codigopromouber.serveftp.com Open in urlscan Pro
185.35.138.220 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://cyhxiiqhoxstzzz5qdmmna7vvsxdqwacv.viajando2019.link/
Effective URL:
http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR
Submission: On January 22 via manual (January 22nd 2019, 8:18:00 pm UTC) from BR

Summary HTTP 85 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 12 domains to perform 85 HTTP transactions. The main IP is 185.35.138.220, located in Netherlands and belongs to ZYZTM, NL. The main domain is codigopromouber.serveftp.com.

This is the only time codigopromouber.serveftp.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Uber (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
1 1	75.126.100.5 75.126.100.5	36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.)
1 20	185.35.138.220 185.35.138.220	62454 (ZYZTM) (ZYZTM)
1	104.111.230.50 104.111.230.50	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	23.57.31.217 23.57.31.217	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	54.164.74.111 54.164.74.111	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
5 5	2a00:1450:400... 2a00:1450:4001:816::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
5 5	2a00:1450:400... 2a00:1450:4001:824::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
5	2a00:1450:400... 2a00:1450:4001:819::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
4	13.32.222.188 13.32.222.188	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
85	7

1 75.126.100.5 (Dallas, United States) 1 redirects

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: 5.64.7e4b.ip4.static.sl-reverse.com

cyhxiiqhoxstzzz5qdmmna7vvsxdqwacv.viajando2019.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 185.35.138.220 (Netherlands) 1 redirects

ASN62454 (ZYZTM, NL)
PTR: 185-35-138-220.v4.as62454.net

codigopromouber.serveftp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.230.50 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-230-50.deploy.static.akamaitechnologies.com

a745050198.cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.57.31.217 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-57-31-217.deploy.static.akamaitechnologies.com

cdn3.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.164.74.111 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-164-74-111.compute-1.amazonaws.com

logx.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:816::2002 (Ireland) 5 redirects

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:824::2004 (Ireland) 5 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:819::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.32.222.188 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-222-188.fra56.r.cloudfront.net

d1a3f4spazzrp4.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	serveftp.com 1 redirects codigopromouber.serveftp.com	1 MB
5	google.de www.google.de	545 B
5	google.com 5 redirects www.google.com	3 KB
5	doubleclick.net 5 redirects googleads.g.doubleclick.net	3 KB
4	cloudfront.net d1a3f4spazzrp4.cloudfront.net	40 KB
3	optimizely.com a745050198.cdn.optimizely.com cdn3.optimizely.com logx.optimizely.com	1 KB
1	viajando2019.link 1 redirects cyhxiiqhoxstzzz5qdmmna7vvsxdqwacv.viajando2019.link	225 B
0	amazonaws.com Failed gtrk.s3.amazonaws.com Failed
0	tiqcdn.com Failed tags.tiqcdn.com Failed
0	crazyegg.com Failed script.crazyegg.com Failed
0	facebook.net Failed connect.facebook.net Failed
0	googleadservices.com Failed www.googleadservices.com Failed
85	12

	Domain	Requested by
20	codigopromouber.serveftp.com	1 redirects codigopromouber.serveftp.com
5	www.google.de	codigopromouber.serveftp.com
5	www.google.com	5 redirects
5	googleads.g.doubleclick.net	5 redirects
4	d1a3f4spazzrp4.cloudfront.net	codigopromouber.serveftp.com
1	logx.optimizely.com	codigopromouber.serveftp.com
1	cdn3.optimizely.com	codigopromouber.serveftp.com
1	a745050198.cdn.optimizely.com	codigopromouber.serveftp.com
1	cyhxiiqhoxstzzz5qdmmna7vvsxdqwacv.viajando2019.link	1 redirects
0	gtrk.s3.amazonaws.com Failed	codigopromouber.serveftp.com
0	tags.tiqcdn.com Failed	codigopromouber.serveftp.com
0	script.crazyegg.com Failed	codigopromouber.serveftp.com
0	connect.facebook.net Failed	codigopromouber.serveftp.com
0	www.googleadservices.com Failed	codigopromouber.serveftp.com
85	14

This site contains links to these domains. Also see Links.

Domain
hastrk2.com
www.windowsphone.com

Subject Issuer	Validity	Valid
*.cdn.optimizely.com GeoTrust RSA CA 2018	`2018-03-30` - `2019-03-30`	a year	crt.sh
logx.optimizely.com DigiCert SHA2 High Assurance Server CA	`2018-10-01` - `2020-10-05`	2 years	crt.sh
www.google.de Google Internet Authority G3	`2018-12-19` - `2019-03-13`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2018-10-08` - `2019-10-09`	a year	crt.sh

This page contains 8 frames:

Primary Page: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR
Frame ID: 85580161565AEDD280D07DE221A9FF35
Requests: 81 HTTP requests in this frame

Frame: https://a745050198.cdn.optimizely.com/client_storage/a745050198.html
Frame ID: D85D9A22C89E17CD3AAAE3247E887D7B
Requests: 1 HTTP requests in this frame

Frame: http://codigopromouber.serveftp.com/Cadastro01_files/a745050198.html
Frame ID: B1C7CFBA56AEF27273810532B6A251E4
Requests: 1 HTTP requests in this frame

Frame: http://codigopromouber.serveftp.com/Cadastro01_files/a745050198(1).html
Frame ID: 49E4C41B0D6ACC05E578F863F8971C47
Requests: 1 HTTP requests in this frame

Frame: http://codigopromouber.serveftp.com/Cadastro01_files/activityi.html
Frame ID: 8528C075F13FAB60073EAFECF4EA6944
Requests: 1 HTTP requests in this frame

Frame: http://codigopromouber.serveftp.com/Cadastro01_files/activityi(1).html
Frame ID: 9334DF74FBB2384123A36CE9A11BE678
Requests: 1 HTTP requests in this frame

Frame: http://codigopromouber.serveftp.com/Cadastro01_files/dest5.html
Frame ID: 90EAF4420303E5D58EFE10B4CB50C071
Requests: 1 HTTP requests in this frame

Frame: http://codigopromouber.serveftp.com/Cadastro01_files/pixel.html
Frame ID: F747C654B4AC460E3BC2606CF1BF1926
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://cyhxiiqhoxstzzz5qdmmna7vvsxdqwacv.viajando2019.link/ HTTP 301
http://codigopromouber.serveftp.com/ HTTP 302
http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR Page URL

Detected technologies

CentOS (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /CentOS/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^CE2$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /optimizely\.com.*\.js/i
env /^optimizely$/i

Page Statistics

85
Requests

13 %
HTTPS

33 %
IPv6

12
Domains

14
Subdomains

7
IPs

3
Countries

1123 kB
Transfer

1204 kB
Size

0
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://hastrk2.com/serve?action=click&publisher_id=47734&site_id=17688&offer_id=249980
Title: Apple Store

Search URL Search Domain Scan URL

URL: http://hastrk2.com/serve?action=click&publisher_id=47734&site_id=26744&offer_id=254474
Title: Google Play Store

Search URL Search Domain Scan URL

URL: https://www.windowsphone.com/s?appid=b905a877-bd55-4ce7-a7aa-467cdc3a21f4
Title: Windows Store

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://cyhxiiqhoxstzzz5qdmmna7vvsxdqwacv.viajando2019.link/ HTTP 301
http://codigopromouber.serveftp.com/ HTTP 302
http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 69

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/942245433/?random=323652908&cv=8&fst=*&num=1&label=O28UCPjZ6V4QuYymwQM&bg=ffffff&hl=en&guid=ON&eid=27391102%2C659235991%2C659245991&u_h=640&u_w=360&u_ah=640&u_aw=360&u_cd=24&u_his=3&u_tz=-180&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=https://get.uber.com/app-signup-success%3Fsignup_type%3Dorganic&ref=https://get.uber.com/new-signup/&tiba=Voc%C3%AA%20est%C3%A1%20pronto%20para%20a%20viagem!&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&jaid=AJHaeXIpZvA7TjwTSQVae21QYorFBrkaI76y8swKPTsCJgccaiGf&ocp_id=kynXWd_oLpOKxgS_1aagCw HTTP 302
https://www.google.com/pagead/1p-conversion/942245433/?random=323652908&cv=8&fst=*&num=1&label=O28UCPjZ6V4QuYymwQM&bg=ffffff&hl=en&guid=ON&eid=27391102%2C659235991%2C659245991&u_h=640&u_w=360&u_ah=640&u_aw=360&u_cd=24&u_his=3&u_tz=-180&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=https://get.uber.com/app-signup-success%3Fsignup_type%3Dorganic&ref=https://get.uber.com/new-signup/&tiba=Voc%C3%AA%20est%C3%A1%20pronto%20para%20a%20viagem!&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&cdct=2&is_vtc=1&jaid=AJHaeXIpZvA7TjwTSQVae21QYorFBrkaI76y8swKPTsCJgccaiGf&ocp_id=kynXWd_oLpOKxgS_1aagCw&random=27455398 HTTP 302
https://www.google.de/pagead/1p-conversion/942245433/?random=323652908&cv=8&fst=*&num=1&label=O28UCPjZ6V4QuYymwQM&bg=ffffff&hl=en&guid=ON&eid=27391102%2C659235991%2C659245991&u_h=640&u_w=360&u_ah=640&u_aw=360&u_cd=24&u_his=3&u_tz=-180&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=https://get.uber.com/app-signup-success%3Fsignup_type%3Dorganic&ref=https://get.uber.com/new-signup/&tiba=Voc%C3%AA%20est%C3%A1%20pronto%20para%20a%20viagem!&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&cdct=2&is_vtc=1&jaid=AJHaeXIpZvA7TjwTSQVae21QYorFBrkaI76y8swKPTsCJgccaiGf&ocp_id=kynXWd_oLpOKxgS_1aagCw&random=27455398&ipr=y

Request Chain 70

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947969594/?random=186849863&cv=8&fst=*&num=1&label=2c3uCJPR6V4QuryDxAM&bg=ffffff&hl=en&guid=ON&eid=27391102%2C659235991%2C659245991&u_h=640&u_w=360&u_ah=640&u_aw=360&u_cd=24&u_his=3&u_tz=-180&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=https://get.uber.com/app-signup-success%3Fsignup_type%3Dorganic&ref=https://get.uber.com/new-signup/&tiba=Voc%C3%AA%20est%C3%A1%20pronto%20para%20a%20viagem!&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&jaid=AJHaeXIpZvA7TjwTSQVae21QYorFBrkaI76y8swKPTsCJgccaiGf&ocp_id=kynXWc3eL4qZxASZnZOQCg HTTP 302
https://www.google.com/pagead/1p-conversion/947969594/?random=186849863&cv=8&fst=*&num=1&label=2c3uCJPR6V4QuryDxAM&bg=ffffff&hl=en&guid=ON&eid=27391102%2C659235991%2C659245991&u_h=640&u_w=360&u_ah=640&u_aw=360&u_cd=24&u_his=3&u_tz=-180&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=https://get.uber.com/app-signup-success%3Fsignup_type%3Dorganic&ref=https://get.uber.com/new-signup/&tiba=Voc%C3%AA%20est%C3%A1%20pronto%20para%20a%20viagem!&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&cdct=2&is_vtc=1&jaid=AJHaeXIpZvA7TjwTSQVae21QYorFBrkaI76y8swKPTsCJgccaiGf&ocp_id=kynXWc3eL4qZxASZnZOQCg&random=3458861503 HTTP 302
https://www.google.de/pagead/1p-conversion/947969594/?random=186849863&cv=8&fst=*&num=1&label=2c3uCJPR6V4QuryDxAM&bg=ffffff&hl=en&guid=ON&eid=27391102%2C659235991%2C659245991&u_h=640&u_w=360&u_ah=640&u_aw=360&u_cd=24&u_his=3&u_tz=-180&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=https://get.uber.com/app-signup-success%3Fsignup_type%3Dorganic&ref=https://get.uber.com/new-signup/&tiba=Voc%C3%AA%20est%C3%A1%20pronto%20para%20a%20viagem!&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&cdct=2&is_vtc=1&jaid=AJHaeXIpZvA7TjwTSQVae21QYorFBrkaI76y8swKPTsCJgccaiGf&ocp_id=kynXWc3eL4qZxASZnZOQCg&random=3458861503&ipr=y

Request Chain 71

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/952029224/?random=2034825767&cv=8&fst=*&num=1&label=U9M8CN_S-2AQqKD7xQM&bg=ffffff&hl=en&guid=ON&eid=27391102%2C659235991%2C659245991&u_h=640&u_w=360&u_ah=640&u_aw=360&u_cd=24&u_his=3&u_tz=-180&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=https://get.uber.com/app-signup-success%3Fsignup_type%3Dorganic&ref=https://get.uber.com/new-signup/&tiba=Voc%C3%AA%20est%C3%A1%20pronto%20para%20a%20viagem!&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&jaid=AJHaeXIpZvA7TjwTSQVae21QYorFBrkaI76y8swKPTsCJgccaiGf&ocp_id=kynXWe3nL5WaxATH7rroCw HTTP 302
https://www.google.com/pagead/1p-conversion/952029224/?random=2034825767&cv=8&fst=*&num=1&label=U9M8CN_S-2AQqKD7xQM&bg=ffffff&hl=en&guid=ON&eid=27391102%2C659235991%2C659245991&u_h=640&u_w=360&u_ah=640&u_aw=360&u_cd=24&u_his=3&u_tz=-180&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=https://get.uber.com/app-signup-success%3Fsignup_type%3Dorganic&ref=https://get.uber.com/new-signup/&tiba=Voc%C3%AA%20est%C3%A1%20pronto%20para%20a%20viagem!&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&cdct=2&is_vtc=1&jaid=AJHaeXIpZvA7TjwTSQVae21QYorFBrkaI76y8swKPTsCJgccaiGf&ocp_id=kynXWe3nL5WaxATH7rroCw&random=1846218078 HTTP 302
https://www.google.de/pagead/1p-conversion/952029224/?random=2034825767&cv=8&fst=*&num=1&label=U9M8CN_S-2AQqKD7xQM&bg=ffffff&hl=en&guid=ON&eid=27391102%2C659235991%2C659245991&u_h=640&u_w=360&u_ah=640&u_aw=360&u_cd=24&u_his=3&u_tz=-180&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=https://get.uber.com/app-signup-success%3Fsignup_type%3Dorganic&ref=https://get.uber.com/new-signup/&tiba=Voc%C3%AA%20est%C3%A1%20pronto%20para%20a%20viagem!&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&cdct=2&is_vtc=1&jaid=AJHaeXIpZvA7TjwTSQVae21QYorFBrkaI76y8swKPTsCJgccaiGf&ocp_id=kynXWe3nL5WaxATH7rroCw&random=1846218078&ipr=y

Request Chain 72

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/975102964/?random=936493857&cv=8&fst=*&num=1&label=zzd3CMjwglsQ9Mf70AM&bg=ffffff&hl=en&guid=ON&eid=27391102%2C659235991%2C659245991&u_h=640&u_w=360&u_ah=640&u_aw=360&u_cd=24&u_his=3&u_tz=-180&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=https://get.uber.com/app-signup-success%3Fsignup_type%3Dorganic&ref=https://get.uber.com/new-signup/&tiba=Voc%C3%AA%20est%C3%A1%20pronto%20para%20a%20viagem!&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&jaid=AJHaeXIpZvA7TjwTSQVae21QYorFBrkaI76y8swKPTsCJgccaiGf&ocp_id=kynXWeqQMI2exAThxZrYCg HTTP 302
https://www.google.com/pagead/1p-conversion/975102964/?random=936493857&cv=8&fst=*&num=1&label=zzd3CMjwglsQ9Mf70AM&bg=ffffff&hl=en&guid=ON&eid=27391102%2C659235991%2C659245991&u_h=640&u_w=360&u_ah=640&u_aw=360&u_cd=24&u_his=3&u_tz=-180&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=https://get.uber.com/app-signup-success%3Fsignup_type%3Dorganic&ref=https://get.uber.com/new-signup/&tiba=Voc%C3%AA%20est%C3%A1%20pronto%20para%20a%20viagem!&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&cdct=2&is_vtc=1&jaid=AJHaeXIpZvA7TjwTSQVae21QYorFBrkaI76y8swKPTsCJgccaiGf&ocp_id=kynXWeqQMI2exAThxZrYCg&random=3372110935 HTTP 302
https://www.google.de/pagead/1p-conversion/975102964/?random=936493857&cv=8&fst=*&num=1&label=zzd3CMjwglsQ9Mf70AM&bg=ffffff&hl=en&guid=ON&eid=27391102%2C659235991%2C659245991&u_h=640&u_w=360&u_ah=640&u_aw=360&u_cd=24&u_his=3&u_tz=-180&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=https://get.uber.com/app-signup-success%3Fsignup_type%3Dorganic&ref=https://get.uber.com/new-signup/&tiba=Voc%C3%AA%20est%C3%A1%20pronto%20para%20a%20viagem!&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&cdct=2&is_vtc=1&jaid=AJHaeXIpZvA7TjwTSQVae21QYorFBrkaI76y8swKPTsCJgccaiGf&ocp_id=kynXWeqQMI2exAThxZrYCg&random=3372110935&ipr=y

Request Chain 73

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/944002889/?random=1977017740&cv=8&fst=*&num=1&label=KyEZCNyM9l4Qya6RwgM&bg=ffffff&hl=en&guid=ON&eid=27391102%2C659235991%2C659245991&u_h=640&u_w=360&u_ah=640&u_aw=360&u_cd=24&u_his=3&u_tz=-180&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=https://get.uber.com/app-signup-success%3Fsignup_type%3Dorganic&ref=https://get.uber.com/new-signup/&tiba=Voc%C3%AA%20est%C3%A1%20pronto%20para%20a%20viagem!&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&jaid=AJHaeXIpZvA7TjwTSQVae21QYorFBrkaI76y8swKPTsCJgccaiGf&ocp_id=kynXWdC3MM-VxAS2qIzADQ HTTP 302
https://www.google.com/pagead/1p-conversion/944002889/?random=1977017740&cv=8&fst=*&num=1&label=KyEZCNyM9l4Qya6RwgM&bg=ffffff&hl=en&guid=ON&eid=27391102%2C659235991%2C659245991&u_h=640&u_w=360&u_ah=640&u_aw=360&u_cd=24&u_his=3&u_tz=-180&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=https://get.uber.com/app-signup-success%3Fsignup_type%3Dorganic&ref=https://get.uber.com/new-signup/&tiba=Voc%C3%AA%20est%C3%A1%20pronto%20para%20a%20viagem!&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&cdct=2&is_vtc=1&jaid=AJHaeXIpZvA7TjwTSQVae21QYorFBrkaI76y8swKPTsCJgccaiGf&ebcid=ALh7CaRQ8pjy6D7KcMFEanoLdeAzHysqEKDcPA9JgYyUxp9oANqBndFQRQE_SPe-sv6sSxTdFn4Nn0z3JbqaAHcKAE3SFMy1nw&ocp_id=kynXWdC3MM-VxAS2qIzADQ&random=1390318268 HTTP 302
https://www.google.de/pagead/1p-conversion/944002889/?random=1977017740&cv=8&fst=*&num=1&label=KyEZCNyM9l4Qya6RwgM&bg=ffffff&hl=en&guid=ON&eid=27391102%2C659235991%2C659245991&u_h=640&u_w=360&u_ah=640&u_aw=360&u_cd=24&u_his=3&u_tz=-180&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=https://get.uber.com/app-signup-success%3Fsignup_type%3Dorganic&ref=https://get.uber.com/new-signup/&tiba=Voc%C3%AA%20est%C3%A1%20pronto%20para%20a%20viagem!&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&cdct=2&is_vtc=1&jaid=AJHaeXIpZvA7TjwTSQVae21QYorFBrkaI76y8swKPTsCJgccaiGf&ebcid=ALh7CaRQ8pjy6D7KcMFEanoLdeAzHysqEKDcPA9JgYyUxp9oANqBndFQRQE_SPe-sv6sSxTdFn4Nn0z3JbqaAHcKAE3SFMy1nw&ocp_id=kynXWdC3MM-VxAS2qIzADQ&random=1390318268&ipr=y

85 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request Uber.html Show response
codigopromouber.serveftp.com/
Redirect Chain

http://cyhxiiqhoxstzzz5qdmmna7vvsxdqwacv.viajando2019.link/
http://codigopromouber.serveftp.com/
http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR

25 KB
25 KB

165ms
89ms

Document
text/html

185.35.138.220
ZYZTM

General

Check archive.org

Show headers Download Go to

Full URL: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR
Protocol: HTTP/1.1
Server: 185.35.138.220 , Netherlands, ASN62454 (ZYZTM, NL),
Reverse DNS: 185-35-138-220.v4.as62454.net
Software: Apache/2.2.15 (CentOS) /
Resource Hash: c14f704d2645913f0c66d00fd796f468bd537f0955c261b034be0c34fae395fd

Request headers

Host: codigopromouber.serveftp.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 22 Jan 2019 20:17:25 GMT
Server: Apache/2.2.15 (CentOS)
Last-Modified: Thu, 26 Apr 2018 06:43:46 GMT
ETag: "602ff-6269-56abab58e0c80"
Accept-Ranges: bytes
Content-Length: 25193
Connection: close
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Tue, 22 Jan 2019 20:17:25 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.6.35
Location: Uber.html?PromoUber=0RI7UD5UUAR
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK event Show response
codigopromouber.serveftp.com/Cadastro01_files/ 3 KB
3 KB 165ms
103ms Script
text/plain 185.35.138.220
ZYZTM

General

Check archive.org

Show headers Download Go to

Full URL: http://codigopromouber.serveftp.com/Cadastro01_files/event
Requested by: Host: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR
Protocol: HTTP/1.1
Server: 185.35.138.220 , Netherlands, ASN62454 (ZYZTM, NL),
Reverse DNS: 185-35-138-220.v4.as62454.net
Software: Apache/2.2.15 (CentOS) /
Resource Hash: fdadbe736abb9d50d6edc912fa134f1c8c18caeb7e6663157b4247488568dc43

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: codigopromouber.serveftp.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR
Connection: keep-alive
Cache-Control: no-cache
Referer: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 22 Jan 2019 20:17:25 GMT
Last-Modified: Thu, 26 Apr 2018 06:42:42 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "60315-b47-56abab1bd7c80"
Content-Type: text/plain; charset=UTF-8
Connection: close
Accept-Ranges: bytes
Content-Length: 2887

GET
H/1.1 200
OK conversion_async.js.download Show response
codigopromouber.serveftp.com/Cadastro01_files/ 13 KB
13 KB 28086ms
44ms Script
text/javascript 185.35.138.220
ZYZTM

General

Check archive.org

Show headers Download Go to

Full URL: http://codigopromouber.serveftp.com/Cadastro01_files/conversion_async.js.download
Requested by: Host: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR
Protocol: HTTP/1.1
Server: 185.35.138.220 , Netherlands, ASN62454 (ZYZTM, NL),
Reverse DNS: 185-35-138-220.v4.as62454.net
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 02074b105554ed6372d37efd4285403cbe057fd20f7d4655fe7a7d30d633c2f9

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: codigopromouber.serveftp.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR
Connection: keep-alive
Cache-Control: no-cache
Referer: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 22 Jan 2019 20:17:53 GMT
Last-Modified: Thu, 26 Apr 2018 06:42:42 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "60312-3448-56abab1bd7c80"
Content-Type: text/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 13384

GET linkid.js.download
codigopromouber.serveftp.com/Cadastro01_files/ 0
0

GET ec.js.download
codigopromouber.serveftp.com/Cadastro01_files/ 0
0

GET fbevents.js.download
codigopromouber.serveftp.com/Cadastro01_files/ 0
0

GET analytics.js.download
codigopromouber.serveftp.com/Cadastro01_files/ 0
0

GET utag.js.download
codigopromouber.serveftp.com/Cadastro01_files/ 0
0

GET geo2.js.download
codigopromouber.serveftp.com/Cadastro01_files/ 0
0

GET
H/1.1 200
OK 8148824632.js.download Show response
codigopromouber.serveftp.com/Cadastro01_files/ 510 KB
510 KB 212ms
127ms Script
text/javascript 185.35.138.220
ZYZTM

General

Check archive.org

Show headers Download Go to

Full URL: http://codigopromouber.serveftp.com/Cadastro01_files/8148824632.js.download
Requested by: Host: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR
Protocol: HTTP/1.1
Server: 185.35.138.220 , Netherlands, ASN62454 (ZYZTM, NL),
Reverse DNS: 185-35-138-220.v4.as62454.net
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2c3c7e82f15a16c6db0cf3c333bb90b9ec44f8beeca567bb8adf3c835b524253

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: codigopromouber.serveftp.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR
Connection: keep-alive
Cache-Control: no-cache
Referer: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 22 Jan 2019 20:17:25 GMT
Last-Modified: Thu, 26 Apr 2018 06:42:42 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "6030c-7f674-56abab1bd7c80"
Content-Type: text/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 521844

GET
H/1.1 200
OK superfine.css
codigopromouber.serveftp.com/Cadastro01_files/ 118 KB
118 KB 98ms
39ms Stylesheet
text/css 185.35.138.220
ZYZTM

General

Check archive.org

Show headers Download Go to

Full URL: http://codigopromouber.serveftp.com/Cadastro01_files/superfine.css
Requested by: Host: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR
Protocol: HTTP/1.1
Server: 185.35.138.220 , Netherlands, ASN62454 (ZYZTM, NL),
Reverse DNS: 185-35-138-220.v4.as62454.net
Software: Apache/2.2.15 (CentOS) /
Resource Hash: acf8385a5c6c6cad6c38eb47b2f8742776d42510feedd49179de3ea2fa0d83da

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: codigopromouber.serveftp.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR
Connection: keep-alive
Cache-Control: no-cache
Referer: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 22 Jan 2019 20:17:25 GMT
Last-Modified: Thu, 26 Apr 2018 06:42:42 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "60322-1d8a6-56abab1bd7c80"
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 120998

GET
H/1.1 200
OK superfine(1).css
codigopromouber.serveftp.com/Cadastro01_files/ 210 KB
210 KB 99ms
41ms Stylesheet
text/css 185.35.138.220
ZYZTM

General

Check archive.org

Show headers Download Go to

Full URL: http://codigopromouber.serveftp.com/Cadastro01_files/superfine(1).css
Requested by: Host: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR
Protocol: HTTP/1.1
Server: 185.35.138.220 , Netherlands, ASN62454 (ZYZTM, NL),
Reverse DNS: 185-35-138-220.v4.as62454.net
Software: Apache/2.2.15 (CentOS) /
Resource Hash: cbc532210e14fe216bb4fdda45ab0326ca802cbb80c0fd35507b028ec6b74880

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: codigopromouber.serveftp.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR
Connection: keep-alive
Cache-Control: no-cache
Referer: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 22 Jan 2019 20:17:25 GMT
Last-Modified: Thu, 26 Apr 2018 06:42:42 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "60321-3476a-56abab1bd7c80"
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 214890

GET
H/1.1 200
OK uber-icons.css
codigopromouber.serveftp.com/Cadastro01_files/ 105 KB
105 KB 131ms
73ms Stylesheet
text/css 185.35.138.220
ZYZTM

General

Check archive.org

Show headers Download Go to

Full URL: http://codigopromouber.serveftp.com/Cadastro01_files/uber-icons.css
Requested by: Host: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR
Protocol: HTTP/1.1
Server: 185.35.138.220 , Netherlands, ASN62454 (ZYZTM, NL),
Reverse DNS: 185-35-138-220.v4.as62454.net
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 38dbd089b62a7670bd19e189fee5beb972d1f8f22b2d88bbfd2fe0c2ea9871b7

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: codigopromouber.serveftp.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR
Connection: keep-alive
Cache-Control: no-cache
Referer: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 22 Jan 2019 20:17:25 GMT
Last-Modified: Thu, 26 Apr 2018 06:42:42 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "60323-1a3d8-56abab1bd7c80"
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 107480

GET
H/1.1 200
OK new-sign-up.458a0c8ef6cc46b42de1ab885b9f5574.css
codigopromouber.serveftp.com/Cadastro01_files/ 9 KB
9 KB 134ms
75ms Stylesheet
text/css 185.35.138.220
ZYZTM

General

Check archive.org

Show headers Download Go to

Full URL: http://codigopromouber.serveftp.com/Cadastro01_files/new-sign-up.458a0c8ef6cc46b42de1ab885b9f5574.css
Requested by: Host: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR
Protocol: HTTP/1.1
Server: 185.35.138.220 , Netherlands, ASN62454 (ZYZTM, NL),
Reverse DNS: 185-35-138-220.v4.as62454.net
Software: Apache/2.2.15 (CentOS) /
Resource Hash: a7f726d10cee2ae1e1c1d37bc1a781a5703e4c99a67ad74cbd45e64c24bdf5f8

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: codigopromouber.serveftp.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR
Connection: keep-alive
Cache-Control: no-cache
Referer: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 22 Jan 2019 20:17:25 GMT
Last-Modified: Thu, 26 Apr 2018 06:42:42 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "6031a-23de-56abab1bd7c80"
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 9182

GET
H/1.1 200
OK global_entry_point.5b860a1f70a1bae7197592f304e85176.js.download Show response
codigopromouber.serveftp.com/Cadastro01_files/ 64 KB
64 KB 568ms
44ms Script
text/javascript 185.35.138.220
ZYZTM

General

Check archive.org

Show headers Download Go to

Full URL: http://codigopromouber.serveftp.com/Cadastro01_files/global_entry_point.5b860a1f70a1bae7197592f304e85176.js.download
Requested by: Host: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR
Protocol: HTTP/1.1
Server: 185.35.138.220 , Netherlands, ASN62454 (ZYZTM, NL),
Reverse DNS: 185-35-138-220.v4.as62454.net
Software: Apache/2.2.15 (CentOS) /
Resource Hash: f00ce087574a0ced9b500bc9b51dfc963c51de7db933c2e99b9ed895cdb7c74e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: codigopromouber.serveftp.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR
Connection: keep-alive
Cache-Control: no-cache
Referer: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 22 Jan 2019 20:17:25 GMT
Last-Modified: Thu, 26 Apr 2018 06:42:42 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "60318-ff26-56abab1bd7c80"
Content-Type: text/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 65318

GET
H/1.1 200
OK 2593.js.download Show response
codigopromouber.serveftp.com/Cadastro01_files/ 10 KB
11 KB 4452ms
44ms Script
text/javascript 185.35.138.220
ZYZTM

General

Check archive.org

Show headers Download Go to

Full URL: http://codigopromouber.serveftp.com/Cadastro01_files/2593.js.download
Requested by: Host: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR
Protocol: HTTP/1.1
Server: 185.35.138.220 , Netherlands, ASN62454 (ZYZTM, NL),
Reverse DNS: 185-35-138-220.v4.as62454.net
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3eda57e084ed07eaf16c11a85661b4effa36496fda8ce4642be5792682c11e08

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: codigopromouber.serveftp.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR
Connection: keep-alive
Cache-Control: no-cache
Referer: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 22 Jan 2019 20:17:29 GMT
Last-Modified: Thu, 26 Apr 2018 06:42:42 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "6030b-2964-56abab1bd7c80"
Content-Type: text/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 10596

GET utag.44.js.download
codigopromouber.serveftp.com/Cadastro01_files/ 0
0

GET utag.3.js.download
codigopromouber.serveftp.com/Cadastro01_files/ 0
0

GET utag.42.js.download
codigopromouber.serveftp.com/Cadastro01_files/ 0
0

GET utag.88.js.download
codigopromouber.serveftp.com/Cadastro01_files/ 0
0

GET utag.153.js.download
codigopromouber.serveftp.com/Cadastro01_files/ 0
0

GET utag.185.js.download
codigopromouber.serveftp.com/Cadastro01_files/ 0
0

GET utag.186.js.download
codigopromouber.serveftp.com/Cadastro01_files/ 0
0

GET utag.191.js.download
codigopromouber.serveftp.com/Cadastro01_files/ 0
0

GET utag.192.js.download
codigopromouber.serveftp.com/Cadastro01_files/ 0
0

GET utag.557.js.download
codigopromouber.serveftp.com/Cadastro01_files/ 0
0

GET utag.590.js.download
codigopromouber.serveftp.com/Cadastro01_files/ 0
0

GET utag.600.js.download
codigopromouber.serveftp.com/Cadastro01_files/ 0
0

GET utag.603.js.download
codigopromouber.serveftp.com/Cadastro01_files/ 0
0

GET utag.606.js.download
codigopromouber.serveftp.com/Cadastro01_files/ 0
0

GET utag.609.js.download
codigopromouber.serveftp.com/Cadastro01_files/ 0
0

GET utag.627.js.download
codigopromouber.serveftp.com/Cadastro01_files/ 0
0

GET utag.650.js.download
codigopromouber.serveftp.com/Cadastro01_files/ 0
0

GET utag.651.js.download
codigopromouber.serveftp.com/Cadastro01_files/ 0
0

GET utag.667.js.download
codigopromouber.serveftp.com/Cadastro01_files/ 0
0

GET utag.727.js.download
codigopromouber.serveftp.com/Cadastro01_files/ 0
0

GET utag.756.js.download
codigopromouber.serveftp.com/Cadastro01_files/ 0
0

GET utag.830.js.download
codigopromouber.serveftp.com/Cadastro01_files/ 0
0

GET utag.871.js.download
codigopromouber.serveftp.com/Cadastro01_files/ 0
0

GET utag.875.js.download
codigopromouber.serveftp.com/Cadastro01_files/ 0
0

GET utag.880.js.download
codigopromouber.serveftp.com/Cadastro01_files/ 0
0

GET utag.886.js.download
codigopromouber.serveftp.com/Cadastro01_files/ 0
0

GET utag.887.js.download
codigopromouber.serveftp.com/Cadastro01_files/ 0
0

GET utag.889.js.download
codigopromouber.serveftp.com/Cadastro01_files/ 0
0

GET utag.891.js.download
codigopromouber.serveftp.com/Cadastro01_files/ 0
0

GET utag.896.js.download
codigopromouber.serveftp.com/Cadastro01_files/ 0
0

GET utag.910.js.download
codigopromouber.serveftp.com/Cadastro01_files/ 0
0

GET utag.945.js.download
codigopromouber.serveftp.com/Cadastro01_files/ 0
0

GET utag.1001.js.download
codigopromouber.serveftp.com/Cadastro01_files/ 0
0

GET utag.1016.js.download
codigopromouber.serveftp.com/Cadastro01_files/ 0
0

GET utag.1017.js.download
codigopromouber.serveftp.com/Cadastro01_files/ 0
0

GET utag.1018.js.download
codigopromouber.serveftp.com/Cadastro01_files/ 0
0

GET utag.1048.js.download
codigopromouber.serveftp.com/Cadastro01_files/ 0
0

GET utag.1039.js.download
codigopromouber.serveftp.com/Cadastro01_files/ 0
0

GET utag.1051.js.download
codigopromouber.serveftp.com/Cadastro01_files/ 0
0

GET
H/1.1 200
OK saved_resource Show response
codigopromouber.serveftp.com/Cadastro01_files/ 1 KB
2 KB 19577ms
45ms Script
text/plain 185.35.138.220
ZYZTM

General

Check archive.org

Show headers Download Go to

Full URL: http://codigopromouber.serveftp.com/Cadastro01_files/saved_resource
Requested by: Host: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR
Protocol: HTTP/1.1
Server: 185.35.138.220 , Netherlands, ASN62454 (ZYZTM, NL),
Reverse DNS: 185-35-138-220.v4.as62454.net
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 6a21ce78d598b5493222a6b40878169ca50d0ba7718b290ebf895e9660b4ff0e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: codigopromouber.serveftp.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR
Connection: keep-alive
Cache-Control: no-cache
Referer: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 22 Jan 2019 20:17:44 GMT
Last-Modified: Thu, 26 Apr 2018 06:42:44 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "6031c-510-56abab1dc0100"
Content-Type: text/plain; charset=UTF-8
Connection: close
Accept-Ranges: bytes
Content-Length: 1296

GET
H/1.1 200
OK saved_resource(1) Show response
codigopromouber.serveftp.com/Cadastro01_files/ 1 KB
2 KB 22679ms
44ms Script
text/plain 185.35.138.220
ZYZTM

General

Check archive.org

Show headers Download Go to

Full URL: http://codigopromouber.serveftp.com/Cadastro01_files/saved_resource(1)
Requested by: Host: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR
Protocol: HTTP/1.1
Server: 185.35.138.220 , Netherlands, ASN62454 (ZYZTM, NL),
Reverse DNS: 185-35-138-220.v4.as62454.net
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ea640c4409699cb665986b917be11cce62c139ff1f06fd82928d1da675db6389

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: codigopromouber.serveftp.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR
Connection: keep-alive
Cache-Control: no-cache
Referer: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 22 Jan 2019 20:17:48 GMT
Last-Modified: Thu, 26 Apr 2018 06:42:44 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "6031d-510-56abab1dc0100"
Content-Type: text/plain; charset=UTF-8
Connection: close
Accept-Ranges: bytes
Content-Length: 1296

GET
H/1.1 200
OK saved_resource(2) Show response
codigopromouber.serveftp.com/Cadastro01_files/ 1 KB
2 KB 25768ms
43ms Script
text/plain 185.35.138.220
ZYZTM

General

Check archive.org

Show headers Download Go to

Full URL: http://codigopromouber.serveftp.com/Cadastro01_files/saved_resource(2)
Requested by: Host: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR
Protocol: HTTP/1.1
Server: 185.35.138.220 , Netherlands, ASN62454 (ZYZTM, NL),
Reverse DNS: 185-35-138-220.v4.as62454.net
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ca9b172f930b31b86be530254bde335da8e8ac9dafa1995b5c59dae1e533f401

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: codigopromouber.serveftp.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR
Connection: keep-alive
Cache-Control: no-cache
Referer: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 22 Jan 2019 20:17:51 GMT
Last-Modified: Thu, 26 Apr 2018 06:42:44 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "6031e-511-56abab1dc0100"
Content-Type: text/plain; charset=UTF-8
Connection: close
Accept-Ranges: bytes
Content-Length: 1297

GET
H/1.1 200
OK saved_resource(3) Show response
codigopromouber.serveftp.com/Cadastro01_files/ 1 KB
2 KB 26868ms
43ms Script
text/plain 185.35.138.220
ZYZTM

General

Check archive.org

Show headers Download Go to

Full URL: http://codigopromouber.serveftp.com/Cadastro01_files/saved_resource(3)
Requested by: Host: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR
Protocol: HTTP/1.1
Server: 185.35.138.220 , Netherlands, ASN62454 (ZYZTM, NL),
Reverse DNS: 185-35-138-220.v4.as62454.net
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 15c3836ffde6614f077aab77a4aac379d094fc28b8d26eb56df83f11cfc640b7

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: codigopromouber.serveftp.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR
Connection: keep-alive
Cache-Control: no-cache
Referer: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 22 Jan 2019 20:17:52 GMT
Last-Modified: Thu, 26 Apr 2018 06:42:44 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "6031f-510-56abab1dc0100"
Content-Type: text/plain; charset=UTF-8
Connection: close
Accept-Ranges: bytes
Content-Length: 1296

GET
H/1.1 200
OK saved_resource(4) Show response
codigopromouber.serveftp.com/Cadastro01_files/ 1 KB
2 KB 27971ms
44ms Script
text/plain 185.35.138.220
ZYZTM

General

Check archive.org

Show headers Download Go to

Full URL: http://codigopromouber.serveftp.com/Cadastro01_files/saved_resource(4)
Requested by: Host: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR
Protocol: HTTP/1.1
Server: 185.35.138.220 , Netherlands, ASN62454 (ZYZTM, NL),
Reverse DNS: 185-35-138-220.v4.as62454.net
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 75c3c9f502e8262736018cd82d0ab9c3edfbcf22ec1e5621446426a49b9f6037

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: codigopromouber.serveftp.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR
Connection: keep-alive
Cache-Control: no-cache
Referer: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 22 Jan 2019 20:17:53 GMT
Last-Modified: Thu, 26 Apr 2018 06:42:44 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "60320-511-56abab1dc0100"
Content-Type: text/plain; charset=UTF-8
Connection: close
Accept-Ranges: bytes
Content-Length: 1297

GET 1477428567-confirmation.png
codigopromouber.serveftp.com/Cadastro01_files/ 0
0

GET conversion_async.js
www.googleadservices.com/pagead/ 0
0

GET fbevents.js
connect.facebook.net/en_US/ 0
0

GET
H2 200 a745050198.html
a745050198.cdn.optimizely.com/client_storage/ Frame D85D 0
0 5109ms
28ms Document
text/html 104.111.230.50
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://a745050198.cdn.optimizely.com/client_storage/a745050198.html

Requested by

Host: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Cadastro01_files/8148824632.js.download

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.230.50 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-230-50.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

:method: GET
:authority: a745050198.cdn.optimizely.com
:scheme: https
:path: /client_storage/a745050198.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR

Response headers

status: 200
x-amz-id-2: m630F7ueRLThOm1xH6Uv47U4BPf1Ji/BJzfhYVHWqPClYdzE+FJiviU9HDR/b4SZhE33K4fpUcs=
x-amz-request-id: 2AABA9E9908EEDE9
x-amz-replication-status: COMPLETED
last-modified: Tue, 22 Jan 2019 17:13:06 GMT
etag: "e4b52c54773f7c91da638a8bcb7b0091"
cache-control: max-age=120
x-amz-meta-pci_enabled: False
content-encoding: gzip
x-amz-version-id: ncSuqVQmw8HN_ujUYePwPX3BPjnorNoS
accept-ranges: bytes
content-type: text/html; charset=utf-8
content-length: 682
server: AmazonS3
vary: Accept-Encoding
date: Tue, 22 Jan 2019 20:17:31 GMT
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="22";dur=0,cdnip;desc="104.111.230.50";dur=0,cdnmap;desc="a4343.x.akamaiedge.net";dur=0,proto;desc="h2";dur=0
strict-transport-security: max-age=15768000

GET
H/1.1 200
OK geo2.js Show response
cdn3.optimizely.com/js/ 294 B
701 B 1058ms
21ms Script
application/javascript 23.57.31.217
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn3.optimizely.com/js/geo2.js
Requested by: Host: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Cadastro01_files/8148824632.js.download
Protocol: HTTP/1.1
Server: 23.57.31.217 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-57-31-217.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 81848be40229acb209d411752a6e55982e0912eb3ade455bdbb2ca5805886834

Request headers

Referer: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: Y1BKPK.c9lIaZx2uYj8JMWZye_vJfrh9
Server: AmazonS3
x-amz-request-id: 76018F4BA33E2C4A
ETag: "adadfc5d7afd13e353d9d52cec1c7827"
Content-Type: application/javascript
Cache-Control: max-age=23978
Date: Tue, 22 Jan 2019 20:17:27 GMT
Connection: keep-alive
Content-Length: 294
x-amz-id-2: ZHJPIc6LfvfTaQoKKYPDCxge35g03DvFL+qIneW3qA5xkzd+wbcxxrV6vJKhS62zNanSuZTQcj4=

POST
H/1.1 204
No Content event Show response
logx.optimizely.com/log/ 0
350 B 516ms
125ms XHR
text/plain 54.164.74.111
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/log/event
Requested by: Host: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Cadastro01_files/8148824632.js.download
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.164.74.111 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-164-74-111.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR
Origin: http://codigopromouber.serveftp.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 22 Jan 2019 20:17:26 GMT
Content-Type: text/plain
Access-Control-Allow-Origin: http://codigopromouber.serveftp.com
Access-Control-Expose-Headers: X-Results-Data-Source
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-Request-Id: a4a42961-dc15-4655-9b33-f972872f7b93

GET
H/1.1 200
OK a745050198.html Show response
codigopromouber.serveftp.com/Cadastro01_files/ Frame B1C7 1 KB
2 KB 166ms
49ms Document
text/html 185.35.138.220
ZYZTM

General

Check archive.org

Show headers Download Go to

Full URL: http://codigopromouber.serveftp.com/Cadastro01_files/a745050198.html
Requested by: Host: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR
Protocol: HTTP/1.1
Server: 185.35.138.220 , Netherlands, ASN62454 (ZYZTM, NL),
Reverse DNS: 185-35-138-220.v4.as62454.net
Software: Apache/2.2.15 (CentOS) /
Resource Hash: b18d4b1155f7375a9be1a8119f01aa060f04213185e220b38b61b70d5c0a1e6a

Request headers

Host: codigopromouber.serveftp.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR
Accept-Encoding: gzip, deflate
Cookie: optimizelyEndUserId=oeu1548188245972r0.9042295837980376
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR

Response headers

Date: Tue, 22 Jan 2019 20:17:26 GMT
Server: Apache/2.2.15 (CentOS)
Last-Modified: Thu, 26 Apr 2018 06:42:44 GMT
ETag: "6030e-5d7-56abab1dc0100"
Accept-Ranges: bytes
Content-Length: 1495
Connection: close
Content-Type: text/html; charset=UTF-8

GET 2593.js
script.crazyegg.com/pages/scripts/0051/ 0
0

GET utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 0
0

GET
H/1.1 200
OK a745050198(1).html Show response
codigopromouber.serveftp.com/Cadastro01_files/ Frame 49E4 1 KB
2 KB 2739ms
40ms Document
text/html 185.35.138.220
ZYZTM

General

Check archive.org

Show headers Download Go to

Full URL: http://codigopromouber.serveftp.com/Cadastro01_files/a745050198(1).html
Requested by: Host: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR
Protocol: HTTP/1.1
Server: 185.35.138.220 , Netherlands, ASN62454 (ZYZTM, NL),
Reverse DNS: 185-35-138-220.v4.as62454.net
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 774960082f36c0f1fc4f801743efcf9771fa5fe86a238d9e2b6581fa6e86e6c0

Request headers

Host: codigopromouber.serveftp.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR
Accept-Encoding: gzip, deflate
Cookie: optimizelyEndUserId=oeu1548188245972r0.9042295837980376
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR

Response headers

Date: Tue, 22 Jan 2019 20:17:28 GMT
Server: Apache/2.2.15 (CentOS)
Last-Modified: Thu, 26 Apr 2018 06:42:44 GMT
ETag: "6030d-5fb-56abab1dc0100"
Accept-Ranges: bytes
Content-Length: 1531
Connection: close
Content-Type: text/html; charset=UTF-8

GET
H2

200

/
www.google.de/pagead/1p-conversion/942245433/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/942245433/?random=323652908&cv=8&fst=*&num=1&label=O28UCPjZ6V4QuYymwQM&bg=ffffff&hl=en&guid=ON&eid=27391102%2C659235991%2C659245991&...
https://www.google.com/pagead/1p-conversion/942245433/?random=323652908&cv=8&fst=*&num=1&label=O28UCPjZ6V4QuYymwQM&bg=ffffff&hl=en&guid=ON&eid=27391102%2C659235991%2C659245991&u_h=640&u_w=360&u_ah=...
https://www.google.de/pagead/1p-conversion/942245433/?random=323652908&cv=8&fst=*&num=1&label=O28UCPjZ6V4QuYymwQM&bg=ffffff&hl=en&guid=ON&eid=27391102%2C659235991%2C659245991&u_h=640&u_w=360&u_ah=6...

42 B
109 B

30ms
29ms

Image
image/gif

2a00:1450:4001:819::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/942245433/?random=323652908&cv=8&fst=*&num=1&label=O28UCPjZ6V4QuYymwQM&bg=ffffff&hl=en&guid=ON&eid=27391102%2C659235991%2C659245991&u_h=640&u_w=360&u_ah=640&u_aw=360&u_cd=24&u_his=3&u_tz=-180&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=https://get.uber.com/app-signup-success%3Fsignup_type%3Dorganic&ref=https://get.uber.com/new-signup/&tiba=Voc%C3%AA%20est%C3%A1%20pronto%20para%20a%20viagem!&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&cdct=2&is_vtc=1&jaid=AJHaeXIpZvA7TjwTSQVae21QYorFBrkaI76y8swKPTsCJgccaiGf&ocp_id=kynXWd_oLpOKxgS_1aagCw&random=27455398&ipr=y

Requested by

Host: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:819::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Jan 2019 20:17:53 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 22 Jan 2019 20:17:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/pagead/1p-conversion/942245433/?random=323652908&cv=8&fst=*&num=1&label=O28UCPjZ6V4QuYymwQM&bg=ffffff&hl=en&guid=ON&eid=27391102%2C659235991%2C659245991&u_h=640&u_w=360&u_ah=640&u_aw=360&u_cd=24&u_his=3&u_tz=-180&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=https://get.uber.com/app-signup-success%3Fsignup_type%3Dorganic&ref=https://get.uber.com/new-signup/&tiba=Voc%C3%AA%20est%C3%A1%20pronto%20para%20a%20viagem!&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&cdct=2&is_vtc=1&jaid=AJHaeXIpZvA7TjwTSQVae21QYorFBrkaI76y8swKPTsCJgccaiGf&ocp_id=kynXWd_oLpOKxgS_1aagCw&random=27455398&ipr=y
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/947969594/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947969594/?random=186849863&cv=8&fst=*&num=1&label=2c3uCJPR6V4QuryDxAM&bg=ffffff&hl=en&guid=ON&eid=27391102%2C659235991%2C659245991&...
https://www.google.com/pagead/1p-conversion/947969594/?random=186849863&cv=8&fst=*&num=1&label=2c3uCJPR6V4QuryDxAM&bg=ffffff&hl=en&guid=ON&eid=27391102%2C659235991%2C659245991&u_h=640&u_w=360&u_ah=...
https://www.google.de/pagead/1p-conversion/947969594/?random=186849863&cv=8&fst=*&num=1&label=2c3uCJPR6V4QuryDxAM&bg=ffffff&hl=en&guid=ON&eid=27391102%2C659235991%2C659245991&u_h=640&u_w=360&u_ah=6...

42 B
109 B

20ms
20ms

Image
image/gif

2a00:1450:4001:819::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/947969594/?random=186849863&cv=8&fst=*&num=1&label=2c3uCJPR6V4QuryDxAM&bg=ffffff&hl=en&guid=ON&eid=27391102%2C659235991%2C659245991&u_h=640&u_w=360&u_ah=640&u_aw=360&u_cd=24&u_his=3&u_tz=-180&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=https://get.uber.com/app-signup-success%3Fsignup_type%3Dorganic&ref=https://get.uber.com/new-signup/&tiba=Voc%C3%AA%20est%C3%A1%20pronto%20para%20a%20viagem!&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&cdct=2&is_vtc=1&jaid=AJHaeXIpZvA7TjwTSQVae21QYorFBrkaI76y8swKPTsCJgccaiGf&ocp_id=kynXWc3eL4qZxASZnZOQCg&random=3458861503&ipr=y

Requested by

Host: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:819::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Jan 2019 20:17:53 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 22 Jan 2019 20:17:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/pagead/1p-conversion/947969594/?random=186849863&cv=8&fst=*&num=1&label=2c3uCJPR6V4QuryDxAM&bg=ffffff&hl=en&guid=ON&eid=27391102%2C659235991%2C659245991&u_h=640&u_w=360&u_ah=640&u_aw=360&u_cd=24&u_his=3&u_tz=-180&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=https://get.uber.com/app-signup-success%3Fsignup_type%3Dorganic&ref=https://get.uber.com/new-signup/&tiba=Voc%C3%AA%20est%C3%A1%20pronto%20para%20a%20viagem!&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&cdct=2&is_vtc=1&jaid=AJHaeXIpZvA7TjwTSQVae21QYorFBrkaI76y8swKPTsCJgccaiGf&ocp_id=kynXWc3eL4qZxASZnZOQCg&random=3458861503&ipr=y
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/952029224/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/952029224/?random=2034825767&cv=8&fst=*&num=1&label=U9M8CN_S-2AQqKD7xQM&bg=ffffff&hl=en&guid=ON&eid=27391102%2C659235991%2C659245991...
https://www.google.com/pagead/1p-conversion/952029224/?random=2034825767&cv=8&fst=*&num=1&label=U9M8CN_S-2AQqKD7xQM&bg=ffffff&hl=en&guid=ON&eid=27391102%2C659235991%2C659245991&u_h=640&u_w=360&u_ah...
https://www.google.de/pagead/1p-conversion/952029224/?random=2034825767&cv=8&fst=*&num=1&label=U9M8CN_S-2AQqKD7xQM&bg=ffffff&hl=en&guid=ON&eid=27391102%2C659235991%2C659245991&u_h=640&u_w=360&u_ah=...

42 B
109 B

29ms
29ms

Image
image/gif

2a00:1450:4001:819::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/952029224/?random=2034825767&cv=8&fst=*&num=1&label=U9M8CN_S-2AQqKD7xQM&bg=ffffff&hl=en&guid=ON&eid=27391102%2C659235991%2C659245991&u_h=640&u_w=360&u_ah=640&u_aw=360&u_cd=24&u_his=3&u_tz=-180&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=https://get.uber.com/app-signup-success%3Fsignup_type%3Dorganic&ref=https://get.uber.com/new-signup/&tiba=Voc%C3%AA%20est%C3%A1%20pronto%20para%20a%20viagem!&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&cdct=2&is_vtc=1&jaid=AJHaeXIpZvA7TjwTSQVae21QYorFBrkaI76y8swKPTsCJgccaiGf&ocp_id=kynXWe3nL5WaxATH7rroCw&random=1846218078&ipr=y

Requested by

Host: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:819::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Jan 2019 20:17:53 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 22 Jan 2019 20:17:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/pagead/1p-conversion/952029224/?random=2034825767&cv=8&fst=*&num=1&label=U9M8CN_S-2AQqKD7xQM&bg=ffffff&hl=en&guid=ON&eid=27391102%2C659235991%2C659245991&u_h=640&u_w=360&u_ah=640&u_aw=360&u_cd=24&u_his=3&u_tz=-180&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=https://get.uber.com/app-signup-success%3Fsignup_type%3Dorganic&ref=https://get.uber.com/new-signup/&tiba=Voc%C3%AA%20est%C3%A1%20pronto%20para%20a%20viagem!&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&cdct=2&is_vtc=1&jaid=AJHaeXIpZvA7TjwTSQVae21QYorFBrkaI76y8swKPTsCJgccaiGf&ocp_id=kynXWe3nL5WaxATH7rroCw&random=1846218078&ipr=y
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/975102964/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/975102964/?random=936493857&cv=8&fst=*&num=1&label=zzd3CMjwglsQ9Mf70AM&bg=ffffff&hl=en&guid=ON&eid=27391102%2C659235991%2C659245991&...
https://www.google.com/pagead/1p-conversion/975102964/?random=936493857&cv=8&fst=*&num=1&label=zzd3CMjwglsQ9Mf70AM&bg=ffffff&hl=en&guid=ON&eid=27391102%2C659235991%2C659245991&u_h=640&u_w=360&u_ah=...
https://www.google.de/pagead/1p-conversion/975102964/?random=936493857&cv=8&fst=*&num=1&label=zzd3CMjwglsQ9Mf70AM&bg=ffffff&hl=en&guid=ON&eid=27391102%2C659235991%2C659245991&u_h=640&u_w=360&u_ah=6...

42 B
109 B

19ms
19ms

Image
image/gif

2a00:1450:4001:819::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/975102964/?random=936493857&cv=8&fst=*&num=1&label=zzd3CMjwglsQ9Mf70AM&bg=ffffff&hl=en&guid=ON&eid=27391102%2C659235991%2C659245991&u_h=640&u_w=360&u_ah=640&u_aw=360&u_cd=24&u_his=3&u_tz=-180&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=https://get.uber.com/app-signup-success%3Fsignup_type%3Dorganic&ref=https://get.uber.com/new-signup/&tiba=Voc%C3%AA%20est%C3%A1%20pronto%20para%20a%20viagem!&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&cdct=2&is_vtc=1&jaid=AJHaeXIpZvA7TjwTSQVae21QYorFBrkaI76y8swKPTsCJgccaiGf&ocp_id=kynXWeqQMI2exAThxZrYCg&random=3372110935&ipr=y

Requested by

Host: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:819::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Jan 2019 20:17:53 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 22 Jan 2019 20:17:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/pagead/1p-conversion/975102964/?random=936493857&cv=8&fst=*&num=1&label=zzd3CMjwglsQ9Mf70AM&bg=ffffff&hl=en&guid=ON&eid=27391102%2C659235991%2C659245991&u_h=640&u_w=360&u_ah=640&u_aw=360&u_cd=24&u_his=3&u_tz=-180&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=https://get.uber.com/app-signup-success%3Fsignup_type%3Dorganic&ref=https://get.uber.com/new-signup/&tiba=Voc%C3%AA%20est%C3%A1%20pronto%20para%20a%20viagem!&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&cdct=2&is_vtc=1&jaid=AJHaeXIpZvA7TjwTSQVae21QYorFBrkaI76y8swKPTsCJgccaiGf&ocp_id=kynXWeqQMI2exAThxZrYCg&random=3372110935&ipr=y
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/944002889/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/944002889/?random=1977017740&cv=8&fst=*&num=1&label=KyEZCNyM9l4Qya6RwgM&bg=ffffff&hl=en&guid=ON&eid=27391102%2C659235991%2C659245991...
https://www.google.com/pagead/1p-conversion/944002889/?random=1977017740&cv=8&fst=*&num=1&label=KyEZCNyM9l4Qya6RwgM&bg=ffffff&hl=en&guid=ON&eid=27391102%2C659235991%2C659245991&u_h=640&u_w=360&u_ah...
https://www.google.de/pagead/1p-conversion/944002889/?random=1977017740&cv=8&fst=*&num=1&label=KyEZCNyM9l4Qya6RwgM&bg=ffffff&hl=en&guid=ON&eid=27391102%2C659235991%2C659245991&u_h=640&u_w=360&u_ah=...

42 B
109 B

20ms
19ms

Image
image/gif

2a00:1450:4001:819::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/944002889/?random=1977017740&cv=8&fst=*&num=1&label=KyEZCNyM9l4Qya6RwgM&bg=ffffff&hl=en&guid=ON&eid=27391102%2C659235991%2C659245991&u_h=640&u_w=360&u_ah=640&u_aw=360&u_cd=24&u_his=3&u_tz=-180&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=https://get.uber.com/app-signup-success%3Fsignup_type%3Dorganic&ref=https://get.uber.com/new-signup/&tiba=Voc%C3%AA%20est%C3%A1%20pronto%20para%20a%20viagem!&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&cdct=2&is_vtc=1&jaid=AJHaeXIpZvA7TjwTSQVae21QYorFBrkaI76y8swKPTsCJgccaiGf&ebcid=ALh7CaRQ8pjy6D7KcMFEanoLdeAzHysqEKDcPA9JgYyUxp9oANqBndFQRQE_SPe-sv6sSxTdFn4Nn0z3JbqaAHcKAE3SFMy1nw&ocp_id=kynXWdC3MM-VxAS2qIzADQ&random=1390318268&ipr=y

Requested by

Host: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:819::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Jan 2019 20:17:53 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 22 Jan 2019 20:17:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/pagead/1p-conversion/944002889/?random=1977017740&cv=8&fst=*&num=1&label=KyEZCNyM9l4Qya6RwgM&bg=ffffff&hl=en&guid=ON&eid=27391102%2C659235991%2C659245991&u_h=640&u_w=360&u_ah=640&u_aw=360&u_cd=24&u_his=3&u_tz=-180&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=https://get.uber.com/app-signup-success%3Fsignup_type%3Dorganic&ref=https://get.uber.com/new-signup/&tiba=Voc%C3%AA%20est%C3%A1%20pronto%20para%20a%20viagem!&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&cdct=2&is_vtc=1&jaid=AJHaeXIpZvA7TjwTSQVae21QYorFBrkaI76y8swKPTsCJgccaiGf&ebcid=ALh7CaRQ8pjy6D7KcMFEanoLdeAzHysqEKDcPA9JgYyUxp9oANqBndFQRQE_SPe-sv6sSxTdFn4Nn0z3JbqaAHcKAE3SFMy1nw&ocp_id=kynXWdC3MM-VxAS2qIzADQ&random=1390318268&ipr=y
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK activityi.html Show response
codigopromouber.serveftp.com/Cadastro01_files/ Frame 8528 396 B
665 B 1087ms
42ms Document
text/html 185.35.138.220
ZYZTM

General

Check archive.org

Show headers Download Go to

Full URL: http://codigopromouber.serveftp.com/Cadastro01_files/activityi.html
Requested by: Host: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR
Protocol: HTTP/1.1
Server: 185.35.138.220 , Netherlands, ASN62454 (ZYZTM, NL),
Reverse DNS: 185-35-138-220.v4.as62454.net
Software: Apache/2.2.15 (CentOS) /
Resource Hash: afc5cc1d3da072245c1bba0dba23b3b2130f9c302c4c7dcbe08934aaf8271a1c

Request headers

Host: codigopromouber.serveftp.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR

Response headers

Date: Tue, 22 Jan 2019 20:17:54 GMT
Server: Apache/2.2.15 (CentOS)
Last-Modified: Thu, 26 Apr 2018 06:42:44 GMT
ETag: "60310-18c-56abab1dc0100"
Accept-Ranges: bytes
Content-Length: 396
Connection: close
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK activityi(1).html Show response
codigopromouber.serveftp.com/Cadastro01_files/ Frame 9334 399 B
668 B 1180ms
45ms Document
text/html 185.35.138.220
ZYZTM

General

Check archive.org

Show headers Download Go to

Full URL: http://codigopromouber.serveftp.com/Cadastro01_files/activityi(1).html
Requested by: Host: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR
Protocol: HTTP/1.1
Server: 185.35.138.220 , Netherlands, ASN62454 (ZYZTM, NL),
Reverse DNS: 185-35-138-220.v4.as62454.net
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 92529afc08bf63f0987f45fcf4fa6c268e1bf8dff54eac9d5d27e48513309a26

Request headers

Host: codigopromouber.serveftp.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://codigopromouber.serveftp.com/Uber.html?PromoUber=0RI7UD5UUAR

Response headers

Date: Tue, 22 Jan 2019 20:17:54 GMT
Server: Apache/2.2.15 (CentOS)
Last-Modified: Thu, 26 Apr 2018 06:42:44 GMT
ETag: "6030f-18f-56abab1dc0100"
Accept-Ranges: bytes
Content-Length: 399
Connection: close
Content-Type: text/html; charset=UTF-8

GET dest5.html
codigopromouber.serveftp.com/Cadastro01_files/ Frame 90EA 0
0

GET pixel.html
codigopromouber.serveftp.com/Cadastro01_files/ Frame F747 0
0

GET
H/1.1 200
OK 1477347860-pattern.png
d1a3f4spazzrp4.cloudfront.net/chameleon/cms/uploads/2016/10/24/ 17 KB
17 KB 1084ms
16ms Image
image/png 13.32.222.188
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1a3f4spazzrp4.cloudfront.net/chameleon/cms/uploads/2016/10/24/1477347860-pattern.png
Requested by: Host: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Cadastro01_files/8148824632.js.download
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.32.222.188 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-32-222-188.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c963a9aeac483dc22ef96c3d0ccf451119c0034fea99e0557ce1d12da80a0fa0

Request headers

Referer: http://codigopromouber.serveftp.com/Cadastro01_files/new-sign-up.458a0c8ef6cc46b42de1ab885b9f5574.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 09 Aug 2017 09:26:31 GMT
Via: 1.1 9be2d2d7560f88bdc5d5a3a94863566a.cloudfront.net (CloudFront)
Last-Modified: Mon, 24 Oct 2016 22:24:22 GMT
Server: AmazonS3
Age: 44157
ETag: "46c1ae1dd72137e7e701b895eec6e1f8"
X-Cache: Hit from cloudfront
x-amz-version-id: 7f3duUFAw.DLwbr82l4mbpxpe9jXiG6s
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 16922
X-Amz-Cf-Id: 0IRlcSndQuL1BQuFhFsGYaw5aXuQASIcLXHLd3Y5PV1COYo5bkgXKQ==

GET
H/1.1 200
OK app-store-dark@1x.845106acef455df8154f2d2630fa4311.gif
d1a3f4spazzrp4.cloudfront.net/free-candy/images/ 7 KB
7 KB 1097ms
12ms Image
image/gif 13.32.222.188
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1a3f4spazzrp4.cloudfront.net/free-candy/images/app-store-dark@1x.845106acef455df8154f2d2630fa4311.gif
Requested by: Host: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Cadastro01_files/8148824632.js.download
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.32.222.188 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-32-222-188.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 31d22d1527a65cec4d9193ec8998ae60af96484dc2e7fc97cc7a5d6d317233a1

Request headers

Referer: http://codigopromouber.serveftp.com/Cadastro01_files/new-sign-up.458a0c8ef6cc46b42de1ab885b9f5574.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 07 Dec 2018 18:16:42 GMT
Via: 1.1 9be2d2d7560f88bdc5d5a3a94863566a.cloudfront.net (CloudFront)
ETag: "845106acef455df8154f2d2630fa4311"
Last-Modified: Tue, 11 Sep 2018 17:27:17 GMT
Server: AmazonS3
Age: 3981673
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-version-id: gPujiwlAsev1v7depDluMZo4qxyNbvwX
Cache-Control: max-age=31556926
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 6807
X-Amz-Cf-Id: H_7_Hnui0p_FslywCOD_YU97hunAqJMR0RKwD7Efa9qMkGbT7Ob4Aw==

GET
H/1.1 200
OK google-play-dark@1x.be49d130ae701039b440d078cd8010fc.gif
d1a3f4spazzrp4.cloudfront.net/free-candy/images/ 7 KB
7 KB 1109ms
9ms Image
image/gif 13.32.222.188
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1a3f4spazzrp4.cloudfront.net/free-candy/images/google-play-dark@1x.be49d130ae701039b440d078cd8010fc.gif
Requested by: Host: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Cadastro01_files/8148824632.js.download
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.32.222.188 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-32-222-188.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9922d6aa6f50820ebf033a8c07448c52a4ff84036ca29e666715ce34c05a4cc7

Request headers

Referer: http://codigopromouber.serveftp.com/Cadastro01_files/new-sign-up.458a0c8ef6cc46b42de1ab885b9f5574.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 17 Nov 2018 17:08:07 GMT
Via: 1.1 9be2d2d7560f88bdc5d5a3a94863566a.cloudfront.net (CloudFront)
ETag: "be49d130ae701039b440d078cd8010fc"
Last-Modified: Tue, 11 Sep 2018 17:29:31 GMT
Server: AmazonS3
Age: 5713788
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-version-id: tA4UZ5h3nRQz40iWcFMdFYIlTpf1aEax
Cache-Control: max-age=31556926
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 6849
X-Amz-Cf-Id: mY-ZaghJty3Xk9_cbTixne2dtpHpGt5CuEEHcOAOqQi80eovIzeyvw==

GET
H/1.1 200
OK windows_badge.b45f62d479d725115eb1aba94978fa6e.png
d1a3f4spazzrp4.cloudfront.net/free-candy/images/ 8 KB
8 KB 1067ms
9ms Image
image/png 13.32.222.188
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1a3f4spazzrp4.cloudfront.net/free-candy/images/windows_badge.b45f62d479d725115eb1aba94978fa6e.png
Requested by: Host: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Cadastro01_files/8148824632.js.download
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.32.222.188 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-32-222-188.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e2d191f5376da1ec87e0032396674fc1573fca2391313241007372ace45bedef

Request headers

Referer: http://codigopromouber.serveftp.com/Cadastro01_files/new-sign-up.458a0c8ef6cc46b42de1ab885b9f5574.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 17 Nov 2018 17:08:08 GMT
Via: 1.1 9be2d2d7560f88bdc5d5a3a94863566a.cloudfront.net (CloudFront)
ETag: "b45f62d479d725115eb1aba94978fa6e"
Last-Modified: Tue, 11 Sep 2018 17:29:31 GMT
Server: AmazonS3
Age: 5713787
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-version-id: hGEN.iCu0eWp26lkVSkuzpRx9g_fzxjr
Cache-Control: max-age=31556926
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 8055
X-Amz-Cf-Id: QU_xwZaAiekQPpv-La3qd5p4NcieK-iBIWNThNNXSKGZzYtiPQ5EAg==

GET
DATA 200
OK truncated
/ 32 KB
0 Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 323096575cb514f494901242ac7526db5e1970e0959b85b3603e0987559047e1

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://codigopromouber.serveftp.com/Cadastro01_files/superfine(1).css
Origin: http://codigopromouber.serveftp.com

Response headers

Content-Type: application/font-woff

GET
DATA 200
OK truncated
/ 31 KB
0 Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf7ddec2bffa6786ccd5f8f19e9f5624bcc20a3d7ca46766377405549d63d798

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://codigopromouber.serveftp.com/Cadastro01_files/superfine(1).css
Origin: http://codigopromouber.serveftp.com

Response headers

Content-Type: application/font-woff

GET
DATA 200
OK truncated
/ 27 KB
0 Font
application/octet-stream

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6445409d8b440d3ae78c0c1a3a4951aefe5c72c243ccec24f39ac52c13ad120

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://codigopromouber.serveftp.com/Cadastro01_files/uber-icons.css
Origin: http://codigopromouber.serveftp.com

Response headers

Content-Type: application/octet-stream

GET s
gtrk.s3.amazonaws.com/ 0
0

GET u
gtrk.s3.amazonaws.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Cadastro01_files/linkid.js.download

Domain: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Cadastro01_files/ec.js.download

Domain: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Cadastro01_files/fbevents.js.download

Domain: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Cadastro01_files/analytics.js.download

Domain: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Cadastro01_files/utag.js.download

Domain: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Cadastro01_files/geo2.js.download

Domain: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Cadastro01_files/utag.44.js.download

Domain: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Cadastro01_files/utag.3.js.download

Domain: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Cadastro01_files/utag.42.js.download

Domain: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Cadastro01_files/utag.88.js.download

Domain: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Cadastro01_files/utag.153.js.download

Domain: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Cadastro01_files/utag.185.js.download

Domain: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Cadastro01_files/utag.186.js.download

Domain: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Cadastro01_files/utag.191.js.download

Domain: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Cadastro01_files/utag.192.js.download

Domain: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Cadastro01_files/utag.557.js.download

Domain: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Cadastro01_files/utag.590.js.download

Domain: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Cadastro01_files/utag.600.js.download

Domain: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Cadastro01_files/utag.603.js.download

Domain: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Cadastro01_files/utag.606.js.download

Domain: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Cadastro01_files/utag.609.js.download

Domain: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Cadastro01_files/utag.627.js.download

Domain: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Cadastro01_files/utag.650.js.download

Domain: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Cadastro01_files/utag.651.js.download

Domain: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Cadastro01_files/utag.667.js.download

Domain: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Cadastro01_files/utag.727.js.download

Domain: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Cadastro01_files/utag.756.js.download

Domain: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Cadastro01_files/utag.830.js.download

Domain: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Cadastro01_files/utag.871.js.download

Domain: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Cadastro01_files/utag.875.js.download

Domain: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Cadastro01_files/utag.880.js.download

Domain: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Cadastro01_files/utag.886.js.download

Domain: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Cadastro01_files/utag.887.js.download

Domain: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Cadastro01_files/utag.889.js.download

Domain: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Cadastro01_files/utag.891.js.download

Domain: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Cadastro01_files/utag.896.js.download

Domain: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Cadastro01_files/utag.910.js.download

Domain: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Cadastro01_files/utag.945.js.download

Domain: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Cadastro01_files/utag.1001.js.download

Domain: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Cadastro01_files/utag.1016.js.download

Domain: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Cadastro01_files/utag.1017.js.download

Domain: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Cadastro01_files/utag.1018.js.download

Domain: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Cadastro01_files/utag.1048.js.download

Domain: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Cadastro01_files/utag.1039.js.download

Domain: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Cadastro01_files/utag.1051.js.download

Domain: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Cadastro01_files/1477428567-confirmation.png

Domain: www.googleadservices.com
URL: file://www.googleadservices.com/pagead/conversion_async.js

Domain: connect.facebook.net
URL: file://connect.facebook.net/en_US/fbevents.js

Domain: script.crazyegg.com
URL: file://script.crazyegg.com/pages/scripts/0051/2593.js?

Domain: tags.tiqcdn.com
URL: file://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=uber/main/201710051506&cb=1524721337777

Domain: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Cadastro01_files/dest5.html

Domain: codigopromouber.serveftp.com
URL: http://codigopromouber.serveftp.com/Cadastro01_files/pixel.html

Domain: gtrk.s3.amazonaws.com
URL: https://gtrk.s3.amazonaws.com/s?u=512593&t=plr1pt

Domain: gtrk.s3.amazonaws.com
URL: https://gtrk.s3.amazonaws.com/u?u=512593&t=plr1pt

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Uber (Transportation)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a745050198.cdn.optimizely.com
cdn3.optimizely.com
codigopromouber.serveftp.com
connect.facebook.net
cyhxiiqhoxstzzz5qdmmna7vvsxdqwacv.viajando2019.link
d1a3f4spazzrp4.cloudfront.net
googleads.g.doubleclick.net
gtrk.s3.amazonaws.com
logx.optimizely.com
script.crazyegg.com
tags.tiqcdn.com
www.google.com
www.google.de
www.googleadservices.com
codigopromouber.serveftp.com
connect.facebook.net
gtrk.s3.amazonaws.com
script.crazyegg.com
tags.tiqcdn.com
www.googleadservices.com
104.111.230.50
13.32.222.188
185.35.138.220
23.57.31.217
2a00:1450:4001:816::2002
2a00:1450:4001:819::2003
2a00:1450:4001:824::2004
54.164.74.111
75.126.100.5
02074b105554ed6372d37efd4285403cbe057fd20f7d4655fe7a7d30d633c2f9
15c3836ffde6614f077aab77a4aac379d094fc28b8d26eb56df83f11cfc640b7
2c3c7e82f15a16c6db0cf3c333bb90b9ec44f8beeca567bb8adf3c835b524253
31d22d1527a65cec4d9193ec8998ae60af96484dc2e7fc97cc7a5d6d317233a1
323096575cb514f494901242ac7526db5e1970e0959b85b3603e0987559047e1
38dbd089b62a7670bd19e189fee5beb972d1f8f22b2d88bbfd2fe0c2ea9871b7
3eda57e084ed07eaf16c11a85661b4effa36496fda8ce4642be5792682c11e08
6a21ce78d598b5493222a6b40878169ca50d0ba7718b290ebf895e9660b4ff0e
75c3c9f502e8262736018cd82d0ab9c3edfbcf22ec1e5621446426a49b9f6037
774960082f36c0f1fc4f801743efcf9771fa5fe86a238d9e2b6581fa6e86e6c0
81848be40229acb209d411752a6e55982e0912eb3ade455bdbb2ca5805886834
92529afc08bf63f0987f45fcf4fa6c268e1bf8dff54eac9d5d27e48513309a26
9922d6aa6f50820ebf033a8c07448c52a4ff84036ca29e666715ce34c05a4cc7
a7f726d10cee2ae1e1c1d37bc1a781a5703e4c99a67ad74cbd45e64c24bdf5f8
acf8385a5c6c6cad6c38eb47b2f8742776d42510feedd49179de3ea2fa0d83da
afc5cc1d3da072245c1bba0dba23b3b2130f9c302c4c7dcbe08934aaf8271a1c
b18d4b1155f7375a9be1a8119f01aa060f04213185e220b38b61b70d5c0a1e6a
b6445409d8b440d3ae78c0c1a3a4951aefe5c72c243ccec24f39ac52c13ad120
bf7ddec2bffa6786ccd5f8f19e9f5624bcc20a3d7ca46766377405549d63d798
c14f704d2645913f0c66d00fd796f468bd537f0955c261b034be0c34fae395fd
c963a9aeac483dc22ef96c3d0ccf451119c0034fea99e0557ce1d12da80a0fa0
ca9b172f930b31b86be530254bde335da8e8ac9dafa1995b5c59dae1e533f401
cbc532210e14fe216bb4fdda45ab0326ca802cbb80c0fd35507b028ec6b74880
e2d191f5376da1ec87e0032396674fc1573fca2391313241007372ace45bedef
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea640c4409699cb665986b917be11cce62c139ff1f06fd82928d1da675db6389
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f00ce087574a0ced9b500bc9b51dfc963c51de7db933c2e99b9ed895cdb7c74e
fdadbe736abb9d50d6edc912fa134f1c8c18caeb7e6663157b4247488568dc43

codigopromouber.serveftp.com Open in urlscan Pro 185.35.138.220 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

85 Requests

13 %HTTPS

33 %IPv6

12 Domains

14 Subdomains

7 IPs

3 Countries

1123 kBTransfer

1204 kBSize

0 Cookies

3 Outgoing links

Page URL History

Redirected requests

85 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

codigopromouber.serveftp.com Open in urlscan Pro
185.35.138.220 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

85
Requests

13 %
HTTPS

33 %
IPv6

12
Domains

14
Subdomains

7
IPs

3
Countries

1123 kB
Transfer

1204 kB
Size

0
Cookies

85 HTTP transactions
3 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!