: Accept
content-type: image/webp
x-original-image-size: 87439
cache-control: max-age=604800
content-length: 12738
expires: Wed, 20 Nov 2019 11:41:09 GMT

GET
H2 200 MTQ2MDNfL3RtcC9waHA1T2FEbDZfMTU1MzAyMjE2MA==.jpg
img.lacadordeofertas.com.br/site/ 36 KB
36 KB 266ms
26ms Image
image/webp 151.80.204.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.lacadordeofertas.com.br/site/MTQ2MDNfL3RtcC9waHA1T2FEbDZfMTU1MzAyMjE2MA==.jpg?ims=618x398
Requested by: Host: app.rdstation.email
URL: https://app.rdstation.email/mail/8196d256-ec4f-4c6c-b55c-34b0521a334a?utm_campaign=13-11-19-08h-green-flag-nc-turismo&utm_medium=email&utm_source=RD+Station
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.80.204.61 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-151-80-204.eu
Software: Azion IMS /
Resource Hash: fb7af55d0540d6cd006460029b369f9392224a20a6eb449133c5013a12d94fc3

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://app.rdstation.email/mail/8196d256-ec4f-4c6c-b55c-34b0521a334a?utm_campaign=13-11-19-08h-green-flag-nc-turismo&utm_medium=email&utm_source=RD+Station
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 Nov 2019 11:41:09 GMT
status: 200
server: Azion IMS
x-ims: Enabled
vary: Accept
content-type: image/webp
x-original-image-size: 99147
cache-control: max-age=604800
content-length: 37050
expires: Wed, 20 Nov 2019 11:41:09 GMT

GET
H2 200 NzM4N18vdG1wL3BocEJsV3lmeV8xNTAwOTE4OTUw.jpg
img.lacadordeofertas.com.br/site/ 61 KB
61 KB 266ms
26ms Image
image/webp 151.80.204.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.lacadordeofertas.com.br/site/NzM4N18vdG1wL3BocEJsV3lmeV8xNTAwOTE4OTUw.jpg?ims=618x398
Requested by: Host: app.rdstation.email
URL: https://app.rdstation.email/mail/8196d256-ec4f-4c6c-b55c-34b0521a334a?utm_campaign=13-11-19-08h-green-flag-nc-turismo&utm_medium=email&utm_source=RD+Station
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.80.204.61 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-151-80-204.eu
Software: Azion IMS /
Resource Hash: 46f422ce42eb750493fb61d0cdc96db2ee298c0d3538c95f2261b1c90e01630d

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://app.rdstation.email/mail/8196d256-ec4f-4c6c-b55c-34b0521a334a?utm_campaign=13-11-19-08h-green-flag-nc-turismo&utm_medium=email&utm_source=RD+Station
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 Nov 2019 11:41:09 GMT
status: 200
server: Azion IMS
x-ims: Enabled
vary: Accept
content-type: image/webp
x-original-image-size: 121055
cache-control: max-age=604800
content-length: 62230
expires: Wed, 20 Nov 2019 11:41:09 GMT

GET
H2 200 nr-1130.min.js Show response
js-agent.newrelic.com/ 24 KB
9 KB 6ms
6ms Script
application/javascript 151.101.114.110
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1130.min.js
Requested by: Host: app.rdstation.email
URL: https://app.rdstation.email/mail/8196d256-ec4f-4c6c-b55c-34b0521a334a?utm_campaign=13-11-19-08h-green-flag-nc-turismo&utm_medium=email&utm_source=RD+Station
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0e78b8cde09dbe0fc473f87bc77ec30ccc56780398d8676cf93c4aaec432257f

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://app.rdstation.email/mail/8196d256-ec4f-4c6c-b55c-34b0521a334a?utm_campaign=13-11-19-08h-green-flag-nc-turismo&utm_medium=email&utm_source=RD+Station
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 Nov 2019 11:41:11 GMT
content-encoding: gzip
x-amz-request-id: FC2E5E9385FF35C9
x-cache: HIT
status: 200
content-length: 9407
x-amz-id-2: 3XNtuktyD4wqrPKGubF2M/YqUHo1gnfCUg2ZcA6WpCpRhqESM5LEOkXHaOHxrPCQ1vUCnpmkB8M=
x-served-by: cache-hhn4033-HHN
last-modified: Tue, 09 Jul 2019 23:52:06 GMT
server: AmazonS3
x-timer: S1573645271.169676,VS0,VE0
etag: "73f8857196b9ef7fd3b302cbc557b8ac"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 7059

GET
H/1.1 200
OK 98debe0088 Show response
bam.nr-data.net/1/ 57 B
261 B 106ms
106ms Script
text/javascript 162.247.242.19
New Relic

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/98debe0088?a=22367170&v=1130.54e767a&to=dF9ZQ0oJWlhRR00IA15cXllfSVNZVVwOShFfX0A%3D&rst=2889&ref=https://app.rdstation.email/mail/8196d256-ec4f-4c6c-b55c-34b0521a334a&ap=179&be=1256&fe=2858&dc=1449&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1573645268306,%22n%22:0,%22f%22:692,%22dn%22:694,%22dne%22:725,%22c%22:725,%22s%22:835,%22ce%22:950,%22rq%22:950,%22rp%22:1248,%22rpe%22:1359,%22dl%22:1252,%22di%22:1449,%22ds%22:1449,%22de%22:1449,%22dc%22:2856,%22l%22:2856,%22le%22:2860%7D,%22navigation%22:%7B%7D%7D&fp=1260&fcp=1482&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1130.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.19 San Francisco, United States, ASN23467 (NEWRELIC-AS-1 - New Relic, US),
Reverse DNS: bam-7.nr-data.net
Software: /
Resource Hash: f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://app.rdstation.email/mail/8196d256-ec4f-4c6c-b55c-34b0521a334a?utm_campaign=13-11-19-08h-green-flag-nc-turismo&utm_medium=email&utm_source=RD+Station
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 57
Content-Type: text/javascript;charset=ISO-8859-1

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			app.rdstation.email/	1970-01-19 05:08:51	Name: _session_id Value: ef9640961885900e3654ac15958d064e

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' https: http: wss:; font-src 'self' https: data:; img-src 'self' https: data: http:; object-src 'self'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' http: blob:; style-src 'self' https: 'unsafe-inline' http: blob:
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.rdstation.email
bam.nr-data.net
d335luupugsy2.cloudfront.net
img.lacadordeofertas.com.br
js-agent.newrelic.com
secure-web.cisco.com
t.news.lacadordeofertas.com.br
104.198.189.172
13.225.84.2
151.101.114.110
151.80.204.61
162.247.242.19
167.89.115.56
2620:101:2005:11f0::1001
0e78b8cde09dbe0fc473f87bc77ec30ccc56780398d8676cf93c4aaec432257f
13bf3622b7e74002dc429c2556716ed766a7bab778261b5673b0693fb6aa957c
250e643074a5edad975de32182be6bdffe827403dc621a30ea2dd6b4797df8ae
46f422ce42eb750493fb61d0cdc96db2ee298c0d3538c95f2261b1c90e01630d
67edc86bb41d19e6e21c6dbd69b86a389f84f565c19cc68af9f3854084d14b0a
a63d265e9998d34c7a74fd38fa259cdb5fee1d64d92bbdc132a4b3f0db0ebb99
de6e2fc802d0a2298e9adae01ece79f0e41271367515b51aca66b5f08672b6bf
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23
fb7af55d0540d6cd006460029b369f9392224a20a6eb449133c5013a12d94fc3

app.rdstation.email Open in urlscan Pro 104.198.189.172 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

9 Requests

100 %HTTPS

14 %IPv6

6 Domains

7 Subdomains

5 IPs

3 Countries

281 kBTransfer

349 kBSize

1 Cookies

6 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

app.rdstation.email Open in urlscan Pro
104.198.189.172 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

14 %
IPv6

6
Domains

7
Subdomains

5
IPs

3
Countries

281 kB
Transfer

349 kB
Size

1
Cookies

9 HTTP transactions
0 data transactions