Submitted URL: http://t.vamos-la-poupar.com/campaigns/ma491r6v9lcfc/track-url/bl968cxb8eac1/d03cfe70852b4a39c585aa2baf61fc0c7c58dddc
Effective URL: https://tenhamenosdividas.com/?v=1&adsid=_42148145236548979
Submission: On October 30 via manual from ES

Summary

This website contacted 19 IPs in 5 countries across 18 domains to perform 38 HTTP transactions. The main IP is 5.79.66.228, located in Netherlands and belongs to LEASEWEB-NL-AMS-01 Netherlands, NL. The main domain is tenhamenosdividas.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 27th 2018. Valid for: 3 months.
This is the only time tenhamenosdividas.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2001:41d0:a:5... 16276 (OVH)
1 1 34.206.67.189 14618 (AMAZON-AES)
1 10 5.79.66.228 60781 (LEASEWEB-...)
1 2a00:1450:400... 15169 (GOOGLE)
3 84.53.135.137 16625 (AKAMAI-AS)
1 205.185.208.52 20446 (HIGHWINDS3)
1 5.79.65.168 60781 (LEASEWEB-...)
2 2400:cb00:204... 13335 (CLOUDFLAR...)
2 2a03:2880:f02... 32934 (FACEBOOK)
1 54.84.37.233 14618 (AMAZON-AES)
1 216.58.206.2 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f12... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2.18.232.15 16625 (AKAMAI-AS)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 2a05:f500:10:... 14413 (LINKEDIN)
38 19
Domain Requested by
10 tenhamenosdividas.com 1 redirects tenhamenosdividas.com
3 fonts.gstatic.com tenhamenosdividas.com
3 s7.addthis.com tenhamenosdividas.com
s7.addthis.com
2 www.linkedin.com s7.addthis.com
2 graph.facebook.com s7.addthis.com
2 www.google.de tenhamenosdividas.com
2 www.google.com tenhamenosdividas.com
2 www.facebook.com tenhamenosdividas.com
2 googleads.g.doubleclick.net www.googleadservices.com
2 connect.facebook.net tenhamenosdividas.com
connect.facebook.net
2 cdnjs.cloudflare.com tenhamenosdividas.com
2 adsplatform.com 1 redirects tenhamenosdividas.com
1 m.addthisedge.com s7.addthis.com
1 fonts.googleapis.com tenhamenosdividas.com
1 www.googleadservices.com www.googletagmanager.com
1 cdn.oxy.agency tenhamenosdividas.com
1 code.jquery.com tenhamenosdividas.com
1 www.googletagmanager.com tenhamenosdividas.com
1 t.vamos-la-poupar.com 1 redirects
38 19

This site contains links to these domains. Also see Links.

Domain
www.addthis.com
Subject Issuer Validity Valid
tenhamenosdividas.com
Let's Encrypt Authority X3
2018-09-27 -
2018-12-26
3 months crt.sh
*.google-analytics.com
Google Internet Authority G3
2018-10-16 -
2019-01-08
3 months crt.sh
odc-prod-01.oracle.com
DigiCert ECC Secure Server CA
2018-05-06 -
2019-08-05
a year crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA
2018-10-17 -
2020-10-16
2 years crt.sh
cdn.oxy.agency
Let's Encrypt Authority X3
2018-10-22 -
2019-01-20
3 months crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2018-09-22 -
2019-03-31
6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2017-12-15 -
2019-03-22
a year crt.sh
adsplatform.com
Amazon
2018-09-11 -
2019-10-11
a year crt.sh
www.googleadservices.com
Google Internet Authority G3
2018-10-09 -
2019-01-01
3 months crt.sh
*.g.doubleclick.net
Google Internet Authority G3
2018-10-09 -
2019-01-01
3 months crt.sh
www.google.com
Google Internet Authority G3
2018-10-16 -
2019-01-08
3 months crt.sh
www.google.de
Google Internet Authority G3
2018-10-09 -
2019-01-01
3 months crt.sh
*.googleapis.com
Google Internet Authority G3
2018-10-16 -
2019-01-08
3 months crt.sh
*.google.com
Google Internet Authority G3
2018-10-16 -
2019-01-08
3 months crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA
2018-05-30 -
2020-09-01
2 years crt.sh

This page contains 2 frames:

Primary Page: https://tenhamenosdividas.com/?v=1&adsid=_42148145236548979
Frame ID: 782D272D4253FC61CB101AF661F8A39B
Requests: 38 HTTP requests in this frame

Frame: https://adsplatform.com/?action=click&adsid=_42148145236548979
Frame ID: C9570D94262041D8D65995BC6C84D232
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://t.vamos-la-poupar.com/campaigns/ma491r6v9lcfc/track-url/bl968cxb8eac1/d03cfe70852b4a39c585aa2baf61... HTTP 301
    http://adsplatform.com/?adsid=534304f58194d047859e9f156913d096 HTTP 302
    http://tenhamenosdividas.com/?v=1&adsid=_42148145236548979 HTTP 301
    https://tenhamenosdividas.com/?v=1&adsid=_42148145236548979 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • env /^addthis/i

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • env /^google_tag_manager$/i

Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i

Page Statistics

38
Requests

100 %
HTTPS

60 %
IPv6

18
Domains

19
Subdomains

19
IPs

5
Countries

483 kB
Transfer

1303 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://t.vamos-la-poupar.com/campaigns/ma491r6v9lcfc/track-url/bl968cxb8eac1/d03cfe70852b4a39c585aa2baf61fc0c7c58dddc HTTP 301
    http://adsplatform.com/?adsid=534304f58194d047859e9f156913d096 HTTP 302
    http://tenhamenosdividas.com/?v=1&adsid=_42148145236548979 HTTP 301
    https://tenhamenosdividas.com/?v=1&adsid=_42148145236548979 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set /
tenhamenosdividas.com/
Redirect Chain
  • http://t.vamos-la-poupar.com/campaigns/ma491r6v9lcfc/track-url/bl968cxb8eac1/d03cfe70852b4a39c585aa2baf61fc0c7c58dddc
  • http://adsplatform.com/?adsid=534304f58194d047859e9f156913d096
  • http://tenhamenosdividas.com/?v=1&adsid=_42148145236548979
  • https://tenhamenosdividas.com/?v=1&adsid=_42148145236548979
29 KB
8 KB
Document
General
Full URL
https://tenhamenosdividas.com/?v=1&adsid=_42148145236548979
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.79.66.228 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
azevedo.srv.codereach.pw
Software
nginx / PleskLin
Resource Hash
0b23ad77c920deb7110cb6a2d7f02257d5e72c78edd5542db2dcbfd0d11bc484

Request headers

Host
tenhamenosdividas.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server
nginx
Date
Tue, 30 Oct 2018 11:13:11 GMT
Content-Type
text/html
Content-Length
8179
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Set-Cookie
PHPSESSID=6pb3r1lkvanrs6q61h7fsuee96; path=/
X-Powered-By
PleskLin
Vary
Accept-Encoding
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Tue, 30 Oct 2018 11:13:11 GMT
Content-Type
text/html
Content-Length
178
Connection
keep-alive
Location
https://tenhamenosdividas.com/?v=1&adsid=_42148145236548979
style.css
tenhamenosdividas.com/dist/
60 KB
11 KB
Stylesheet
General
Full URL
https://tenhamenosdividas.com/dist/style.css
Requested by
Host: tenhamenosdividas.com
URL: https://tenhamenosdividas.com/?v=1&adsid=_42148145236548979
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.79.66.228 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
azevedo.srv.codereach.pw
Software
nginx /
Resource Hash
f55a415330e877e76984f5b7a8b5336bf811994262c44d5a57716292538316d2

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
tenhamenosdividas.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://tenhamenosdividas.com/?v=1&adsid=_42148145236548979
Cookie
PHPSESSID=6pb3r1lkvanrs6q61h7fsuee96
Connection
keep-alive
Cache-Control
no-cache
Referer
https://tenhamenosdividas.com/?v=1&adsid=_42148145236548979
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
public
Date
Tue, 30 Oct 2018 11:13:12 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 Oct 2018 17:34:32 GMT
Server
nginx
ETag
W/"5bbb9528-eea9"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000 public, must-revalidate, proxy-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 29 Nov 2018 11:13:12 GMT
js
www.googletagmanager.com/gtag/
83 KB
30 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-947452083
Requested by
Host: tenhamenosdividas.com
URL: https://tenhamenosdividas.com/?v=1&adsid=_42148145236548979
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:816::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
bf3607133c212cc8c43999946415f71fa60dede06b37a199b7b24ee0385b886b
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tenhamenosdividas.com/?v=1&adsid=_42148145236548979
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 30 Oct 2018 11:12:12 GMT
content-encoding
gzip
server
Google Tag Manager (scaffolding)
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
30178
x-xss-protection
1; mode=block
expires
Tue, 30 Oct 2018 11:12:12 GMT
logo.png
tenhamenosdividas.com/images/
3 KB
4 KB
Image
General
Full URL
https://tenhamenosdividas.com/images/logo.png
Requested by
Host: tenhamenosdividas.com
URL: https://tenhamenosdividas.com/?v=1&adsid=_42148145236548979
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.79.66.228 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
azevedo.srv.codereach.pw
Software
nginx /
Resource Hash
d39c54f2463d628397998bf547ff60183ae98bdd480efff23e9df38263eefee0

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
tenhamenosdividas.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://tenhamenosdividas.com/?v=1&adsid=_42148145236548979
Cookie
PHPSESSID=6pb3r1lkvanrs6q61h7fsuee96
Connection
keep-alive
Cache-Control
no-cache
Referer
https://tenhamenosdividas.com/?v=1&adsid=_42148145236548979
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
public
Date
Tue, 30 Oct 2018 11:13:12 GMT
Last-Modified
Mon, 08 Oct 2018 17:34:32 GMT
Server
nginx
ETag
"5bbb9528-d42"
Content-Type
image/png
Cache-Control
max-age=2592000 public, must-revalidate, proxy-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3394
Expires
Thu, 29 Nov 2018 11:13:12 GMT
addthis_widget.js
s7.addthis.com/js/300/
350 KB
112 KB
Script
General
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: tenhamenosdividas.com
URL: https://tenhamenosdividas.com/?v=1&adsid=_42148145236548979
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
84.53.135.137 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a84-53-135-137.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8e07795e1b86c75fdfc480b754a3407e37f6309ac0b8fb9c592c6038659f3e9e

Request headers

Referer
https://tenhamenosdividas.com/?v=1&adsid=_42148145236548979
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 30 Oct 2018 11:12:15 GMT
content-encoding
gzip
surrogate-key
client_dist
last-modified
Tue, 16 Oct 2018 17:21:15 GMT
etag
"5bc61e0b-578b3"
vary
Accept-Encoding
x-distribution
99
cache-tag
client_dist
status
200
cache-control
public, max-age=600
x-host
s7.addthis.com
accept-ranges
bytes
timing-allow-origin
*
content-type
application/javascript
jquery-2.2.4.min.js
code.jquery.com/
84 KB
34 KB
Script
General
Full URL
https://code.jquery.com/jquery-2.2.4.min.js
Requested by
Host: tenhamenosdividas.com
URL: https://tenhamenosdividas.com/?v=1&adsid=_42148145236548979
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.208.52 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip052.ssl.hwcdn.net
Software
nginx /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://tenhamenosdividas.com/?v=1&adsid=_42148145236548979
Origin
https://tenhamenosdividas.com

Response headers

Date
Tue, 30 Oct 2018 11:12:13 GMT
Content-Encoding
gzip
Last-Modified
Fri, 20 May 2016 17:24:41 GMT
Server
nginx
ETag
W/"573f4859-14e4a"
Vary
Accept-Encoding
X-HW
1540897932.dop040.fr8.t,1540897933.cds012.fr8.shn,1540897933.cds012.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
34834
jquery.seoval.min.js
cdn.oxy.agency/js/validation/
14 KB
4 KB
Script
General
Full URL
https://cdn.oxy.agency/js/validation/jquery.seoval.min.js
Requested by
Host: tenhamenosdividas.com
URL: https://tenhamenosdividas.com/?v=1&adsid=_42148145236548979
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.79.65.168 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
azevedo.srv.codereach.pw
Software
nginx / PleskLin
Resource Hash
0b38e3b991a74fd61fcafe204972221e434242e91c8e8ef9d47bfd231b24a59d

Request headers

Referer
https://tenhamenosdividas.com/?v=1&adsid=_42148145236548979
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 30 Oct 2018 11:13:12 GMT
Content-Encoding
gzip
ETag
W/"5bcdbcea-3826"
Last-Modified
Mon, 22 Oct 2018 12:04:58 GMT
Server
nginx
X-Powered-By
PleskLin
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
scripts.min.js
tenhamenosdividas.com/dist/
91 KB
26 KB
Script
General
Full URL
https://tenhamenosdividas.com/dist/scripts.min.js
Requested by
Host: tenhamenosdividas.com
URL: https://tenhamenosdividas.com/?v=1&adsid=_42148145236548979
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.79.66.228 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
azevedo.srv.codereach.pw
Software
nginx /
Resource Hash
6eaba47083782124720ede584f60a45dbea6503bc9c341d7bdd7cd670607b9d1

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
tenhamenosdividas.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://tenhamenosdividas.com/?v=1&adsid=_42148145236548979
Cookie
PHPSESSID=6pb3r1lkvanrs6q61h7fsuee96
Connection
keep-alive
Cache-Control
no-cache
Referer
https://tenhamenosdividas.com/?v=1&adsid=_42148145236548979
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
public
Date
Tue, 30 Oct 2018 11:13:12 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 Oct 2018 17:34:32 GMT
Server
nginx
ETag
W/"5bbb9528-16db2"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000 public, must-revalidate, proxy-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 29 Nov 2018 11:13:12 GMT
cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/
4 KB
1 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css
Requested by
Host: tenhamenosdividas.com
URL: https://tenhamenosdividas.com/?v=1&adsid=_42148145236548979
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6813:c797 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://tenhamenosdividas.com/?v=1&adsid=_42148145236548979
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 30 Oct 2018 11:12:12 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
status
200
served-in-seconds
0.000
last-modified
Thu, 17 May 2018 09:18:36 GMT
server
cloudflare
etag
W/"5afd48ec-f62"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
471d72109cf3980a-FRA
expires
Sun, 20 Oct 2019 11:12:12 GMT
cookieconsent.min.js
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/
19 KB
6 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js
Requested by
Host: tenhamenosdividas.com
URL: https://tenhamenosdividas.com/?v=1&adsid=_42148145236548979
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6813:c797 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://tenhamenosdividas.com/?v=1&adsid=_42148145236548979
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 30 Oct 2018 11:12:12 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
status
200
served-in-seconds
0.001
last-modified
Thu, 17 May 2018 09:18:32 GMT
server
cloudflare
etag
W/"5afd48e8-4d5a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
471d7210ed37980a-FRA
expires
Sun, 20 Oct 2019 11:12:12 GMT
fbevents.js
connect.facebook.net/en_US/
45 KB
15 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: tenhamenosdividas.com
URL: https://tenhamenosdividas.com/?v=1&adsid=_42148145236548979
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
8896bd9aad2399ee52a9878c7ada2e49df2f66ba91afd102244018c25ffd88e2
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://tenhamenosdividas.com/?v=1&adsid=_42148145236548979
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
14136
x-xss-protection
0
pragma
public
x-fb-debug
rTMa8++p5DHL5pL1zohnPOO+xjGaRrvj8ugONMFzybwNAFOo7LzlDyrkbZvPDaBkwqIYU8nLRZOeQPjgJlPzSw==
x-frame-options
DENY
date
Tue, 30 Oct 2018 11:12:13 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
bg.jpg
tenhamenosdividas.com/images/
31 KB
32 KB
Image
General
Full URL
https://tenhamenosdividas.com/images/bg.jpg
Requested by
Host: tenhamenosdividas.com
URL: https://tenhamenosdividas.com/?v=1&adsid=_42148145236548979
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.79.66.228 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
azevedo.srv.codereach.pw
Software
nginx /
Resource Hash
7d7e4c07cfb92a319ffc12ea0fcb1cd8290c3f30ac392b4ea134e7eea1d7c303

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
tenhamenosdividas.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://tenhamenosdividas.com/dist/style.css
Cookie
PHPSESSID=6pb3r1lkvanrs6q61h7fsuee96
Connection
keep-alive
Cache-Control
no-cache
Referer
https://tenhamenosdividas.com/dist/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
public
Date
Tue, 30 Oct 2018 11:13:12 GMT
Last-Modified
Mon, 08 Oct 2018 17:34:32 GMT
Server
nginx
ETag
"5bbb9528-7dd3"
Content-Type
image/jpeg
Cache-Control
max-age=2592000 public, must-revalidate, proxy-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
32211
Expires
Thu, 29 Nov 2018 11:13:12 GMT
/
adsplatform.com/ Frame C957
0
0
Document
General
Full URL
https://adsplatform.com/?action=click&adsid=_42148145236548979
Requested by
Host: tenhamenosdividas.com
URL: https://tenhamenosdividas.com/?v=1&adsid=_42148145236548979
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.84.37.233 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-84-37-233.compute-1.amazonaws.com
Software
Apache /
Resource Hash

Request headers

:method
GET
:authority
adsplatform.com
:scheme
https
:path
/?action=click&adsid=_42148145236548979
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://tenhamenosdividas.com/?v=1&adsid=_42148145236548979
accept-encoding
gzip, deflate
cookie
uci[8860]=eyJpdiI6IlhBOXBCRUtkaUp3S0JpcVhcL2hlV3lRPT0iLCJ2YWx1ZSI6InVWZmE2RXdWcVZTYXV2ZmJ5M25cL1J3PT0iLCJtYWMiOiIzYTA0MzQ2ZjMwYmMxZGMzODVjN2ZlMDRhYTVhZDBiYjUyODQ2MjM0NzE3NTRmNzZjMTdhN2M0NDM2M2E2ZTkwIn0%3D; laravel_session=eyJpdiI6IlVaeWExRHg4THI3cEd2bGRsSEFZYnc9PSIsInZhbHVlIjoieTN6b3dmTWxQVUhVdWJEYnBZQk4rdmxDcXNWQktkXC9wTDl6VjZ0cGtpSHl0M3hvRlwvcUYrNEhIeDdsK0xaejVDcXlRV3ZwOXU0RFdlVk5Sb0hNck1uZz09IiwibWFjIjoiOGZlZjkzMzE4MTVhMGMyNmNmMzhiMGU5NGI2ZmEzNmZkYTE2MDU1ZjRiOTk0NjIwMjI1YzBiMzRhMTRlYmM5YyJ9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://tenhamenosdividas.com/?v=1&adsid=_42148145236548979

Response headers

status
200
date
Tue, 30 Oct 2018 11:12:13 GMT
content-type
text/html; charset=UTF-8
content-length
0
server
Apache
cache-control
no-cache
set-cookie
laravel_session=eyJpdiI6Iml0UzZPK2lwNExLVjh5Yll5MEpJK1E9PSIsInZhbHVlIjoiaGlGeElSdTJjbXFrT3VIVlpoRERRUDMwVlRrelJvNjc0MzlDRHpJczBEZVdpU3lhcElIMzg4VUtGXC9HenJDbm9DcW1tUHFpalwvTG1rdVZveEltd1JFUT09IiwibWFjIjoiZmM0ZjBmMGE1YTI5MzJiZmJiOWZlOTM1ZGUzNWIxYzY0ZGM4ZDBmYjAxMTEyYzBjMDFiNWQ0OTMyNWJjZTUxZCJ9; expires=Wed, 04-Oct-2023 11:12:13 GMT; Max-Age=155520000; path=/; HttpOnly
bg2.jpg
tenhamenosdividas.com/images/
37 KB
37 KB
Image
General
Full URL
https://tenhamenosdividas.com/images/bg2.jpg
Requested by
Host: tenhamenosdividas.com
URL: https://tenhamenosdividas.com/?v=1&adsid=_42148145236548979
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.79.66.228 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
azevedo.srv.codereach.pw
Software
nginx /
Resource Hash
297b86b5ecb8d10a7c025f5fa3d9ee39bb154e479a8a9a3efa572ecd05f70f1c

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
tenhamenosdividas.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://tenhamenosdividas.com/dist/style.css
Cookie
PHPSESSID=6pb3r1lkvanrs6q61h7fsuee96
Connection
keep-alive
Cache-Control
no-cache
Referer
https://tenhamenosdividas.com/dist/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
public
Date
Tue, 30 Oct 2018 11:13:12 GMT
Last-Modified
Mon, 08 Oct 2018 17:34:32 GMT
Server
nginx
ETag
"5bbb9528-93a4"
Content-Type
image/jpeg
Cache-Control
max-age=2592000 public, must-revalidate, proxy-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
37796
Expires
Thu, 29 Nov 2018 11:13:12 GMT
sprite.png
tenhamenosdividas.com/images/
9 KB
9 KB
Image
General
Full URL
https://tenhamenosdividas.com/images/sprite.png
Requested by
Host: tenhamenosdividas.com
URL: https://tenhamenosdividas.com/?v=1&adsid=_42148145236548979
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.79.66.228 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
azevedo.srv.codereach.pw
Software
nginx /
Resource Hash
3f429b15f5056fdbcd66b6b3dd44f29ead841234f605848c4e15f28292f57286

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
tenhamenosdividas.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://tenhamenosdividas.com/dist/style.css
Cookie
PHPSESSID=6pb3r1lkvanrs6q61h7fsuee96
Connection
keep-alive
Cache-Control
no-cache
Referer
https://tenhamenosdividas.com/dist/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
public
Date
Tue, 30 Oct 2018 11:13:12 GMT
Last-Modified
Mon, 08 Oct 2018 17:34:32 GMT
Server
nginx
ETag
"5bbb9528-22a7"
Content-Type
image/png
Cache-Control
max-age=2592000 public, must-revalidate, proxy-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8871
Expires
Thu, 29 Nov 2018 11:13:12 GMT
arrow2.svg
tenhamenosdividas.com/images/
855 B
1 KB
Image
General
Full URL
https://tenhamenosdividas.com/images/arrow2.svg
Requested by
Host: tenhamenosdividas.com
URL: https://tenhamenosdividas.com/?v=1&adsid=_42148145236548979
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.79.66.228 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
azevedo.srv.codereach.pw
Software
nginx /
Resource Hash
b91d1ec9472241045675ca360b2b622a5e7b1920f57156c23748b97305f79b01

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
tenhamenosdividas.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://tenhamenosdividas.com/dist/style.css
Cookie
PHPSESSID=6pb3r1lkvanrs6q61h7fsuee96
Connection
keep-alive
Cache-Control
no-cache
Referer
https://tenhamenosdividas.com/dist/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
public
Date
Tue, 30 Oct 2018 11:13:12 GMT
Last-Modified
Mon, 08 Oct 2018 17:34:26 GMT
Server
nginx
ETag
"5bbb9522-357"
Content-Type
image/svg+xml
Cache-Control
max-age=2592000 public, must-revalidate, proxy-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
855
Expires
Thu, 29 Nov 2018 11:13:12 GMT
arrow.svg
tenhamenosdividas.com/images/
854 B
1 KB
Image
General
Full URL
https://tenhamenosdividas.com/images/arrow.svg
Requested by
Host: tenhamenosdividas.com
URL: https://tenhamenosdividas.com/?v=1&adsid=_42148145236548979
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.79.66.228 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
azevedo.srv.codereach.pw
Software
nginx /
Resource Hash
4690f6fcdc9ab2294d7257903b7c0cbf0c8d82f2d26db73dbdd6fce6d9fb4c58

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
tenhamenosdividas.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://tenhamenosdividas.com/dist/style.css
Cookie
PHPSESSID=6pb3r1lkvanrs6q61h7fsuee96
Connection
keep-alive
Cache-Control
no-cache
Referer
https://tenhamenosdividas.com/dist/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
public
Date
Tue, 30 Oct 2018 11:13:12 GMT
Last-Modified
Mon, 08 Oct 2018 17:34:26 GMT
Server
nginx
ETag
"5bbb9522-356"
Content-Type
image/svg+xml
Cache-Control
max-age=2592000 public, must-revalidate, proxy-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
854
Expires
Thu, 29 Nov 2018 11:13:12 GMT
685320161847453
connect.facebook.net/signals/config/
104 KB
19 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/685320161847453?v=2.8.30&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
e5b92cb6dd166fbed16f34551bb34cb9a8b86d1966ba03c1c44c6810291fa338
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://tenhamenosdividas.com/?v=1&adsid=_42148145236548979
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
x-xss-protection
0
pragma
public
x-fb-debug
p5p1ksX6AbAB4QMeTilD8c7YWtB/umB0fvLfNl8WypPVVEa8oxSrkceskn8EOOtV+tdphc17hY3PJXoPaOqyqA==
x-frame-options
DENY
date
Tue, 30 Oct 2018 11:12:13 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
conversion_async.js
www.googleadservices.com/pagead/
22 KB
8 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-947452083
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f2.1e100.net
Software
cafe /
Resource Hash
86a6f711282e73c49d629f39f1fcf7d851400263e86701e6f715ff2a3bd7a267
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tenhamenosdividas.com/?v=1&adsid=_42148145236548979
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 30 Oct 2018 11:12:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
8351
x-xss-protection
1; mode=block
server
cafe
etag
8806844828106948483
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 30 Oct 2018 11:12:13 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/947452083/
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947452083/?random=1540897933493&cv=9&fst=1540897933493&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&data=event%3Dgtag.config&gtm=aam&sendb=1&frm=0&url=https%3A%2F%2Ftenhamenosdividas.com%2F%3Fv%3D1%26adsid%3D_42148145236548979&tiba=Cr%C3%A9dito%20Consolidado&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81c::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
297e1e8151e89d4da90ce3131cd63a3ba24c9ddac744119e3b241b3165071403
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tenhamenosdividas.com/?v=1&adsid=_42148145236548979
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Oct 2018 11:12:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
1005
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/947452083/
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947452083/?random=1540897933504&cv=9&fst=1540897933504&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&data=event%3Dgtag.config&gtm=aam&sendb=1&frm=0&url=https%3A%2F%2Ftenhamenosdividas.com%2F%3Fv%3D1%26adsid%3D_42148145236548979&tiba=Cr%C3%A9dito%20Consolidado&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81c::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
431e6cf5b21ecbb83b873048465acaddb2a62ba4ba6e66fb30a19929198d16ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tenhamenosdividas.com/?v=1&adsid=_42148145236548979
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Oct 2018 11:12:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
1003
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/
44 B
290 B
Image
General
Full URL
https://www.facebook.com/tr/?id=685320161847453&ev=PageView&dl=https%3A%2F%2Ftenhamenosdividas.com%2F%3Fv%3D1%26adsid%3D_42148145236548979&rl=&if=false&ts=1540897933550&sw=1600&sh=1200&v=2.8.30&r=stable&ec=0&o=30&fbp=fb.1.1540897933549.776182374&it=1540897933327&coo=false
Requested by
Host: tenhamenosdividas.com
URL: https://tenhamenosdividas.com/?v=1&adsid=_42148145236548979
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer
https://tenhamenosdividas.com/?v=1&adsid=_42148145236548979
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 30 Oct 2018 11:12:13 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Tue, 30 Oct 2018 11:12:13 GMT
/
www.google.com/pagead/1p-user-list/947452083/
42 B
109 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/947452083/?random=1540897933493&cv=9&fst=1540897200000&num=1&bg=ffffff&guid=ON&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&data=event%3Dgtag.config&gtm=aam&sendb=1&frm=0&url=https%3A%2F%2Ftenhamenosdividas.com%2F%3Fv%3D1%26adsid%3D_42148145236548979&tiba=Cr%C3%A9dito%20Consolidado&async=1&fmt=3&crd=CITQGw&cdct=2&is_vtc=1&random=3554287102&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: tenhamenosdividas.com
URL: https://tenhamenosdividas.com/?v=1&adsid=_42148145236548979
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tenhamenosdividas.com/?v=1&adsid=_42148145236548979
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Oct 2018 11:12:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/947452083/
42 B
109 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/947452083/?random=1540897933493&cv=9&fst=1540897200000&num=1&bg=ffffff&guid=ON&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&data=event%3Dgtag.config&gtm=aam&sendb=1&frm=0&url=https%3A%2F%2Ftenhamenosdividas.com%2F%3Fv%3D1%26adsid%3D_42148145236548979&tiba=Cr%C3%A9dito%20Consolidado&async=1&fmt=3&crd=CITQGw&cdct=2&is_vtc=1&random=3554287102&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: tenhamenosdividas.com
URL: https://tenhamenosdividas.com/?v=1&adsid=_42148145236548979
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tenhamenosdividas.com/?v=1&adsid=_42148145236548979
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Oct 2018 11:12:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/947452083/
42 B
109 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/947452083/?random=1540897933504&cv=9&fst=1540897200000&num=1&bg=ffffff&guid=ON&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&data=event%3Dgtag.config&gtm=aam&sendb=1&frm=0&url=https%3A%2F%2Ftenhamenosdividas.com%2F%3Fv%3D1%26adsid%3D_42148145236548979&tiba=Cr%C3%A9dito%20Consolidado&async=1&fmt=3&crd=CITQGw&cdct=2&is_vtc=1&random=181102311&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: tenhamenosdividas.com
URL: https://tenhamenosdividas.com/?v=1&adsid=_42148145236548979
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tenhamenosdividas.com/?v=1&adsid=_42148145236548979
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Oct 2018 11:12:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/947452083/
42 B
109 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/947452083/?random=1540897933504&cv=9&fst=1540897200000&num=1&bg=ffffff&guid=ON&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&data=event%3Dgtag.config&gtm=aam&sendb=1&frm=0&url=https%3A%2F%2Ftenhamenosdividas.com%2F%3Fv%3D1%26adsid%3D_42148145236548979&tiba=Cr%C3%A9dito%20Consolidado&async=1&fmt=3&crd=CITQGw&cdct=2&is_vtc=1&random=181102311&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: tenhamenosdividas.com
URL: https://tenhamenosdividas.com/?v=1&adsid=_42148145236548979
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tenhamenosdividas.com/?v=1&adsid=_42148145236548979
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Oct 2018 11:12:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/
44 B
144 B
Image
General
Full URL
https://www.facebook.com/tr/?id=685320161847453&ev=Microdata&dl=https%3A%2F%2Ftenhamenosdividas.com%2F%3Fv%3D1%26adsid%3D_42148145236548979&rl=&if=false&ts=1540897934067&cd[Schema.org]=%5B%5D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Cr%C3%A9dito%20Consolidado%20-%20Comece%20hoje%20a%20poupar%22%2C%22og%3Aurl%22%3A%22http%3A%2F%2Ftenhamenosdividas.com%22%2C%22og%3Aimage%22%3A%22http%3A%2F%2Ftenhamenosdividas.com%2Fshare.png%22%2C%22og%3Asite_name%22%3A%22Cr%C3%A9dito%20Consolidado%20-%20Comece%20hoje%20a%20poupar%22%2C%22og%3Adescription%22%3A%22Reduza%20as%20suas%20mensalidades%2C%20poupe%20at%C3%A9%2060%25%20e%20tenha%20mais%20dinheiro%20no%20fim%20do%20m%C3%AAs!%20Apenas%20um%20cr%C3%A9dito%2C%20uma%20taxa%20de%20juro%20e%20uma%20data%20de%20pagamento.%20Simular%20sem%20compromisso!%22%7D&cd[Meta]=%7B%22title%22%3A%22Cr%C3%A9dito%20Consolidado%22%2C%22meta%3Adescription%22%3A%22Reduza%20as%20suas%20mensalidades%2C%20poupe%20at%C3%A9%2060%25%20e%20tenha%20mais%20dinheiro%20no%20fim%20do%20m%C3%AAs!%20Apenas%20um%20cr%C3%A9dito%2C%20uma%20taxa%20de%20juro%20e%20uma%20data%20de%20pagamento.%20Simular%20sem%20compromisso!%22%2C%22meta%3Akeywords%22%3A%22Cr%C3%A9dito%20Consolidado%2C%20Fam%C3%ADlia%2C%20Solu%C3%A7%C3%B5es%20Financeiras%2C%20Solu%C3%A7%C3%B5es%20Familiares%2C%20Endividamento%2C%20Problemas%2C%20Financiamento%2C%20Poupan%C3%A7a%2C%20Redu%C3%A7%C3%A3o%20mensalidades%22%7D&cd[DataLayer]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.8.30&r=stable&ec=1&o=30&fbp=fb.1.1540897933549.776182374&it=1540897933327&coo=false&es=automatic
Requested by
Host: tenhamenosdividas.com
URL: https://tenhamenosdividas.com/?v=1&adsid=_42148145236548979
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer
https://tenhamenosdividas.com/?v=1&adsid=_42148145236548979
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 30 Oct 2018 11:12:14 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Tue, 30 Oct 2018 11:12:14 GMT
css
fonts.googleapis.com/
2 KB
561 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700,900
Requested by
Host: tenhamenosdividas.com
URL: https://tenhamenosdividas.com/dist/scripts.min.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
038768dd33a21526f3db4475e45bc42b50cbb7c157cf5074f221092b65a61a7e
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tenhamenosdividas.com/?v=1&adsid=_42148145236548979
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
last-modified
Tue, 30 Oct 2018 11:12:16 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Tue, 30 Oct 2018 11:12:16 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
x-xss-protection
1; mode=block
expires
Tue, 30 Oct 2018 11:12:16 GMT
_ate.track.config_resp
m.addthisedge.com/live/boost/ra-59356b6bdf382d70/
3 KB
1011 B
Script
General
Full URL
https://m.addthisedge.com/live/boost/ra-59356b6bdf382d70/_ate.track.config_resp
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.18.232.15 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-15.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.8.v20180619) /
Resource Hash
db04b08a96796880542fe2887fc0933c52c88171268419eae038d23ce338364d

Request headers

Referer
https://tenhamenosdividas.com/?v=1&adsid=_42148145236548979
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 30 Oct 2018 11:12:16 GMT
content-encoding
gzip
surrogate-key
ra-59356b6bdf382d70
server
Jetty(9.4.8.v20180619)
cache-tag
ra-59356b6bdf382d70
etag
-701058824--gzip
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
status
200
cache-control
public, max-age=60, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-length
765
S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v14/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v14/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
Requested by
Host: tenhamenosdividas.com
URL: https://tenhamenosdividas.com/?v=1&adsid=_42148145236548979
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
a3b3c4f67bf2b44294215e2be76f12794e6b142edec201e199c93c38739f2bfc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:400,700,900
Origin
https://tenhamenosdividas.com

Response headers

date
Tue, 02 Oct 2018 06:22:42 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 18:24:00 GMT
server
sffe
age
2436574
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
14076
x-xss-protection
1; mode=block
expires
Wed, 02 Oct 2019 06:22:42 GMT
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v14/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v14/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: tenhamenosdividas.com
URL: https://tenhamenosdividas.com/?v=1&adsid=_42148145236548979
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
52726fb580d6bffc46615863ddbf4c319524b5a68fb484be2972bdad4fd0310d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:400,700,900
Origin
https://tenhamenosdividas.com

Response headers

date
Mon, 15 Oct 2018 16:54:40 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 18:23:20 GMT
server
sffe
age
1275456
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
13944
x-xss-protection
1; mode=block
expires
Tue, 15 Oct 2019 16:54:40 GMT
S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v14/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v14/S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2
Requested by
Host: tenhamenosdividas.com
URL: https://tenhamenosdividas.com/?v=1&adsid=_42148145236548979
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b907cd5b9c690c51dffd25fed156e1f024bf46db2ed8778273cf7657b4f35a05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:400,700,900
Origin
https://tenhamenosdividas.com

Response headers

date
Tue, 02 Oct 2018 06:22:55 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 18:23:58 GMT
server
sffe
age
2436561
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
13604
x-xss-protection
1; mode=block
expires
Wed, 02 Oct 2019 06:22:55 GMT
layers.6fa4adae18d4291b004e.js
s7.addthis.com/static/
261 KB
74 KB
Script
General
Full URL
https://s7.addthis.com/static/layers.6fa4adae18d4291b004e.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
84.53.135.137 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a84-53-135-137.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f7b7daf84961e9b14365bf670d7eeebb0c8c470e536b6b5da27f743b18f8e30a

Request headers

Referer
https://tenhamenosdividas.com/?v=1&adsid=_42148145236548979
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 30 Oct 2018 11:12:16 GMT
content-encoding
gzip
last-modified
Mon, 08 Oct 2018 13:44:57 GMT
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=86313600
x-host
s7.addthis.com
accept-ranges
bytes
timing-allow-origin
*
client.pt.min.json
s7.addthis.com/l10n/
4 KB
2 KB
XHR
General
Full URL
https://s7.addthis.com/l10n/client.pt.min.json
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
84.53.135.137 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a84-53-135-137.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
83ce6006cff1191ad3dee4fd015b0169ecc17b0ca8bd8ca698b6bea1d8699533

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://tenhamenosdividas.com/?v=1&adsid=_42148145236548979
Origin
https://tenhamenosdividas.com

Response headers

timing-allow-origin
*
date
Tue, 30 Oct 2018 11:12:17 GMT
content-encoding
gzip
last-modified
Wed, 09 May 2018 15:09:02 GMT
server
nginx
status
200
etag
"5af30f0e-e21"
vary
Accept-Encoding
content-language
pt
access-control-allow-origin
*
cache-control
public, s-maxage=604800
x-host
s7.addthis.com
accept-ranges
bytes
content-type
application/json
content-length
1736
/
graph.facebook.com/
169 B
316 B
Script
General
Full URL
https://graph.facebook.com/?id=https%3A%2F%2Ftenhamenosdividas.com%2F%3Fv%3D1%26adsid%3D_42148145236548979&callback=_ate.cbs.rcb_6ahl0
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f01a:1:face:b00c:0:1 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
c914a161e33edce18be5dd4777927892fc9357f8cd4652339813eb823d23390c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

Referer
https://tenhamenosdividas.com/?v=1&adsid=_42148145236548979
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
gzip
etag
"1ea36eb3b82095ed432c90cceaf37a3b67b33da2"
x-app-usage
{"call_count":0,"total_cputime":0,"total_time":0}
status
200
x-fb-rev
4477684
content-length
153
pragma
no-cache
x-fb-debug
OV1Jg1nyMuVbsdR7bzt83dgcV7BdSnQMUGn4OdnL5YBBFLfLcAw3FJtkteuphf7sMesKKkbh7fDnDAGeZay3Sw==
x-fb-trace-id
BdLUStVCeP1
date
Tue, 30 Oct 2018 11:12:17 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
facebook-api-version
v2.8
expires
Sat, 01 Jan 2000 00:00:00 GMT
share
www.linkedin.com/countserv/count/
130 B
1 KB
Script
General
Full URL
https://www.linkedin.com/countserv/count/share?url=https%3A%2F%2Ftenhamenosdividas.com%2F%3Fv%3D1%26adsid%3D_42148145236548979&callback=atajsshctcbNAGOC
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:f500:10:101::b93f:9101 , Ireland, ASN14413 (LINKEDIN - LinkedIn Corporation, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
dc691441189adbf532508a9e659a651eb06dbba76c06072722534db466b10320
Security Headers
Name Value
Content-Security-Policy default-src *; connect-src 'self' static.licdn.com media.licdn.com static-exp1.licdn.com static-exp2.licdn.com media-exp1.licdn.com media-exp2.licdn.com https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' platform.linkedin.com spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tenhamenosdividas.com/?v=1&adsid=_42148145236548979
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 30 Oct 2018 11:12:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Accept-Encoding
x-li-uuid
0BbNjIJeYhUAWi70XSsAAA==
server
Apache-Coyote/1.1
pragma
no-cache
x-li-pop
prod-efr5
x-frame-options
sameorigin
strict-transport-security
max-age=2592000
content-type
text/javascript;charset=UTF-8
x-xss-protection
1; mode=block
cache-control
no-cache, no-store
content-security-policy
default-src *; connect-src 'self' static.licdn.com media.licdn.com static-exp1.licdn.com static-exp2.licdn.com media-exp1.licdn.com media-exp2.licdn.com https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' platform.linkedin.com spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-li-proto
http/2
x-li-fabric
prod-lva1
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
graph.facebook.com/
168 B
567 B
Script
General
Full URL
https://graph.facebook.com/?id=http%3A%2F%2Ftenhamenosdividas.com%2F%3Fv%3D1%26adsid%3D_42148145236548979&callback=_ate.cbs.rcb_749k0
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f01a:1:face:b00c:0:1 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
be807ea8c0a3b5b83278b5260b1f1e02fc17342d06f724d3ba536b4861c281c8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

Referer
https://tenhamenosdividas.com/?v=1&adsid=_42148145236548979
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
gzip
etag
"05b84a7c9335d74b26d18004619329ddf2448d1d"
x-app-usage
{"call_count":0,"total_cputime":0,"total_time":0}
status
200
x-fb-rev
4477684
content-length
153
pragma
no-cache
x-fb-debug
q496RsFGMgSITho0aZvIm8WRtWwZR2MZm3Ps5Aob4ZVK/F+S0wnjvJpYiEKO1DAtVPJ392gj4+ant3aWtUmM1g==
x-fb-trace-id
F0zOl6HXF0p
date
Tue, 30 Oct 2018 11:12:17 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
facebook-api-version
v2.8
expires
Sat, 01 Jan 2000 00:00:00 GMT
share
www.linkedin.com/countserv/count/
129 B
197 B
Script
General
Full URL
https://www.linkedin.com/countserv/count/share?url=http%3A%2F%2Ftenhamenosdividas.com%2F%3Fv%3D1%26adsid%3D_42148145236548979&callback=atajsshctcbPKvIC
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:f500:10:101::b93f:9101 , Ireland, ASN14413 (LINKEDIN - LinkedIn Corporation, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
f70e633f7e102bd3308dd3bcbd39b34cb401f59fbe00734e6097aa7da0ee5579
Security Headers
Name Value
Content-Security-Policy default-src *; connect-src 'self' static.licdn.com media.licdn.com static-exp1.licdn.com static-exp2.licdn.com media-exp1.licdn.com media-exp2.licdn.com https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' platform.linkedin.com spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tenhamenosdividas.com/?v=1&adsid=_42148145236548979
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 30 Oct 2018 11:12:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Accept-Encoding
x-li-uuid
jbUJjYJeYhWg2c5jXisAAA==
server
Apache-Coyote/1.1
pragma
no-cache
x-li-pop
prod-efr5
x-frame-options
sameorigin
strict-transport-security
max-age=2592000
content-type
text/javascript;charset=UTF-8
x-xss-protection
1; mode=block
cache-control
no-cache, no-store
content-security-policy
default-src *; connect-src 'self' static.licdn.com media.licdn.com static-exp1.licdn.com static-exp2.licdn.com media-exp1.licdn.com media-exp2.licdn.com https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' platform.linkedin.com spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-li-proto
http/2
x-li-fabric
prod-lva1
expires
Thu, 01 Jan 1970 00:00:00 GMT
truncated
/
443 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| fbq function| _fbq function| gtag object| dataLayer object| google_tag_manager function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto function| $ function| jQuery function| Queue function| _typeof boolean| windowIsDefined function| error function| clearError function| abrir1 function| openLoader function| closeLoader function| IsJsonString function| setLeadAsInvalid function| calculate_age function| checkNIF function| validateAsNonProprietario function| validateAsProprietario function| makeAjaxRequest function| Slider function| Datepicker object| WebFont object| cookieconsent object| addthis_config object| addthis_share object| _atw string| addthis_services_loc string| addthis_services_loc_mob object| addthis_translations string| addthis_exclude boolean| addthis_use_personalization string| addthis_options_default string| addthis_options_rank string| addthis_options object| __callbacks number| len function| atajsshctcbNAGOC function| atajsshctcbPKvIC

2 Cookies

Domain/Path Name / Value
tenhamenosdividas.com/ Name: __atuvs
Value: 5bd83c90615eb08a000
tenhamenosdividas.com/ Name: __atuvc
Value: 1%7C44

1 Console Messages

Source Level URL
Text
console-api warning URL: https://connect.facebook.net/en_US/fbevents.js(Line 25)
Message:
[Facebook Pixel] - Duplicate Pixel ID: 685320161847453.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adsplatform.com
cdn.oxy.agency
cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
graph.facebook.com
m.addthisedge.com
s7.addthis.com
t.vamos-la-poupar.com
tenhamenosdividas.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
2.18.232.15
2001:41d0:a:5baa::
205.185.208.52
216.58.206.2
2400:cb00:2048:1::6813:c797
2a00:1450:4001:816::2003
2a00:1450:4001:816::2004
2a00:1450:4001:816::2008
2a00:1450:4001:816::200a
2a00:1450:4001:81c::2002
2a00:1450:4001:821::2003
2a03:2880:f01a:1:face:b00c:0:1
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a05:f500:10:101::b93f:9101
34.206.67.189
5.79.65.168
5.79.66.228
54.84.37.233
84.53.135.137
038768dd33a21526f3db4475e45bc42b50cbb7c157cf5074f221092b65a61a7e
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0b23ad77c920deb7110cb6a2d7f02257d5e72c78edd5542db2dcbfd0d11bc484
0b38e3b991a74fd61fcafe204972221e434242e91c8e8ef9d47bfd231b24a59d
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
297b86b5ecb8d10a7c025f5fa3d9ee39bb154e479a8a9a3efa572ecd05f70f1c
297e1e8151e89d4da90ce3131cd63a3ba24c9ddac744119e3b241b3165071403
3f429b15f5056fdbcd66b6b3dd44f29ead841234f605848c4e15f28292f57286
431e6cf5b21ecbb83b873048465acaddb2a62ba4ba6e66fb30a19929198d16ba
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
4690f6fcdc9ab2294d7257903b7c0cbf0c8d82f2d26db73dbdd6fce6d9fb4c58
52726fb580d6bffc46615863ddbf4c319524b5a68fb484be2972bdad4fd0310d
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
6eaba47083782124720ede584f60a45dbea6503bc9c341d7bdd7cd670607b9d1
7d7e4c07cfb92a319ffc12ea0fcb1cd8290c3f30ac392b4ea134e7eea1d7c303
83ce6006cff1191ad3dee4fd015b0169ecc17b0ca8bd8ca698b6bea1d8699533
86a6f711282e73c49d629f39f1fcf7d851400263e86701e6f715ff2a3bd7a267
8896bd9aad2399ee52a9878c7ada2e49df2f66ba91afd102244018c25ffd88e2
8e07795e1b86c75fdfc480b754a3407e37f6309ac0b8fb9c592c6038659f3e9e
a3b3c4f67bf2b44294215e2be76f12794e6b142edec201e199c93c38739f2bfc
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
b907cd5b9c690c51dffd25fed156e1f024bf46db2ed8778273cf7657b4f35a05
b91d1ec9472241045675ca360b2b622a5e7b1920f57156c23748b97305f79b01
be807ea8c0a3b5b83278b5260b1f1e02fc17342d06f724d3ba536b4861c281c8
bf3607133c212cc8c43999946415f71fa60dede06b37a199b7b24ee0385b886b
c914a161e33edce18be5dd4777927892fc9357f8cd4652339813eb823d23390c
d39c54f2463d628397998bf547ff60183ae98bdd480efff23e9df38263eefee0
db04b08a96796880542fe2887fc0933c52c88171268419eae038d23ce338364d
dc691441189adbf532508a9e659a651eb06dbba76c06072722534db466b10320
e5b92cb6dd166fbed16f34551bb34cb9a8b86d1966ba03c1c44c6810291fa338
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f55a415330e877e76984f5b7a8b5336bf811994262c44d5a57716292538316d2
f70e633f7e102bd3308dd3bcbd39b34cb401f59fbe00734e6097aa7da0ee5579
f7b7daf84961e9b14365bf670d7eeebb0c8c470e536b6b5da27f743b18f8e30a