urlscan.io logo urlscan.io
SecurityTrails logo

promocoesdejulho.com Open in urlscan Pro
74.220.207.113  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://promocoesdejulho.com/identificacao.php
Submission: On July 10 via automatic, source phishtank
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 25 IPs in 4 countries across 24 domains to perform 53 HTTP transactions. The main IP is 74.220.207.113, located in Orem, United States and belongs to UNIFIEDLAYER-AS-1 - Unified Layer, US. The main domain is promocoesdejulho.com.
This is the only time promocoesdejulho.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic (Online)

Domain & IP information

IP Address AS Autonomous System
1 74.220.207.113 46606 (UNIFIEDLA...)
14 54.192.48.156 16509 (AMAZON-02)
7 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f12... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 54.192.48.99 16509 (AMAZON-02)
1 54.192.48.173 16509 (AMAZON-02)
1 186.202.41.27 27715 (Locaweb S...)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.84.26.10 16509 (AMAZON-02)
3 54.192.48.217 16509 (AMAZON-02)
1 198.232.124.194 54104 (AS-NETDNA)
2 2400:cb00:204... 13335 (CLOUDFLAR...)
1 2a00:1450:401... 15169 (GOOGLE)
1 52.92.74.10 16509 (AMAZON-02)
1 52.84.32.24 16509 (AMAZON-02)
1 52.1.175.11 14618 (AMAZON-AES)
1 94.31.29.249 54104 (AS-NETDNA)
1 52.84.26.230 16509 (AMAZON-02)
2 54.209.11.116 14618 (AMAZON-AES)
1 151.101.112.207 54113 (FASTLY)
1 34.206.236.237 14618 (AMAZON-AES)
1 50.31.164.175 23467 (NEWRELIC-...)
53 25
1    74.220.207.113 (Orem, United States)

ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US)
PTR: host113.hostmonster.com
promocoesdejulho.com
14    54.192.48.156 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-192-48-156.jfk5.r.cloudfront.net
d25zlb44gqlazw.cloudfront.net
7    2a00:1450:4001:814::200e (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
apis.google.com
www.youtube.com
www.google-analytics.com
s.ytimg.com
2    2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.com
www.facebook.com
1    2a00:1450:4001:814::2008 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
www.googletagmanager.com
1    54.192.48.99 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-192-48-99.jfk5.r.cloudfront.net
d25zlb44gqlazw.cloudfront.net
1    54.192.48.173 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-192-48-173.jfk5.r.cloudfront.net
px.bob-recs.com
1    186.202.41.27 (Brazil)

ASN27715 (Locaweb Serviços de Internet S/A, BR)
i.btg360.com.br
2    2a03:2880:f01b:5:face:b00c:0:1 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
1    2a00:1450:4001:814::2003 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
www.gstatic.com
1    52.84.26.10 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-84-26-10.ewr50.r.cloudfront.net
d1dhh18vvfes41.cloudfront.net
3    54.192.48.217 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-192-48-217.jfk5.r.cloudfront.net
static.chaordicsystems.com
1    198.232.124.194 (Los Angeles, United States)

ASN54104 (AS-NETDNA - netDNA, US)
PTR: 194-124-232-198.static.unitasglobal.net
static.hotjar.com
2    2400:cb00:2048:1::6818:1a56 (United States)

ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)
plugins.soclminer.com.br
api.soclminer.com.br
1    2a00:1450:401b:801::2003 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
www.google.de
1    52.92.74.10 (Sao Paulo, Brazil)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-sa-east-1.amazonaws.com
s3-sa-east-1.amazonaws.com
1    52.84.32.24 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-84-32-24.ewr50.r.cloudfront.net
script.crazyegg.com
1    52.1.175.11 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-1-175-11.compute-1.amazonaws.com
log.dmtry.com
1    94.31.29.249 (United Kingdom)

ASN54104 (AS-NETDNA - netDNA, US)
PTR: 94.31.29.249.IPYX-077437-ZYO.above.net
script.hotjar.com
1    52.84.26.230 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-84-26-230.ewr50.r.cloudfront.net
www.magazineluiza.com.br
2    54.209.11.116 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-209-11-116.compute-1.amazonaws.com
onsite.chaordicsystems.com
1    151.101.112.207 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
js-agent.newrelic.com
1    34.206.236.237 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-206-236-237.compute-1.amazonaws.com
beacon.luizalabs.com
1    50.31.164.175 (Chicago, United States)

ASN23467 (NEWRELIC-AS-1 - New Relic, US)
PTR: bam-5.nr-data.net
bam.nr-data.net
Domain Requested by
15 d25zlb44gqlazw.cloudfront.net promocoesdejulho.com
d25zlb44gqlazw.cloudfront.net
3 www.google-analytics.com promocoesdejulho.com
www.google-analytics.com
3 static.chaordicsystems.com promocoesdejulho.com
static.chaordicsystems.com
2 onsite.chaordicsystems.com static.chaordicsystems.com
2 connect.facebook.net promocoesdejulho.com
connect.facebook.net
2 apis.google.com promocoesdejulho.com
apis.google.com
1 api.soclminer.com.br plugins.soclminer.com.br
1 bam.nr-data.net js-agent.newrelic.com
1 beacon.luizalabs.com d1dhh18vvfes41.cloudfront.net
1 js-agent.newrelic.com promocoesdejulho.com
1 www.magazineluiza.com.br promocoesdejulho.com
1 www.facebook.com promocoesdejulho.com
1 s.ytimg.com www.youtube.com
1 script.hotjar.com static.hotjar.com
1 log.dmtry.com promocoesdejulho.com
1 script.crazyegg.com promocoesdejulho.com
1 s3-sa-east-1.amazonaws.com promocoesdejulho.com
1 www.google.de promocoesdejulho.com
1 plugins.soclminer.com.br promocoesdejulho.com
1 static.hotjar.com promocoesdejulho.com
1 d1dhh18vvfes41.cloudfront.net promocoesdejulho.com
1 www.youtube.com promocoesdejulho.com
1 www.gstatic.com www.googletagmanager.com
1 i.btg360.com.br www.googletagmanager.com
1 px.bob-recs.com www.googletagmanager.com
1 www.googletagmanager.com promocoesdejulho.com
1 connect.facebook.com promocoesdejulho.com
1 promocoesdejulho.com
0 vars.hotjar.com Failed static.hotjar.com
0 6590300.fls.doubleclick.net Failed promocoesdejulho.com
0 accounts.google.com Failed apis.google.com
53 31

This site contains links to these domains. Also see Links.

Domain
www.internetsegura.org
www.certisign.com.br
Subject Issuer Validity Valid
*.cloudfront.net
Symantec Class 3 Secure Server CA - G4		 2016-10-26 -
2017-12-17		 a year crt.sh
*.apis.google.com
Google Internet Authority G2		 2017-06-28 -
2017-09-20		 3 months crt.sh
*.google.com
Google Internet Authority G2		 2017-06-28 -
2017-09-20		 3 months crt.sh
ssl377872.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2017-05-26 -
2017-12-02		 6 months crt.sh
*.google-analytics.com
Google Internet Authority G2		 2017-06-28 -
2017-09-20		 3 months crt.sh
*.s3-sa-east-1.amazonaws.com
DigiCert Baltimore CA-2 G2		 2016-07-18 -
2017-10-26		 a year crt.sh
*.hotjar.com
Gandi Standard SSL CA 2		 2015-10-23 -
2018-11-16		 3 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2016-12-09 -
2018-01-25		 a year crt.sh
*.magazineluiza.com.br
COMODO RSA Domain Validation Secure Server CA		 2015-11-18 -
2018-08-19		 3 years crt.sh

This page contains 5 frames:

Primary Page: http://promocoesdejulho.com/identificacao.php
Frame ID: 5440.1
Requests: 49 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fpromocoesdejulho.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.SjYoAeIk6aA.O%2Fm%3D__features__%2Fam%3DAQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMHwQIMflw-nic461NaNkk9BWeQdg
Frame ID: 5440.2
Requests: 1 HTTP requests in this frame

Frame: http://6590300.fls.doubleclick.net/activityi;dc_pre=CMmYxJfy_tQCFc-q7QodW78IxA;src=6590300;type=count0;cat=02all0;u6=http%3A%2F%2Fpromocoesdejulho.com%2Fidentificacao.php;u2=undefined;u1=undefined;u3=undefined;u4=undefined;u5=undefined;ord=1030723366157;~oref=http%3A%2F%2Fpromocoesdejulho.com%2Fidentificacao.php
Frame ID: 5440.3
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/rcj-99d43ead6bdf30da8ed5ffcb4f17100c.html
Frame ID: 5440.4
Requests: 1 HTTP requests in this frame

Frame: http://onsite.chaordicsystems.com/static/postmediator
Frame ID: 5440.6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

53
Requests

53 %
HTTPS

29 %
IPv6

24
Domains

31
Subdomains

25
IPs

4
Countries

2075 kB
Transfer

4797 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request 6
  • http://apis.google.com/js/client.js
  • https://apis.google.com/js/client.js
Request 29
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
Request 30
  • http://www.google.com/ads/user-lists/1012714216/?value=0&guid=ON&script=0&cdct=2&is_vtc=1&random=2997495182&fpvtc=/1012714216/%3Fvalue%3D0%26guid%3DON%26script%3D0%26random%3D1236243656%26cdct%3D2%...
  • http://www.google.de/ads/user-lists/1012714216/?value=0&guid=ON&script=0&cdct=2&is_vtc=1&random=2997495182&fpvtc=/1012714216/%3Fvalue%3D0%26guid%3DON%26script%3D0%26random%3D1236243656%26cdct%3D2%2...
Request 32
  • http://6590300.fls.doubleclick.net/activityi;src=6590300;type=count0;cat=02all0;u6=http%3A%2F%2Fpromocoesdejulho.com%2Fidentificacao.php;u2=undefined;u1=undefined;u3=undefined;u4=undefined;u5=undef...
  • http://6590300.fls.doubleclick.net/activityi;dc_pre=CMmYxJfy_tQCFc-q7QodW78IxA;src=6590300;type=count0;cat=02all0;u6=http%3A%2F%2Fpromocoesdejulho.com%2Fidentificacao.php;u2=undefined;u1=undefined;...
Request 34
  • http://cm.g.doubleclick.net/pixel?google_nid=adometry_cm&google_cm&google_hm=NTk2MzhhYWYuMDBlbENJLjI4YjlhYmIz
  • http://log.dmtry.com/1/1/3807/1/1/1/1.ver?at=syn&d=AdX&csync=0&google_gid=CAESEE8WJmYxRMjUH7DEJvhni-w&google_cver=1
Request 41
  • http://www.google-analytics.com/plugins/ua/ec.js
  • https://www.google-analytics.com/plugins/ua/ec.js
Request 44
  • https://rgr.bob-recs.com/pixel/?a=ping&c=magazine_ecomm
  • https://www.magazineluiza.com.br/stw/cb/?stwu=temp_717f3620-6579-11e7-b554-39d16a423ec2&stwt=1

53 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request identificacao.php
promocoesdejulho.com/ 		29 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://promocoesdejulho.com/identificacao.php
Protocol
HTTP/1.1
Server
74.220.207.113 Orem, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
host113.hostmonster.com
Software
nginx/1.12.0 /
Resource Hash
550d3278b25311e11411324e8ffe9f62e4f2752201ebe8a0a12d6a0abdbbd866

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Mon, 10 Jul 2017 14:09:50 GMT
Content-Encoding
gzip
Server
nginx/1.12.0
Connection
keep-alive
Content-Length
9447
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
structure-1-72b61a6a.css
d25zlb44gqlazw.cloudfront.net/static/css/default/ 		451 KB
52 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d25zlb44gqlazw.cloudfront.net/static/css/default/structure-1-72b61a6a.css
Requested by
Host: promocoesdejulho.com
URL: http://promocoesdejulho.com/identificacao.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.192.48.156 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-192-48-156.jfk5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
96bd7752e3b5e89fd8c938d1a986f161596aac77e8e54ef14de23f93cddc395c

Request headers

Referer
http://promocoesdejulho.com/identificacao.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Mon, 12 Jun 2017 16:41:57 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Jul 2015 11:43:21 GMT
Server
AmazonS3
Age
2410075
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/css
Via
1.1 a81e162a9acc4a08f8778f221092bb6a.cloudfront.net (CloudFront)
Cache-Control
max-age=315360000, no-transform, public
Transfer-Encoding
chunked
Connection
keep-alive
X-Amz-Cf-Id
9DfGB4F4t8hXdlpWAAks9DXM9HQk1FQrFLh8U7x6lPRg_sGlVfm_hg==
structure-2-9a953fbb.css
d25zlb44gqlazw.cloudfront.net/static/css/default/ 		217 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d25zlb44gqlazw.cloudfront.net/static/css/default/structure-2-9a953fbb.css
Requested by
Host: promocoesdejulho.com
URL: http://promocoesdejulho.com/identificacao.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.192.48.156 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-192-48-156.jfk5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
81806b3abb302db68b7279a6f2b1e2183291eb505a0f7b0f4106b8a9cad607e3

Request headers

Referer
http://promocoesdejulho.com/identificacao.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Mon, 12 Jun 2017 16:41:57 GMT
Content-Encoding
gzip
Last-Modified
Mon, 29 Jun 2015 17:40:48 GMT
Server
AmazonS3
Age
2410075
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/css
Via
1.1 3d205b9d112080e051ba3831f6437211.cloudfront.net (CloudFront)
Cache-Control
max-age=315360000, no-transform, public
Transfer-Encoding
chunked
Connection
keep-alive
X-Amz-Cf-Id
aDKbiSgkQZmxhgCf86FnS1TTmFOtQQm7Z8Zd3jXz-i1XMbA8clrpUA==
structure-3-b8ce6e5a.css
d25zlb44gqlazw.cloudfront.net/static/css/default/ 		373 KB
48 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d25zlb44gqlazw.cloudfront.net/static/css/default/structure-3-b8ce6e5a.css
Requested by
Host: promocoesdejulho.com
URL: http://promocoesdejulho.com/identificacao.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.192.48.156 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-192-48-156.jfk5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cb8ce2f18149fd6388bd660d0c7ce2278a9ed8150a8c1b40dcb94a6e894d2237

Request headers

Referer
http://promocoesdejulho.com/identificacao.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Mon, 12 Jun 2017 16:41:57 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Jul 2015 11:43:22 GMT
Server
AmazonS3
Age
2410075
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/css
Via
1.1 4470b111fbbc064d9b2edf2f1eff705e.cloudfront.net (CloudFront)
Cache-Control
max-age=315360000, no-transform, public
Transfer-Encoding
chunked
Connection
keep-alive
X-Amz-Cf-Id
yVR7W-Ll7CkwBduYjzznPzxSXps-5PyhlYpMFLcsEvCPbBhX3ebBlg==
checkout-5bab4d43.css
d25zlb44gqlazw.cloudfront.net/static/css/default/ 		151 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d25zlb44gqlazw.cloudfront.net/static/css/default/checkout-5bab4d43.css
Requested by
Host: promocoesdejulho.com
URL: http://promocoesdejulho.com/identificacao.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.192.48.156 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-192-48-156.jfk5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3bb30ea2878754291403a6fd9c308f14498b0916158feaf9681499a52081c943

Request headers

Referer
http://promocoesdejulho.com/identificacao.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Mon, 12 Jun 2017 16:41:57 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Jul 2015 13:16:04 GMT
Server
AmazonS3
Age
2410075
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/css
Via
1.1 1a3d70af1a1100f9b3da94cb72651784.cloudfront.net (CloudFront)
Cache-Control
max-age=315360000, no-transform, public
Transfer-Encoding
chunked
Connection
keep-alive
X-Amz-Cf-Id
MPBhfwXFfng06hC6ueys9s1wwJN8ZKIC3SO8kipX-R-i5pksGU4kyw==
all-f5060aa3.js
d25zlb44gqlazw.cloudfront.net/static/js/default/ 		554 KB
162 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d25zlb44gqlazw.cloudfront.net/static/js/default/all-f5060aa3.js
Requested by
Host: promocoesdejulho.com
URL: http://promocoesdejulho.com/identificacao.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.192.48.156 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-192-48-156.jfk5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ff3b8bf7f3eecaedd4e9eb600a49c08f3a1ef7466d9a1be30560969030c9e2d6

Request headers

Referer
http://promocoesdejulho.com/identificacao.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Wed, 05 Jul 2017 22:19:55 GMT
Content-Encoding
gzip
Last-Modified
Thu, 23 Jul 2015 13:08:28 GMT
Server
AmazonS3
Age
402596
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Via
1.1 0ae737265831ce30da6ba6dcf15e3d61.cloudfront.net (CloudFront)
Cache-Control
max-age=315360000, no-transform, public
Transfer-Encoding
chunked
Connection
keep-alive
X-Amz-Cf-Id
4_duPvB9Y7uFstmKFIMh5NXfjggtixEjXPFSifpVJ0HRr38FbjLI2A==
viewed-38908c08.js
d25zlb44gqlazw.cloudfront.net/static/js/default/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d25zlb44gqlazw.cloudfront.net/static/js/default/viewed-38908c08.js
Requested by
Host: promocoesdejulho.com
URL: http://promocoesdejulho.com/identificacao.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.192.48.156 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-192-48-156.jfk5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
70750a1f50841fed89345f007203985f394d45af494c5074af1622b4e1839e5d

Request headers

Referer
http://promocoesdejulho.com/identificacao.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Sun, 14 May 2017 01:03:12 GMT
Content-Encoding
gzip
Last-Modified
Mon, 18 May 2015 19:32:34 GMT
Server
AmazonS3
Age
4972000
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Via
1.1 d4e99d6645c0683f8b8be021e02d8828.cloudfront.net (CloudFront)
Cache-Control
max-age=315360000, no-transform, public
Transfer-Encoding
chunked
Connection
keep-alive
X-Amz-Cf-Id
ZSFvn8eeGvVdBg74iG9Gypj6lDQwoVvAiHzwxcifDdyvmEPOCH4FkQ==
client.js
apis.google.com/js/
Redirect Chain
  • http://apis.google.com/js/client.js
  • https://apis.google.com/js/client.js
 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/client.js
Requested by
Host: promocoesdejulho.com
URL: http://promocoesdejulho.com/identificacao.php
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:814::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
ESF /
Resource Hash
6f2b563348c2bb6542cb6794c00a85d17195a04d73bc66ab269cf123055186b2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://promocoesdejulho.com/identificacao.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

date
Mon, 10 Jul 2017 14:09:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See https://support.google.com/accounts/answer/151657?hl=en for more info."
status
200
alt-svc
quic=":443"; ma=2592000; v="39,38,37,36,35"
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge, chrome=1
server
ESF
x-frame-options
SAMEORIGIN
etag
"3346195e5b716ef10a4561b6b133b1ef"
strict-transport-security
max-age=10886400
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin
*
expires
Mon, 10 Jul 2017 14:09:51 GMT

Redirect headers

Location
https://apis.google.com/js/client.js
Non-Authoritative-Reason
HSTS
sdk.js
connect.facebook.com/pt_BR/ 		201 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://connect.facebook.com/pt_BR/sdk.js
Requested by
Host: promocoesdejulho.com
URL: http://promocoesdejulho.com/identificacao.php
Protocol
HTTP/1.1
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
1aa2b6b218f34843837d4f656cbd05728d3dd8260240edf307fcd03c1a0a5ed5
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
http://promocoesdejulho.com/identificacao.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-MD5
TfDFy2eVpy1GIN3TUkuqWQ==
edge-control
cache-maxage=1200s
Connection
keep-alive
Content-Length
63409
X-XSS-Protection
0
X-FB-Debug
kw4atwlo1oLS1v8neaAEbPsOjJZBNmABH7agsQUacbwS2l5S59ukpXA7EeHWoYmSHVtjCBwSzQMxck7Ekaqegw==
x-fb-content-md5
86a76f681df80f35dd2f7b449c5a3b97
X-Frame-Options
DENY
Date
Mon, 10 Jul 2017 14:09:51 GMT
Vary
Accept-Encoding
Content-Type
application/x-javascript; charset=utf-8
Access-Control-Expose-Headers
X-FB-Content-MD5
Cache-Control
public,max-age=1200,stale-while-revalidate=3600
ETag
"22627123c5e3ac3cfdb0c2377f645054"
timing-allow-origin
*
Expires
Mon, 10 Jul 2017 14:29:51 GMT
gtm.js
www.googletagmanager.com/ 		397 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.googletagmanager.com/gtm.js?id=GTM-BR2N
Requested by
Host: promocoesdejulho.com
URL: http://promocoesdejulho.com/identificacao.php
Protocol
HTTP/1.1
Server
2a00:1450:4001:814::2008 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
aad39e38714350e8f6705ddf8e42667a4d51d176cc746855e42218c75c5c4741
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://promocoesdejulho.com/identificacao.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Mon, 10 Jul 2017 14:09:51 GMT
Content-Encoding
gzip
Server
Google Tag Manager (scaffolding)
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
http://www.googletagmanager.com
Cache-Control
private, max-age=900
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Cache-Control
Content-Length
89874
X-XSS-Protection
1; mode=block
Expires
Mon, 10 Jul 2017 14:09:51 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.SjYoAeIk6aA.O/m=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMHwQIMflw-nic461NaNkk9BWeQdg/ 		238 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.SjYoAeIk6aA.O/m=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMHwQIMflw-nic461NaNkk9BWeQdg/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/client.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:814::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
sffe /
Resource Hash
411393b7501b4fa7a6cf71cf72817300bfc41e0262f37c41143d6361c238cd89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://promocoesdejulho.com/identificacao.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

date
Fri, 07 Jul 2017 15:38:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 07 Jul 2017 00:00:13 GMT
server
sffe
age
253859
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length
83972
x-xss-protection
1; mode=block
expires
Sat, 07 Jul 2018 15:38:52 GMT
img-certisign-footer-dab68b62.png
d25zlb44gqlazw.cloudfront.net/static/img/default/footer/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d25zlb44gqlazw.cloudfront.net/static/img/default/footer/img-certisign-footer-dab68b62.png
Requested by
Host: promocoesdejulho.com
URL: http://promocoesdejulho.com/identificacao.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.192.48.156 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-192-48-156.jfk5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9afceceb021c1aecea1ec8d1f28de0074a9ab3dd097cd4105398b1e0c1895655

Request headers

Referer
https://d25zlb44gqlazw.cloudfront.net/static/css/default/checkout-5bab4d43.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Wed, 05 Jul 2017 05:19:18 GMT
Via
1.1 0ae737265831ce30da6ba6dcf15e3d61.cloudfront.net (CloudFront)
Last-Modified
Wed, 21 May 2014 18:41:05 GMT
Server
AmazonS3
Age
463834
ETag
"92277f1bf5e00007a26e7309c473a46e"
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
max-age=315360000, no-transform, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1740
X-Amz-Cf-Id
2w4QInxR7OQ3dPCJDLPQkvXoTtlHL_kPh-m8FRHyUPUmbxCvh99pLw==
img-internet-footer-36866a79.png
d25zlb44gqlazw.cloudfront.net/static/img/default/footer/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d25zlb44gqlazw.cloudfront.net/static/img/default/footer/img-internet-footer-36866a79.png
Requested by
Host: promocoesdejulho.com
URL: http://promocoesdejulho.com/identificacao.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.192.48.156 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-192-48-156.jfk5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
39cb1cf1f65bc8db95c25ca05d4dd6e4a818f0f17fad6cb2e4c9fd0ce3d610bc

Request headers

Referer
https://d25zlb44gqlazw.cloudfront.net/static/css/default/checkout-5bab4d43.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Sat, 24 Jun 2017 13:00:34 GMT
Via
1.1 4470b111fbbc064d9b2edf2f1eff705e.cloudfront.net (CloudFront)
Last-Modified
Wed, 21 May 2014 18:41:11 GMT
Server
AmazonS3
Age
1386558
ETag
"d506b72358eaefa8ba3dd3847a720063"
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
max-age=315360000, no-transform, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2797
X-Amz-Cf-Id
QMXkEBHBGzg45Hic9ju_eJ1zTh7Bd28HbcJZ7L3EURt-M8g78FYrXw==
sprite-header-checkout-f9ba396e.png
d25zlb44gqlazw.cloudfront.net/static/img/default/repeat/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d25zlb44gqlazw.cloudfront.net/static/img/default/repeat/sprite-header-checkout-f9ba396e.png
Requested by
Host: promocoesdejulho.com
URL: http://promocoesdejulho.com/identificacao.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.192.48.156 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-192-48-156.jfk5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
57c092df01a716d7bdfba9f0d71862896d654b1267cb1a385f4fba6b0b93d168

Request headers

Referer
https://d25zlb44gqlazw.cloudfront.net/static/css/default/checkout-5bab4d43.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Wed, 05 Jul 2017 05:19:18 GMT
Via
1.1 a81e162a9acc4a08f8778f221092bb6a.cloudfront.net (CloudFront)
Last-Modified
Wed, 28 Jan 2015 16:03:51 GMT
Server
AmazonS3
Age
463834
ETag
"63fe538a8c23817270cf16acf81fef14"
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
max-age=315360000, no-transform, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20567
X-Amz-Cf-Id
e3Om2CRWdM2K1dTLZwrYZsnj7k85mmRtYM5uqcyhzpVrDGFFTi0Rig==
sprite-titles-checkout-567b8be9.png
d25zlb44gqlazw.cloudfront.net/static/img/default/repeat/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d25zlb44gqlazw.cloudfront.net/static/img/default/repeat/sprite-titles-checkout-567b8be9.png
Requested by
Host: promocoesdejulho.com
URL: http://promocoesdejulho.com/identificacao.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.192.48.156 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-192-48-156.jfk5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
09da6f71a68979c818095e4d5223ffa0e860f5ecda5fe2ff30d5556108d34a26

Request headers

Referer
https://d25zlb44gqlazw.cloudfront.net/static/css/default/checkout-5bab4d43.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Wed, 05 Jul 2017 05:19:18 GMT
Via
1.1 1a3d70af1a1100f9b3da94cb72651784.cloudfront.net (CloudFront)
Last-Modified
Wed, 06 May 2015 17:39:02 GMT
Server
AmazonS3
Age
463834
ETag
"b905ff0a2acaeaa2a78ea613158e0757"
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
max-age=315360000, no-transform, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7881
X-Amz-Cf-Id
0FgtreenFb5fEWW__1Oc8s1ruqqmxdI24qhPNtKickVXwVV4OPZ4AQ==
ml-icon_2666f5c8ba31a62afe937b39c4c1a4ea.woff
d25zlb44gqlazw.cloudfront.net/static/css/default/fonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d25zlb44gqlazw.cloudfront.net/static/css/default/fonts/ml-icon_2666f5c8ba31a62afe937b39c4c1a4ea.woff
Requested by
Host: promocoesdejulho.com
URL: http://promocoesdejulho.com/identificacao.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.192.48.99 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-192-48-99.jfk5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
36d5ec0f774434e24d474a4ef18c282ba2738c7af804b8f987514f16d7502eee

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36
Referer
https://d25zlb44gqlazw.cloudfront.net/static/css/default/structure-1-72b61a6a.css
Origin
http://promocoesdejulho.com

Response headers

Date
Mon, 10 Jul 2017 06:06:03 GMT
Via
1.1 c89cbbc4e4ec6f9b44fad110d349819a.cloudfront.net (CloudFront)
Last-Modified
Thu, 25 Jun 2015 11:42:59 GMT
Server
AmazonS3
Age
29029
ETag
"cfac1e5548546edac80f971a2bd37e2c"
Access-Control-Allow-Methods
GET
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Cache-Control
max-age=215360000, no-transform, public
X-Cache
Hit from cloudfront
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15064
X-Amz-Cf-Id
o5vN5f-ID6Cq0DpSW0QxAdDbRjg4OHOGMDdkQYhgn0FzqUFYFGasVQ==
ico_sprite_checkout_footer_stamps-8256c65a.jpg
d25zlb44gqlazw.cloudfront.net/static/img/default/inherited/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d25zlb44gqlazw.cloudfront.net/static/img/default/inherited/ico_sprite_checkout_footer_stamps-8256c65a.jpg
Requested by
Host: d25zlb44gqlazw.cloudfront.net
URL: https://d25zlb44gqlazw.cloudfront.net/static/js/default/all-f5060aa3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.192.48.156 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-192-48-156.jfk5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
14aa997761f25ba5b9b37fc32740e52e87d1c8d9fd990ee3432fbe068f8e3913

Request headers

Referer
https://d25zlb44gqlazw.cloudfront.net/static/css/default/checkout-5bab4d43.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Sun, 14 May 2017 14:14:48 GMT
Via
1.1 3d205b9d112080e051ba3831f6437211.cloudfront.net (CloudFront)
Last-Modified
Wed, 21 May 2014 19:46:31 GMT
Server
AmazonS3
Age
4924504
ETag
"ac39393f898a24d18580715be4ab5513"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=315360000, no-transform, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13808
X-Amz-Cf-Id
I3qs1ZX9rrN40Drwk6cGemP0JpaRMIYmXwyAWAQMi5781DkoOf0JOQ==
icon-elo-mini-e0bee24a.png
d25zlb44gqlazw.cloudfront.net/static/img/default/inherited/ 		749 B
749 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d25zlb44gqlazw.cloudfront.net/static/img/default/inherited/icon-elo-mini-e0bee24a.png
Requested by
Host: d25zlb44gqlazw.cloudfront.net
URL: https://d25zlb44gqlazw.cloudfront.net/static/js/default/all-f5060aa3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.192.48.156 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-192-48-156.jfk5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
98449861b514a392a7c6f98d4b830a00f50faddd27cf6bee2eadbf6f9918ac63

Request headers

Referer
https://d25zlb44gqlazw.cloudfront.net/static/css/default/checkout-5bab4d43.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Sun, 14 May 2017 14:14:48 GMT
Via
1.1 d4e99d6645c0683f8b8be021e02d8828.cloudfront.net (CloudFront)
Last-Modified
Wed, 21 May 2014 18:48:53 GMT
Server
AmazonS3
Age
4924504
ETag
"71488b8b4b745341c25c50d550fff02e"
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
max-age=315360000, no-transform, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
749
X-Amz-Cf-Id
qcsNbjnRXYEQK7qhVbakLbmLDKOVoa8wQ-Nf8cIZfyWHr8F1EBjjWQ==
sprites_tmp-4c466f6e.png
d25zlb44gqlazw.cloudfront.net/static/img/default/sprites/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d25zlb44gqlazw.cloudfront.net/static/img/default/sprites/sprites_tmp-4c466f6e.png
Requested by
Host: d25zlb44gqlazw.cloudfront.net
URL: https://d25zlb44gqlazw.cloudfront.net/static/js/default/all-f5060aa3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.192.48.156 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-192-48-156.jfk5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5fee773f0150f5721eb12c36833faf3b0f8f0bf48ad96febe8ca27cb4e9af5d3

Request headers

Referer
https://d25zlb44gqlazw.cloudfront.net/static/css/default/structure-2-9a953fbb.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Sat, 13 May 2017 09:36:41 GMT
Via
1.1 1a3d70af1a1100f9b3da94cb72651784.cloudfront.net (CloudFront)
Last-Modified
Wed, 21 May 2014 19:05:50 GMT
Server
AmazonS3
Age
5027590
ETag
"f6e069aa6fd091a191148587a64b8c71"
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
max-age=315360000, no-transform, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1236254
X-Amz-Cf-Id
ZK7RC9IMCltjf4QL28lmcA4aZnUtETG4Xk0ihECfL3Rh2v-WYCkTMg==
ajax_loader_01-9f907c17.gif
d25zlb44gqlazw.cloudfront.net/static/img/default/ 		664 B
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d25zlb44gqlazw.cloudfront.net/static/img/default/ajax_loader_01-9f907c17.gif
Requested by
Host: promocoesdejulho.com
URL: http://promocoesdejulho.com/identificacao.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.192.48.156 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-192-48-156.jfk5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7a6b72af4de3ea9f8ce28f5c8a71cc65aabebfe200dcee2b3909c46a12ef5e85

Request headers

Referer
http://promocoesdejulho.com/identificacao.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Fri, 14 Apr 2017 19:02:03 GMT
Via
1.1 a81e162a9acc4a08f8778f221092bb6a.cloudfront.net (CloudFront)
Last-Modified
Wed, 21 May 2014 21:02:50 GMT
Server
AmazonS3
Age
7499269
ETag
"d4ced45e58e3d26a3fa69c8f9eadbcae"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Cache-Control
max-age=315360000, no-transform, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
664
X-Amz-Cf-Id
c2NacnFT9GvU56Sfd75w9A51xWJ0D5uZWDe_Mjh1PmPdGOx4PxWKEw==
postmessageRelay
accounts.google.com/o/oauth2/ Frame 5440 		0
0
stewie-2.0.4.min.js
px.bob-recs.com/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://px.bob-recs.com/stewie-2.0.4.min.js?0
Requested by
Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtm.js?id=GTM-BR2N
Protocol
HTTP/1.1
Server
54.192.48.173 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-192-48-173.jfk5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
002b0d2ede406a75b8ca943650f36822aa9baf68637d4f8b98517b8d88950f42

Request headers

Referer
http://promocoesdejulho.com/identificacao.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Fri, 14 Apr 2017 19:00:23 GMT
Via
1.1 28b1b9930ccdd3e560b3f8d56677a679.cloudfront.net (CloudFront)
Last-Modified
Wed, 29 Jun 2016 18:05:57 GMT
Server
AmazonS3
Age
53826
ETag
"a49ea3aae0f2495b264d524f65af7ff4"
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4170
X-Amz-Cf-Id
vdvkVZ-Dt80CkbftkDy9iOb_pc1XyaXENLOmgbrP8hdqelQkQE0DYA==
btg360-2.0.1.min.js
i.btg360.com.br/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://i.btg360.com.br/btg360-2.0.1.min.js
Requested by
Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtm.js?id=GTM-BR2N
Protocol
HTTP/1.1
Server
186.202.41.27 , Brazil, ASN27715 (Locaweb Serviços de Internet S/A, BR),
Reverse DNS
Software
Apache /
Resource Hash
6b8a5d8ede5ffc5fc65f4f8f15163d02cdff0590f9a090356ab7a430d41e6f25

Request headers

Referer
http://promocoesdejulho.com/identificacao.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Mon, 10 Jul 2017 14:11:43 GMT
Content-Encoding
gzip
Last-Modified
Tue, 17 Jan 2017 18:45:51 GMT
Server
Apache
ETag
"10b46-2a37-5464eb5947a99"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
2735
fbevents.js
connect.facebook.net/en_US/ 		34 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://connect.facebook.net/en_US/fbevents.js
Requested by
Host: promocoesdejulho.com
URL: http://promocoesdejulho.com/identificacao.php
Protocol
HTTP/1.1
Server
2a03:2880:f01b:5:face:b00c:0:1 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
5d32ec735eed8dca6f57900c210493e00f7922032c28129a978acba10b080d45
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
http://promocoesdejulho.com/identificacao.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15552000; preload; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
keep-alive
Vary
Origin, Accept-Encoding
Content-Length
11103
X-XSS-Protection
0
Pragma
private
X-FB-Debug
SBayLGuxAKlrhuiK1VT44nzEepgx0ak/vhdNYtu9qmBdFeUblzPa9PgYcYyspYrgDP+9oJNHn57Wq/5T32JVIA==
Date
Mon, 10 Jul 2017 14:09:51 GMT
X-Frame-Options
DENY
Content-Type
application/x-javascript; charset=utf-8
Access-Control-Allow-Origin
https://connect.facebook.net
Access-Control-Expose-Headers
X-FB-Debug, X-Loader-Length
Cache-Control
private
Access-Control-Allow-Credentials
true
access-control-allow-method
OPTIONS
Expires
Sat, 01 Jan 2000 00:00:00 GMT
channel.js
www.gstatic.com/adometry/collection/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.gstatic.com/adometry/collection/js/channel.js
Requested by
Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtm.js?id=GTM-BR2N
Protocol
HTTP/1.1
Server
2a00:1450:4001:814::2003 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
sffe /
Resource Hash
864806511a0194b2584d1a4c3e2c44174afed5963e2c864978378c3de8817d62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://promocoesdejulho.com/identificacao.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Sun, 09 Jul 2017 17:37:44 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 21 Apr 2016 03:17:22 GMT
Server
sffe
Age
73927
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
public, max-age=86400
Accept-Ranges
bytes
Content-Length
2757
X-XSS-Protection
1; mode=block
Expires
Mon, 10 Jul 2017 17:37:44 GMT
iframe_api
www.youtube.com/ 		740 B
749 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: promocoesdejulho.com
URL: http://promocoesdejulho.com/identificacao.php
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:814::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
YouTubeFrontEnd /
Resource Hash
5ee4e0268ea8fd91231b210aed4bf450d1c78889d4bda3dd663ec9deefe7245e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube

Request headers

Referer
http://promocoesdejulho.com/identificacao.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

date
Mon, 10 Jul 2017 14:09:51 GMT
x-content-type-options
nosniff
server
YouTubeFrontEnd
content-type
application/javascript
status
200
cache-control
no-cache
alt-svc
quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length
740
x-xss-protection
1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube
expires
Tue, 27 Apr 1971 19:44:06 EST
intelie.magazine.js
d1dhh18vvfes41.cloudfront.net/banner/scripts/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://d1dhh18vvfes41.cloudfront.net/banner/scripts/intelie.magazine.js
Requested by
Host: promocoesdejulho.com
URL: http://promocoesdejulho.com/identificacao.php
Protocol
HTTP/1.1
Server
52.84.26.10 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-84-26-10.ewr50.r.cloudfront.net
Software
nginx /
Resource Hash
49bd50d65d1cf8190a34fdb5151055c78b7cf1b40cbf0ee1cfcd2d1072af7fad

Request headers

Referer
http://promocoesdejulho.com/identificacao.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Fri, 24 Feb 2017 14:20:31 GMT
Via
1.1 fda67c020b3c631c975bccffd2891599.cloudfront.net (CloudFront)
Last-Modified
Mon, 15 Feb 2016 13:51:35 GMT
Server
nginx
Age
17326
ETag
"56c1d7e7-1a00"
AWS
104
X-Cache
Hit from cloudfront
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=21600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6656
X-Amz-Cf-Id
aO6ecp7mlT2lsT9OTV6TeK-6vd-7_qtQKkPUhF7Uyrc4UiB7ftqoCQ==
Expires
Fri, 24 Feb 2017 20:20:31 GMT
loader.js
static.chaordicsystems.com/static/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://static.chaordicsystems.com/static/loader.js
Requested by
Host: promocoesdejulho.com
URL: http://promocoesdejulho.com/identificacao.php
Protocol
HTTP/1.1
Server
54.192.48.217 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-192-48-217.jfk5.r.cloudfront.net
Software
nginx /
Resource Hash
27db5a0c0a021e4827f47af9315dca83ddee8d1967f33a91de5c5f614dc2cda3

Request headers

Referer
http://promocoesdejulho.com/identificacao.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Tue, 09 May 2017 20:51:50 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Nov 2016 12:39:57 GMT
Server
nginx
Age
62281
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Connection
keep-alive
Content-Length
2109
Via
1.1 d56db0d65906a3edce526dc6600d65c6.cloudfront.net (CloudFront)
X-Amz-Cf-Id
aAsFtyI4duJIDd0BnlH-d6uwSfhBR2I20Epvu_axTuCivfKD76M__Q==
Expires
Wed, 10 May 2017 20:51:50 GMT
hotjar-527381.js
static.hotjar.com/c/ 		12 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://static.hotjar.com/c/hotjar-527381.js?sv=5
Requested by
Host: promocoesdejulho.com
URL: http://promocoesdejulho.com/identificacao.php
Protocol
HTTP/1.1
Server
198.232.124.194 Los Angeles, United States, ASN54104 (AS-NETDNA - netDNA, US),
Reverse DNS
194-124-232-198.static.unitasglobal.net
Software
NetDNA-cache/2.2 /
Resource Hash
656b30ce8358f904b03d1a83ca64aaa571fb6142320d07f3fbf556352cfdab62
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://promocoesdejulho.com/identificacao.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Mon, 10 Jul 2017 14:09:51 GMT
Content-Encoding
gzip
Server
NetDNA-cache/2.2
Cache-Control
max-age=60
X-Frame-Options
SAMEORIGIN
ETag
W/ef37c35af90586dc9fae6c5294e57ad6
Vary
Accept-Encoding
X-Cache
REVALIDATED
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-Cache-Hit
1
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
content-type
all.min.js
plugins.soclminer.com.br/v3/sdk/ 		54 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://plugins.soclminer.com.br/v3/sdk/all.min.js
Requested by
Host: promocoesdejulho.com
URL: http://promocoesdejulho.com/identificacao.php
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6818:1a56 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
2b83e2e2af3592b64eb0d34b97cf277e1b9af903522e725f836f5bbfa28e21ad

Request headers

Referer
http://promocoesdejulho.com/identificacao.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

date
Mon, 10 Jul 2017 14:09:51 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 06 Jul 2017 15:36:24 GMT
server
cloudflare-nginx
x-amz-request-id
200903691E6960DE
etag
"f4fec207d6ea1ccc154d27526dc1e947"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
public, max-age=86400
cf-ray
37c41a6adc8c6433-FRA
content-length
15635
x-amz-id-2
ZQmVoSgpmDBdMCkPc/qgNgLQxT/rcFJPEp/1lcpO/Hr3sz8oKcavcIAEnQ0j4Vhj7GnGALLAO3I=
expires
Tue, 11 Jul 2017 14:09:51 GMT
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: promocoesdejulho.com
URL: http://promocoesdejulho.com/identificacao.php
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:814::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
Golfe2 /
Resource Hash
765010cbfccaf06cb5b9166023a22b655a10b37075c91e276a5550c5ecd855ba
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://promocoesdejulho.com/identificacao.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 06 Jun 2017 00:25:39 GMT
server
Golfe2
age
6692
date
Mon, 10 Jul 2017 12:18:19 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length
12343
expires
Mon, 10 Jul 2017 14:18:19 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
/
www.google.de/ads/user-lists/1012714216/
Redirect Chain
  • http://www.google.com/ads/user-lists/1012714216/?value=0&guid=ON&script=0&cdct=2&is_vtc=1&random=2997495182&fpvtc=/1012714216/%3Fvalue%3D0%26guid%3DON%26script%3D0%26random%3D1236243656%26cdct%3D2%...
  • http://www.google.de/ads/user-lists/1012714216/?value=0&guid=ON&script=0&cdct=2&is_vtc=1&random=2997495182&fpvtc=/1012714216/%3Fvalue%3D0%26guid%3DON%26script%3D0%26random%3D1236243656%26cdct%3D2%2...
 		42 B
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.google.de/ads/user-lists/1012714216/?value=0&guid=ON&script=0&cdct=2&is_vtc=1&random=2997495182&fpvtc=/1012714216/%3Fvalue%3D0%26guid%3DON%26script%3D0%26random%3D1236243656%26cdct%3D2%26is_vtc%3D1&ipr=y&ulfeg=n
Requested by
Host: promocoesdejulho.com
URL: http://promocoesdejulho.com/identificacao.php
Protocol
HTTP/1.1
Server
2a00:1450:401b:801::2003 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
adclick_server /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://promocoesdejulho.com/identificacao.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 Jul 2017 14:09:51 GMT
X-Content-Type-Options
nosniff
Server
adclick_server
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
42
X-XSS-Protection
1; mode=block
Expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 10 Jul 2017 14:09:51 GMT
X-Content-Type-Options
nosniff
Server
adclick_server
Content-Type
text/html; charset=UTF-8
Location
http://www.google.de/ads/user-lists/1012714216/?value=0&guid=ON&script=0&cdct=2&is_vtc=1&random=2997495182&fpvtc=/1012714216/%3Fvalue%3D0%26guid%3DON%26script%3D0%26random%3D1236243656%26cdct%3D2%26is_vtc%3D1&ipr=y&ulfeg=n
Cache-Control
private, max-age=43200
Content-Length
451
X-XSS-Protection
1; mode=block
Expires
Mon, 10 Jul 2017 14:09:51 GMT
bg.png
s3-sa-east-1.amazonaws.com/frame-image-br/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-sa-east-1.amazonaws.com/frame-image-br/bg.png?x-id=mag&x-r=
Requested by
Host: promocoesdejulho.com
URL: http://promocoesdejulho.com/identificacao.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.92.74.10 Sao Paulo, Brazil, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-sa-east-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://promocoesdejulho.com/identificacao.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Mon, 10 Jul 2017 14:09:53 GMT
Last-Modified
Thu, 04 May 2017 08:21:21 GMT
Server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:502/gname:staff/uname:user/gid:20/mode:33188/mtime:1493416832/atime:1493796970/md5:d41d8cd98f00b204e9800998ecf8427e/ctime:1493416832
x-amz-request-id
CF608144158A8502
ETag
"d41d8cd98f00b204e9800998ecf8427e"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
0
x-amz-id-2
FXcVOGh424QR5bcDlrLFlJEUCEpLSGqSVSfmqtWHpmm3v0wcArZujidjdjVUrfOcxXYVtyJBi5Y=
activityi;dc_pre=CMmYxJfy_tQCFc-q7QodW78IxA;src=6590300;type=count0;cat=02all0;u6=http%3A%2F%2Fpromocoesdejulho.com%2Fidentificacao.php;u2=undefined;u1=undefined;u3=undefined;u4=undefined;u5=undefi...
6590300.fls.doubleclick.net/ Frame 5440
Redirect Chain
  • http://6590300.fls.doubleclick.net/activityi;src=6590300;type=count0;cat=02all0;u6=http%3A%2F%2Fpromocoesdejulho.com%2Fidentificacao.php;u2=undefined;u1=undefined;u3=undefined;u4=undefined;u5=undef...
  • http://6590300.fls.doubleclick.net/activityi;dc_pre=CMmYxJfy_tQCFc-q7QodW78IxA;src=6590300;type=count0;cat=02all0;u6=http%3A%2F%2Fpromocoesdejulho.com%2Fidentificacao.php;u2=undefined;u1=undefined;...
 		0
0
4066.js
script.crazyegg.com/pages/scripts/0027/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://script.crazyegg.com/pages/scripts/0027/4066.js?416582
Requested by
Host: promocoesdejulho.com
URL: http://promocoesdejulho.com/identificacao.php
Protocol
HTTP/1.1
Server
52.84.32.24 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-84-32-24.ewr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://promocoesdejulho.com/identificacao.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Thu, 24 Nov 2016 03:38:51 GMT
Via
1.1 f3c502e9ca204e721c5b65ef3266910d.cloudfront.net (CloudFront)
Last-Modified
Fri, 13 May 2016 07:29:12 GMT
Server
AmazonS3
Age
1545
ETag
"d41d8cd98f00b204e9800998ecf8427e"
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
0
X-Amz-Cf-Id
ce2Axa88eTrlG8dAala9hyJ9DgIsw3VUUbP27zJHFaAbGIV2zhOVsw==
1.ver
log.dmtry.com/1/1/3807/1/1/1/
Redirect Chain
  • http://cm.g.doubleclick.net/pixel?google_nid=adometry_cm&google_cm&google_hm=NTk2MzhhYWYuMDBlbENJLjI4YjlhYmIz
  • http://log.dmtry.com/1/1/3807/1/1/1/1.ver?at=syn&d=AdX&csync=0&google_gid=CAESEE8WJmYxRMjUH7DEJvhni-w&google_cver=1
 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://log.dmtry.com/1/1/3807/1/1/1/1.ver?at=syn&d=AdX&csync=0&google_gid=CAESEE8WJmYxRMjUH7DEJvhni-w&google_cver=1
Requested by
Host: promocoesdejulho.com
URL: http://promocoesdejulho.com/identificacao.php
Protocol
HTTP/1.1
Server
52.1.175.11 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-1-175-11.compute-1.amazonaws.com
Software
Adometry /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://promocoesdejulho.com/identificacao.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 Jul 2017 14:09:51 GMT
Server
Adometry
X-Source
cdad3750
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR IND NAV PSAo COM OUR"
Cache-control
no-cache, no-store
Connection
keep-alive
Expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 10 Jul 2017 14:09:52 GMT
Server
HTTP server (unknown)
P3P
policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location
http://log.dmtry.com/1/1/3807/1/1/1/1.ver?at=syn&d=AdX&csync=0&google_gid=CAESEE8WJmYxRMjUH7DEJvhni-w&google_cver=1
Cache-Control
no-cache, must-revalidate
Content-Type
text/html; charset=UTF-8
Content-Length
328
X-XSS-Protection
1; mode=block
Expires
Fri, 01 Jan 1990 00:00:00 GMT
modules-d93ae92f100ad51d83eb65a631dd6b61.js
script.hotjar.com/ 		348 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules-d93ae92f100ad51d83eb65a631dd6b61.js
Requested by
Host: static.hotjar.com
URL: http://static.hotjar.com/c/hotjar-527381.js?sv=5
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.249 , United Kingdom, ASN54104 (AS-NETDNA - netDNA, US),
Reverse DNS
94.31.29.249.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
6a48cf925d505ee9918c7f0715a68d6d6bde26a62de5036ca9679cc95f4695d5

Request headers

Referer
http://promocoesdejulho.com/identificacao.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

date
Mon, 10 Jul 2017 14:09:51 GMT
content-encoding
gzip
last-modified
Fri, 07 Jul 2017 13:55:35 GMT
server
NetDNA-cache/2.2
x-amz-request-id
D9F79B01C1063EC4
etag
W/"d93ae92f100ad51d83eb65a631dd6b61"
x-cache
HIT
content-type
application/javascript
status
200
cache-control
max-age=31536000
x-amz-id-2
orrV8qSgtMmz+rsRnDDkQDV2oZ0P8fLuHEzXEgQHYdhrzgxJJrhdUuCWgaJnGV9a9dOrk14nqf8=
rcj-99d43ead6bdf30da8ed5ffcb4f17100c.html
vars.hotjar.com/ Frame 5440 		0
0
1670642596499607
connect.facebook.net/signals/config/ 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://connect.facebook.net/signals/config/1670642596499607?v=2.7.18
Requested by
Host: connect.facebook.net
URL: http://connect.facebook.net/en_US/fbevents.js
Protocol
HTTP/1.1
Server
2a03:2880:f01b:5:face:b00c:0:1 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
6c08ffdd5e79f0bf1b5d8e631806736f63dbfeb3296cabb2544a78936e4e549a
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
http://promocoesdejulho.com/identificacao.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
keep-alive
Vary
Origin, Accept-Encoding
Content-Length
8875
X-XSS-Protection
0
Pragma
public
X-FB-Debug
Lh+reTe1e3hqPNi9bXCOjipKTcb2s91WIxiG/o7Sx9V37w6v0YELZVfP7lP+4ZzS5qz5TPo/cn0wSf6HnV9OOg==
X-Frame-Options
DENY
Date
Mon, 10 Jul 2017 14:09:51 GMT
Strict-Transport-Security
max-age=15552000; preload; includeSubDomains
Content-Type
application/x-javascript; charset=utf-8
Access-Control-Allow-Origin
https://connect.facebook.net
Access-Control-Expose-Headers
X-FB-Debug, X-Loader-Length
Cache-Control
public, max-age=1200
Access-Control-Allow-Credentials
true
access-control-allow-method
OPTIONS
Expires
Sat, 01 Jan 2000 00:00:00 GMT
www-widgetapi.js
s.ytimg.com/yts/jsbin/www-widgetapi-vflyiGtkL/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ytimg.com/yts/jsbin/www-widgetapi-vflyiGtkL/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:814::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
sffe /
Resource Hash
183708044ee98821cc3fcdc2ae3ad7e3edc50a8ca4d004c986a1945600b2ff2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://promocoesdejulho.com/identificacao.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

date
Wed, 05 Jul 2017 13:40:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
433780
status
200
alt-svc
quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length
9074
x-xss-protection
1; mode=block
last-modified
Wed, 05 Jul 2017 08:18:38 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=691200
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Thu, 13 Jul 2017 13:40:11 GMT
js
www.google-analytics.com/gtm/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-N9KJM2&t=gtm24&cid=514278302.1499695792
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:814::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
75d6e49c2f0c61690abfa86dee375ab0fa6168e7be6897d35488200f64b10756
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://promocoesdejulho.com/identificacao.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

date
Mon, 10 Jul 2017 14:09:51 GMT
content-encoding
gzip
server
Google Tag Manager (scaffolding)
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length
15852
x-xss-protection
1; mode=block
expires
Mon, 10 Jul 2017 14:09:51 GMT
/
www.facebook.com/tr/ 		44 B
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1670642596499607&ev=PageView&dl=http%3A%2F%2Fpromocoesdejulho.com%2Fidentificacao.php&rl=&if=false&ts=1499695791899&v=2.7.18&ec=0&o=28
Requested by
Host: promocoesdejulho.com
URL: http://promocoesdejulho.com/identificacao.php
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer
http://promocoesdejulho.com/identificacao.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

date
Mon, 10 Jul 2017 14:09:51 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Mon, 10 Jul 2017 14:09:51 GMT
ec.js
www.google-analytics.com/plugins/ua/
Redirect Chain
  • http://www.google-analytics.com/plugins/ua/ec.js
  • https://www.google-analytics.com/plugins/ua/ec.js
 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: promocoesdejulho.com
URL: http://promocoesdejulho.com/identificacao.php
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:814::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://promocoesdejulho.com/identificacao.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

date
Mon, 10 Jul 2017 13:23:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 21 Apr 2016 03:17:22 GMT
server
sffe
age
2809
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length
1296
x-xss-protection
1; mode=block
expires
Mon, 10 Jul 2017 14:23:02 GMT

Redirect headers

Location
https://www.google-analytics.com/plugins/ua/ec.js
Non-Authoritative-Reason
HSTS
loader.js
static.chaordicsystems.com/search/generated/magazineluiza/ 		3 B
23 B 		Script
General
Check archive.org
Download Go to
Full URL
http://static.chaordicsystems.com/search/generated/magazineluiza/loader.js?t=1666329
Requested by
Host: static.chaordicsystems.com
URL: http://static.chaordicsystems.com/static/loader.js
Protocol
HTTP/1.1
Server
54.192.48.217 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-192-48-217.jfk5.r.cloudfront.net
Software
nginx /
Resource Hash
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860

Request headers

Referer
http://promocoesdejulho.com/identificacao.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Mon, 10 Jul 2017 13:49:51 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Jun 2017 22:04:58 GMT
Server
nginx
Age
1201
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=1800
Connection
keep-alive
Content-Length
23
Via
1.1 d56db0d65906a3edce526dc6600d65c6.cloudfront.net (CloudFront)
X-Amz-Cf-Id
lHuzos4aO1mmCD9K6c8kX0_EIbXe_-jd_lT5tYz4jdIRztlJgHzU8Q==
Expires
Mon, 10 Jul 2017 14:19:51 GMT
current.js
static.chaordicsystems.com/static/magazineluiza/ 		273 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://static.chaordicsystems.com/static/magazineluiza/current.js?t=1666329
Requested by
Host: static.chaordicsystems.com
URL: http://static.chaordicsystems.com/static/loader.js
Protocol
HTTP/1.1
Server
54.192.48.217 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-192-48-217.jfk5.r.cloudfront.net
Software
nginx /
Resource Hash
4d4d0b15861f2db85b0898fba2d038f97012aa26bef5fb3d8ae6ed7ee0417b1e

Request headers

Referer
http://promocoesdejulho.com/identificacao.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Fri, 02 Jun 2017 21:54:11 GMT
Content-Encoding
gzip
Last-Modified
Fri, 02 Jun 2017 21:43:41 GMT
Server
nginx
Age
6
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=600
Transfer-Encoding
chunked
Connection
keep-alive
X-Amz-Cf-Id
BPQKsev7oVVHFu4JWiNeMWEmoxeKHCxGSjZEVdGGopIzZQEPcaVVvA==
Via
1.1 d56db0d65906a3edce526dc6600d65c6.cloudfront.net (CloudFront)
Expires
Fri, 02 Jun 2017 22:04:11 GMT
/
www.magazineluiza.com.br/stw/cb/
Redirect Chain
  • https://rgr.bob-recs.com/pixel/?a=ping&c=magazine_ecomm
  • https://www.magazineluiza.com.br/stw/cb/?stwu=temp_717f3620-6579-11e7-b554-39d16a423ec2&stwt=1
 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.magazineluiza.com.br/stw/cb/?stwu=temp_717f3620-6579-11e7-b554-39d16a423ec2&stwt=1
Requested by
Host: promocoesdejulho.com
URL: http://promocoesdejulho.com/identificacao.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.84.26.230 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-84-26-230.ewr50.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://promocoesdejulho.com/identificacao.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Mon, 10 Jul 2017 14:09:53 GMT
Via
1.1 356f854273c0d06a872d54c9c0c99490.cloudfront.net (CloudFront)
Server
nginx
X-Cache
Miss from cloudfront
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=600, s-maxage=450
Connection
keep-alive
Content-Length
0
X-Amz-Cf-Id
KG3ODgpr80S1lEZompjmIBjYyK4k3LsOa2JdZju2lo41Jlh4UmMz9w==

Redirect headers

Date
Mon, 10 Jul 2017 14:09:52 GMT
Server
nginx/1.10.1
X-Powered-By
Express
Vary
Accept
P3P
CP='ALL DSP LAW CUR DEV PSAo PSDo IVAo IVDo CONo HISo OUR STP UNI NAV'
Location
https://www.magazineluiza.com.br/stw/cb/?stwu=temp_717f3620-6579-11e7-b554-39d16a423ec2&stwt=1
Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/plain; charset=utf-8
Content-Length
116
acquireBrowserId
onsite.chaordicsystems.com/datakeeper/ 		87 B
87 B 		Script
General
Check archive.org
Download Go to
Full URL
http://onsite.chaordicsystems.com/datakeeper/acquireBrowserId?q=%7B%22apiKey%22%3A%22magazineluiza%22%7D&callback=_chaordicJsonp_14996957924609988
Requested by
Host: static.chaordicsystems.com
URL: http://static.chaordicsystems.com/static/magazineluiza/current.js?t=1666329
Protocol
HTTP/1.1
Server
54.209.11.116 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-209-11-116.compute-1.amazonaws.com
Software
nginx /
Resource Hash
858e78ff2130bbe7305d4a66718a7b8ba2e4230af173ddadb97287b1f942039a

Request headers

Referer
http://promocoesdejulho.com/identificacao.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

X-Response-Time
1
Pragma
no-cache
Date
Mon, 10 Jul 2017 14:09:52 GMT
Monkey
ip-10-10-11-168:9004@v5.22.624
Server
nginx
Content-MD5
hw4IIv2rJ+1OVMQIq/vW2g==
P3P
CP="NOI DSP COR NID ADMa OPTa OUR NOR"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
application/javascript
Content-Length
87
X-Request-Id
ccd207e8-561e-4d2c-b948-879f8654367d
acquireTestGroup
onsite.chaordicsystems.com/datakeeper/ 		400 B
400 B 		Script
General
Check archive.org
Download Go to
Full URL
http://onsite.chaordicsystems.com/datakeeper/acquireTestGroup?q=%7B%22apiKey%22%3A%22magazineluiza%22%7D&callback=_chaordicJsonp_14996957924602274
Requested by
Host: static.chaordicsystems.com
URL: http://static.chaordicsystems.com/static/magazineluiza/current.js?t=1666329
Protocol
HTTP/1.1
Server
54.209.11.116 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-209-11-116.compute-1.amazonaws.com
Software
nginx /
Resource Hash
42cedc98c9f62f7bf2c3193ed790db5e824d4053f0d7f8b89a1f1e665f59b16f

Request headers

Referer
http://promocoesdejulho.com/identificacao.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

X-Response-Time
672
Pragma
no-cache
Date
Mon, 10 Jul 2017 14:09:53 GMT
Monkey
ip-10-10-11-192:9002@v5.22.624
Server
nginx
Content-MD5
LCR9DdO19ZFcMHjnAk9wYg==
P3P
CP="NOI DSP COR NID ADMa OPTa OUR NOR"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
application/javascript
Content-Length
400
X-Request-Id
7e113d94-4f84-422b-ba17-77b419a91aa2
postmediator
onsite.chaordicsystems.com/static/ Frame 5440 		0
0
nr-632.min.js
js-agent.newrelic.com/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://js-agent.newrelic.com/nr-632.min.js
Requested by
Host: promocoesdejulho.com
URL: http://promocoesdejulho.com/identificacao.php
Protocol
HTTP/1.1
Server
151.101.112.207 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c28f3fcfa4e839d67ed83a489ca461cf6c3182c47d1a35e7eb719deba23f9106

Request headers

Referer
http://promocoesdejulho.com/identificacao.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Mon, 10 Jul 2017 14:09:53 GMT
Content-Encoding
gzip
x-amz-request-id
6C2B376202CA58A0
X-Cache
HIT
Connection
keep-alive
Content-Length
8564
x-amz-id-2
JFT6PxCOe3DLTNpXqwqmR+4wb0kUzyP/Tvu4nKp7M9gTz2hyp9AS4ZqUiI/63bJUA/FnZ49fqJA=
X-Served-By
cache-hhn1550-HHN
Last-Modified
Mon, 23 Mar 2015 23:49:49 GMT
Server
AmazonS3
X-Timer
S1499695794.988296,VS0,VE0
ETag
"f9cdcb1e4b2be3825b6dfcbd33deff25"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 varnish
Cache-Control
public, max-age=7200, stale-if-error=604800
Accept-Ranges
bytes
X-Cache-Hits
1198
beacon.gif
beacon.luizalabs.com/ 		0
0 		XHR
General
Check archive.org
Download Go to
Full URL
http://beacon.luizalabs.com/beacon.gif
Requested by
Host: d1dhh18vvfes41.cloudfront.net
URL: http://d1dhh18vvfes41.cloudfront.net/banner/scripts/intelie.magazine.js
Protocol
HTTP/1.1
Server
34.206.236.237 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-206-236-237.compute-1.amazonaws.com
Software
nginx/1.10.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://promocoesdejulho.com/identificacao.php
Origin
http://promocoesdejulho.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 10 Jul 2017 14:09:54 GMT
Server
nginx/1.10.1
Connection
keep-alive
4cacecc8c0
bam.nr-data.net/1/ 		57 B
57 B 		Script
General
Check archive.org
Download Go to
Full URL
http://bam.nr-data.net/1/4cacecc8c0?a=7495319&pl=1499695789465&v=632.2b17625&to=NgFXY0pSWENUUkdZCg9Lc0JWUEJZWl8cXQQGBU9eVlZaRVxLUh4WCBBQGVtcWERHXl9cABNKVltRVlhED1JfWQAPEGpHXUFFX1s%3D&qt=1&ap=360&be=1586&fe=2929&dc=603&f=%5B%5D&perf=%7B%22timing%22:%7B%22of%22:1499695789465,%22n%22:0,%22dl%22:1581,%22di%22:2188,%22ds%22:2188,%22de%22:2214,%22dc%22:4515,%22l%22:4515,%22le%22:4516,%22f%22:0,%22dn%22:0,%22dne%22:192,%22c%22:192,%22ce%22:370,%22rq%22:370,%22rp%22:1580,%22rpe%22:1580%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: http://js-agent.newrelic.com/nr-632.min.js
Protocol
HTTP/1.1
Server
50.31.164.175 Chicago, United States, ASN23467 (NEWRELIC-AS-1 - New Relic, US),
Reverse DNS
bam-5.nr-data.net
Software
/
Resource Hash
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

Referer
http://promocoesdejulho.com/identificacao.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
57
Content-Type
text/javascript;charset=ISO-8859-1
6e6a8240-c690-4372-bd37-9bfa99486c33
api.soclminer.com.br/v2.1/customers/ 		590 B
387 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.soclminer.com.br/v2.1/customers/6e6a8240-c690-4372-bd37-9bfa99486c33?format=json&url=http%3A%2F%2Fpromocoesdejulho.com%2Fidentificacao.php&referrer=&paramOnSession=
Requested by
Host: plugins.soclminer.com.br
URL: https://plugins.soclminer.com.br/v3/sdk/all.min.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6818:1a56 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx / ServiceStack/3,971 Win32NT/.NET, ASP.NET
Resource Hash
ca4998959d368061780eac7a810dbe85b3d69080f762578f1b4e3779b6282c62

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36
Referer
http://promocoesdejulho.com/identificacao.php
Origin
http://promocoesdejulho.com

Response headers

date
Mon, 10 Jul 2017 14:09:55 GMT
content-encoding
gzip
server
cloudflare-nginx
x-aspnet-version
4.0.30319
x-powered-by
ServiceStack/3,971 Win32NT/.NET, ASP.NET
status
200
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private
cf-ray
37c41a7df85a088d-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, JSNLog-RequestId

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
accounts.google.com
URL
https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fpromocoesdejulho.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.SjYoAeIk6aA.O%2Fm%3D__features__%2Fam%3DAQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMHwQIMflw-nic461NaNkk9BWeQdg
Domain
6590300.fls.doubleclick.net
URL
http://6590300.fls.doubleclick.net/activityi;dc_pre=CMmYxJfy_tQCFc-q7QodW78IxA;src=6590300;type=count0;cat=02all0;u6=http%3A%2F%2Fpromocoesdejulho.com%2Fidentificacao.php;u2=undefined;u1=undefined;u3=undefined;u4=undefined;u5=undefined;ord=1030723366157;~oref=http%3A%2F%2Fpromocoesdejulho.com%2Fidentificacao.php
Domain
vars.hotjar.com
URL
https://vars.hotjar.com/rcj-99d43ead6bdf30da8ed5ffcb4f17100c.html
Domain
onsite.chaordicsystems.com
URL
http://onsite.chaordicsystems.com/static/postmediator

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic (Online)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Domain/Path Name / Value
.chaordicsystems.com/ Name: chaordic_browserId
Value: 717f0f10-6579-11e7-b9b6-351e6059524c
promocoesdejulho.com/ Name: chaordic_testGroup
Value: %7B%22experiment%22%3A%22MAGAZINELUIZA_MERCHANDISE_RETARGETING-4VIEW-INCLUDED-PROD-REF_2017_03_21%22%2C%22group%22%3A%22A%22%2C%22testCode%22%3A%22MAGAZINELUIZA_MERCHANDISE_RETARGETING-4VIEW-INCLUDED-PROD-REF_2017_03_21_A%22%2C%22code%22%3A%22MAGAZINELUIZA_MERCHANDISE_RETARGETING-4VIEW-INCLUDED-PROD-REF_2017_03_21_A%2FUKSxN1b5HfHr1khSVe5jPzP8xceRgezj%22%2C%22session%22%3A%22UKSxN1b5HfHr1khSVe5jPzP8xceRgezj%22%7D
.doubleclick.net/ Name: id
Value: 2204adbc8b2000df||t=1499695791|et=730|cs=002213fd48db98ef61023bbe97
.google.com/ Name: NID
Value: 107=jKpxttB9ckj-W5yN7yp9Xrz4J53GxNiDWMjXEoLl3Gt1UOr31SjgYqi0IEfS-mZL34sw0Nggw7vdPggtsKlifZnIqew9V3x_OHYsnqlry_2MK65f5woGjiF6Om1le53n
promocoesdejulho.com/ Name: chaordic_session
Value: 1499695792819-0.9983649005140927
.doubleclick.net/ Name: IDE
Value: AHWqTUnTPb0Q7CogoYZ11fcjvQdfutXBuVcul66cODXDYLS320-yTUZVwQ
promocoesdejulho.com/ Name: chaordic_anonymousUserId
Value: anon-717f0f10-6579-11e7-b9b6-351e6059524c
promocoesdejulho.com/ Name: chaordic_browserId
Value: 717f0f10-6579-11e7-b9b6-351e6059524c

2 Console Messages

Source Level URL
Text
console-api log (Line 3)
Message:
[GOOP 0.9.13] '00.'
console-api log (Line 3)
Message:
[GOOP 0.9.13] '00.' Triggering event: 'goop_cookie_ready'

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6590300.fls.doubleclick.net
accounts.google.com
api.soclminer.com.br
apis.google.com
bam.nr-data.net
beacon.luizalabs.com
connect.facebook.com
connect.facebook.net
d1dhh18vvfes41.cloudfront.net
d25zlb44gqlazw.cloudfront.net
i.btg360.com.br
js-agent.newrelic.com
log.dmtry.com
onsite.chaordicsystems.com
plugins.soclminer.com.br
promocoesdejulho.com
px.bob-recs.com
s.ytimg.com
s3-sa-east-1.amazonaws.com
script.crazyegg.com
script.hotjar.com
static.chaordicsystems.com
static.hotjar.com
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.magazineluiza.com.br
www.youtube.com
6590300.fls.doubleclick.net
accounts.google.com
onsite.chaordicsystems.com
vars.hotjar.com
151.101.112.207
186.202.41.27
198.232.124.194
2400:cb00:2048:1::6818:1a56
2a00:1450:4001:814::2003
2a00:1450:4001:814::2008
2a00:1450:4001:814::200e
2a00:1450:401b:801::2003
2a03:2880:f01b:5:face:b00c:0:1
2a03:2880:f12d:83:face:b00c:0:25de
34.206.236.237
50.31.164.175
52.1.175.11
52.84.26.10
52.84.26.230
52.84.32.24
52.92.74.10
54.192.48.156
54.192.48.173
54.192.48.217
54.192.48.99
54.209.11.116
74.220.207.113
94.31.29.249
002b0d2ede406a75b8ca943650f36822aa9baf68637d4f8b98517b8d88950f42
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
09da6f71a68979c818095e4d5223ffa0e860f5ecda5fe2ff30d5556108d34a26
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14aa997761f25ba5b9b37fc32740e52e87d1c8d9fd990ee3432fbe068f8e3913
183708044ee98821cc3fcdc2ae3ad7e3edc50a8ca4d004c986a1945600b2ff2c
1aa2b6b218f34843837d4f656cbd05728d3dd8260240edf307fcd03c1a0a5ed5
27db5a0c0a021e4827f47af9315dca83ddee8d1967f33a91de5c5f614dc2cda3
2b83e2e2af3592b64eb0d34b97cf277e1b9af903522e725f836f5bbfa28e21ad
36d5ec0f774434e24d474a4ef18c282ba2738c7af804b8f987514f16d7502eee
39cb1cf1f65bc8db95c25ca05d4dd6e4a818f0f17fad6cb2e4c9fd0ce3d610bc
3bb30ea2878754291403a6fd9c308f14498b0916158feaf9681499a52081c943
411393b7501b4fa7a6cf71cf72817300bfc41e0262f37c41143d6361c238cd89
42cedc98c9f62f7bf2c3193ed790db5e824d4053f0d7f8b89a1f1e665f59b16f
49bd50d65d1cf8190a34fdb5151055c78b7cf1b40cbf0ee1cfcd2d1072af7fad
4d4d0b15861f2db85b0898fba2d038f97012aa26bef5fb3d8ae6ed7ee0417b1e
550d3278b25311e11411324e8ffe9f62e4f2752201ebe8a0a12d6a0abdbbd866
57c092df01a716d7bdfba9f0d71862896d654b1267cb1a385f4fba6b0b93d168
5d32ec735eed8dca6f57900c210493e00f7922032c28129a978acba10b080d45
5ee4e0268ea8fd91231b210aed4bf450d1c78889d4bda3dd663ec9deefe7245e
5fee773f0150f5721eb12c36833faf3b0f8f0bf48ad96febe8ca27cb4e9af5d3
656b30ce8358f904b03d1a83ca64aaa571fb6142320d07f3fbf556352cfdab62
6a48cf925d505ee9918c7f0715a68d6d6bde26a62de5036ca9679cc95f4695d5
6b8a5d8ede5ffc5fc65f4f8f15163d02cdff0590f9a090356ab7a430d41e6f25
6c08ffdd5e79f0bf1b5d8e631806736f63dbfeb3296cabb2544a78936e4e549a
6f2b563348c2bb6542cb6794c00a85d17195a04d73bc66ab269cf123055186b2
70750a1f50841fed89345f007203985f394d45af494c5074af1622b4e1839e5d
75d6e49c2f0c61690abfa86dee375ab0fa6168e7be6897d35488200f64b10756
765010cbfccaf06cb5b9166023a22b655a10b37075c91e276a5550c5ecd855ba
7a6b72af4de3ea9f8ce28f5c8a71cc65aabebfe200dcee2b3909c46a12ef5e85
81806b3abb302db68b7279a6f2b1e2183291eb505a0f7b0f4106b8a9cad607e3
858e78ff2130bbe7305d4a66718a7b8ba2e4230af173ddadb97287b1f942039a
864806511a0194b2584d1a4c3e2c44174afed5963e2c864978378c3de8817d62
96bd7752e3b5e89fd8c938d1a986f161596aac77e8e54ef14de23f93cddc395c
98449861b514a392a7c6f98d4b830a00f50faddd27cf6bee2eadbf6f9918ac63
9afceceb021c1aecea1ec8d1f28de0074a9ab3dd097cd4105398b1e0c1895655
aad39e38714350e8f6705ddf8e42667a4d51d176cc746855e42218c75c5c4741
c28f3fcfa4e839d67ed83a489ca461cf6c3182c47d1a35e7eb719deba23f9106
ca4998959d368061780eac7a810dbe85b3d69080f762578f1b4e3779b6282c62
cb8ce2f18149fd6388bd660d0c7ce2278a9ed8150a8c1b40dcb94a6e894d2237
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23
ff3b8bf7f3eecaedd4e9eb600a49c08f3a1ef7466d9a1be30560969030c9e2d6