financeirabetatrend.club Open in urlscan Pro
178.62.89.113 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://financeirabetatrend.club/arquivo2
Effective URL:
http://financeirabetatrend.club/arquivo2/anexo.html
Submission: On November 21 via manual (November 21st 2017, 1:38:53 pm UTC) from ES

Summary HTTP 50 Redirects Behaviour Indicators

Summary

This website contacted 22 IPs in 5 countries across 23 domains to perform 50 HTTP transactions. The main IP is 178.62.89.113, located in London, United Kingdom and belongs to DIGITALOCEAN-ASN - DigitalOcean, LLC, US. The main domain is financeirabetatrend.club.

This is the only time financeirabetatrend.club was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	178.62.89.113 178.62.89.113	14061 (DIGITALOC...) (DIGITALOCEAN-ASN - DigitalOcean)
11	52.22.72.157 52.22.72.157	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:817::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
5	2a00:1450:400... 2a00:1450:4001:818::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	172.217.22.66 172.217.22.66	15169 (GOOGLE) (GOOGLE - Google LLC)
2	23.67.141.100 23.67.141.100	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.222.157.75 52.222.157.75	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	104.244.43.48 104.244.43.48	13414 (TWITTER) (TWITTER - Twitter Inc.)
2 3	185.33.223.202 185.33.223.202	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
1 1	68.67.153.60 68.67.153.60	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
1	52.222.157.34 52.222.157.34	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	2a00:1450:400... 2a00:1450:400c:c04::9c	15169 (GOOGLE) (GOOGLE - Google LLC)
2 2	2a00:1450:400... 2a00:1450:4001:818::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:818::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER - Twitter Inc.)
1	52.222.157.204 52.222.157.204	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 4	35.190.27.37 35.190.27.37	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:4001:820::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	199.15.215.129 199.15.215.129	53580 (MARKETO) (MARKETO - MARKETO)
1	151.101.114.110 151.101.114.110	54113 (FASTLY) (FASTLY - Fastly)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER - Twitter Inc.)
1	162.247.242.19 162.247.242.19	23467 (NEWRELIC-...) (NEWRELIC-AS-1 - New Relic)
6	52.3.211.188 52.3.211.188	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
50	22

3 178.62.89.113 (London, United Kingdom) 1 redirects

ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)

financeirabetatrend.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 52.22.72.157 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-22-72-157.compute-1.amazonaws.com

secure.sharefile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:818::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.22.66 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s17-in-f66.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.67.141.100 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-67-141-100.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.157.75 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-157-75.fra53.r.cloudfront.net

scripts.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.43.48 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.223.202 (European Union) 2 redirects

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.67.153.60 (New York, United States) 1 redirects

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: s.ml-attr.com.pxlsrv.net

s.ml-attr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.157.34 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-157-34.fra53.r.cloudfront.net

attr.ml-api.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9c (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:818::2004 (Ireland) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:818::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.157.204 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-157-204.fra53.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.27.37 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: 37.27.190.35.bc.googleusercontent.com

d.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2002 (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8083:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.15.215.129 (San Mateo, United States)

ASN53580 (MARKETO - MARKETO, US)

027-lmp-993.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.110 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.242.19 (United States)

ASN23467 (NEWRELIC-AS-1 - New Relic, US)
PTR: bam-7.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.3.211.188 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-3-211-188.compute-1.amazonaws.com

secure.sharefile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	sharefile.com secure.sharefile.com Failed	324 KB
5	company-target.com 2 redirects api.company-target.com d.company-target.com	1 KB
5	google-analytics.com www.google-analytics.com	15 KB
3	adnxs.com 2 redirects secure.adnxs.com	2 KB
3	financeirabetatrend.club 1 redirects financeirabetatrend.club	2 KB
2	facebook.com www.facebook.com	106 B
2	google.de www.google.de	132 B
2	google.com 2 redirects www.google.com	718 B
2	doubleclick.net 3845646.fls.doubleclick.net Failed stats.g.doubleclick.net googleads.g.doubleclick.net	618 B
2	facebook.net connect.facebook.net	21 KB
2	marketo.net munchkin.marketo.net	4 KB
1	nr-data.net bam.nr-data.net	57 B
1	twitter.com analytics.twitter.com	66 B
1	newrelic.com js-agent.newrelic.com	9 KB
1	mktoresp.com 027-lmp-993.mktoresp.com	43 B
1	t.co t.co	74 B
1	ml-api.io attr.ml-api.io	4 B
1	ml-attr.com 1 redirects s.ml-attr.com	294 B
1	ads-twitter.com static.ads-twitter.com	2 KB
1	demandbase.com scripts.demandbase.com	13 KB
1	googleadservices.com www.googleadservices.com	6 KB
1	googletagmanager.com www.googletagmanager.com	35 KB
0	extole.com Failed tags.extole.com Failed
50	23

	Domain	Requested by
17	secure.sharefile.com	secure.sharefile.com
5	www.google-analytics.com	financeirabetatrend.club www.google-analytics.com secure.sharefile.com
4	d.company-target.com	2 redirects secure.sharefile.com
3	secure.adnxs.com	2 redirects secure.sharefile.com
3	financeirabetatrend.club	1 redirects
2	www.facebook.com	secure.sharefile.com
2	www.google.de	secure.sharefile.com
2	www.google.com	2 redirects
2	connect.facebook.net	financeirabetatrend.club connect.facebook.net
2	munchkin.marketo.net	financeirabetatrend.club munchkin.marketo.net
1	bam.nr-data.net	js-agent.newrelic.com
1	analytics.twitter.com	static.ads-twitter.com
1	js-agent.newrelic.com	secure.sharefile.com
1	027-lmp-993.mktoresp.com	munchkin.marketo.net
1	googleads.g.doubleclick.net	1 redirects
1	api.company-target.com	scripts.demandbase.com
1	t.co	secure.sharefile.com
1	stats.g.doubleclick.net	1 redirects
1	attr.ml-api.io	secure.sharefile.com
1	s.ml-attr.com	1 redirects
1	static.ads-twitter.com	financeirabetatrend.club
1	scripts.demandbase.com	financeirabetatrend.club
1	www.googleadservices.com	www.googletagmanager.com
1	www.googletagmanager.com	secure.sharefile.com
0	tags.extole.com Failed	secure.sharefile.com
0	3845646.fls.doubleclick.net Failed	secure.sharefile.com
50	26

This site contains no links.

Subject Issuer	Validity	Valid
*.sharefile.com DigiCert SHA2 Secure Server CA	`2017-01-09` - `2020-04-08`	3 years	crt.sh
*.google-analytics.com Google Internet Authority G3	`2017-11-01` - `2018-01-24`	3 months	crt.sh
www.googleadservices.com Google Internet Authority G3	`2017-11-01` - `2018-01-24`	3 months	crt.sh
*.marketo.net Symantec Class 3 Secure Server CA - G4	`2017-09-11` - `2018-12-11`	a year	crt.sh
*.demandbase.com Go Daddy Secure Certificate Authority - G2	`2016-09-20` - `2018-11-19`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2016-12-09` - `2018-01-25`	a year	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2016-06-08` - `2019-06-13`	3 years	crt.sh
*.adnxs.com Symantec Class 3 ECC 256 bit SSL CA - G2	`2017-01-25` - `2019-01-25`	2 years	crt.sh
*.ml-api.io COMODO RSA Organization Validation Secure Server CA	`2017-02-27` - `2019-03-27`	2 years	crt.sh
www.google.de Google Internet Authority G3	`2017-11-01` - `2018-01-24`	3 months	crt.sh
t.co DigiCert SHA2 Extended Validation Server CA	`2017-07-25` - `2018-11-05`	a year	crt.sh
*.company-target.com Go Daddy Secure Certificate Authority - G2	`2017-08-18` - `2019-08-18`	2 years	crt.sh
*.d.company-target.com Go Daddy Secure Certificate Authority - G2	`2017-10-11` - `2018-10-11`	a year	crt.sh
*.mktoresp.com Go Daddy Secure Certificate Authority - G2	`2015-12-02` - `2018-12-02`	3 years	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2017-10-19` - `2018-05-04`	6 months	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2015-07-30` - `2018-08-03`	3 years	crt.sh
*.nr-data.net GeoTrust SSL CA - G3	`2017-07-18` - `2018-03-17`	8 months	crt.sh

This page contains 3 frames:

Frame: https://secure.sharefile.com/Authentication/Login
Frame ID: 6069.1
Requests: 3 HTTP requests in this frame

Frame: https://secure.sharefile.com/Authentication/Login
Frame ID: 6091.1
Requests: 46 HTTP requests in this frame

Frame: https://3845646.fls.doubleclick.net/activityi;dc_pre=CKLejJTlz9cCFaKi7QodaT0Itw;src=3845646;type=LogIn-;cat=Login-;ord=1;num=580830774001;gtm=Gbe;~oref=https%3A%2F%2Fsecure.sharefile.com%2FAuthentication%2FLogin
Frame ID: 6091.2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://financeirabetatrend.club/arquivo2 HTTP 301
http://financeirabetatrend.club/arquivo2/ Page URL
http://financeirabetatrend.club/arquivo2/anexo.html Page URL

Detected technologies

CentOS (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /CentOS/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

script /munchkin\.marketo\.net\/munchkin\.js/i

Page Statistics

50
Requests

88 %
HTTPS

32 %
IPv6

23
Domains

26
Subdomains

22
IPs

5
Countries

432 kB
Transfer

1218 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://financeirabetatrend.club/arquivo2 HTTP 301
http://financeirabetatrend.club/arquivo2/ Page URL
http://financeirabetatrend.club/arquivo2/anexo.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://financeirabetatrend.club/arquivo2 HTTP 301
http://financeirabetatrend.club/arquivo2/

Request Chain 1

http://financeirabetatrend.club/arquivo2/localizador/index.php HTTP 302
https://storage-br-1.sharefile.com/download.ashx?dt=dtfb6e9167865e44bb9a8c359e4feb8d07&h=sYP3qXD9136%2fFkv4EEVQ0lwDmZU3ulF%2bo0OQv8WzhDA%3d HTTP 302
https://secure.sharefile.com/Authentication/Login

Request Chain 15

https://s.ml-attr.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dsharefile.com%26pId%3d%24UID&gtmcb=47962468 HTTP 302
https://secure.adnxs.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dsharefile.com%26pId%3d%24UID&gtmcb=47962468 HTTP 302
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fattr.ml-api.io%252f%253fdomain%253dsharefile.com%2526pId%253d%2524UID%26gtmcb%3D47962468 HTTP 302
https://attr.ml-api.io/?domain=sharefile.com&pId=2629731069992747295&gtmcb=47962468

Request Chain 16

https://3845646.fls.doubleclick.net/activityi;src=3845646;type=LogIn-;cat=Login-;ord=1;num=580830774001;gtm=Gbe;~oref=https%3A%2F%2Fsecure.sharefile.com%2FAuthentication%2FLogin HTTP 302
https://3845646.fls.doubleclick.net/activityi;dc_pre=CKLejJTlz9cCFaKi7QodaT0Itw;src=3845646;type=LogIn-;cat=Login-;ord=1;num=580830774001;gtm=Gbe;~oref=https%3A%2F%2Fsecure.sharefile.com%2FAuthentication%2FLogin

Request Chain 19

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j66&tid=UA-142592-2&cid=890680746.1511271527&jid=803443090&gjid=1679445253&_gid=600822097.1511271527&_u=aGBAgEAj~&z=1272861390 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-142592-2&cid=890680746.1511271527&jid=803443090&_v=j66&z=1272861390 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-142592-2&cid=890680746.1511271527&jid=803443090&_v=j66&z=1272861390&slf_rd=1&random=3880827955

Request Chain 24

https://d.company-target.com/pixel?type=js&id=1387408172&page=https%3A%2F%2Fsecure.sharefile.com%2FAuthentication%2FLogin HTTP 302
https://d.company-target.com/ul_cb/pixel?type=js&id=1387408172&page=https%3A%2F%2Fsecure.sharefile.com%2FAuthentication%2FLogin

Request Chain 25

https://d.company-target.com/pixel?type=js&id=1387408066&page=https%3A%2F%2Fsecure.sharefile.com%2FAuthentication%2FLogin HTTP 302
https://d.company-target.com/ul_cb/pixel?type=js&id=1387408066&page=https%3A%2F%2Fsecure.sharefile.com%2FAuthentication%2FLogin

Request Chain 26

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1068539930/?random=1511271526765&cv=8&fst=1511271526765&num=1&guid=ON&eid=659238990&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=Gbe&frm=0&url=https%3A%2F%2Fsecure.sharefile.com%2FAuthentication%2FLogin&ref=http%3A%2F%2Ffinanceirabetatrend.club%2Farquivo2%2Fanexo.html&tiba=ShareFile%20Login&async=1&rfmt=3&fmt=4 HTTP 302
https://www.google.com/ads/user-lists/1068539930/?random=1511271526765&cv=8&fst=1511269200000&num=1&guid=ON&eid=659238990&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=https%3A%2F%2Fsecure.sharefile.com%2FAuthentication%2FLogin&ref=http%3A%2F%2Ffinanceirabetatrend.club%2Farquivo2%2Fanexo.html&tiba=ShareFile%20Login&async=1&fmt=4&cdct=2&is_vtc=1&random=29245055 HTTP 302
https://www.google.de/ads/user-lists/1068539930/?random=1511271526765&cv=8&fst=1511269200000&num=1&guid=ON&eid=659238990&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=https%3A%2F%2Fsecure.sharefile.com%2FAuthentication%2FLogin&ref=http%3A%2F%2Ffinanceirabetatrend.club%2Farquivo2%2Fanexo.html&tiba=ShareFile%20Login&async=1&fmt=4&cdct=2&is_vtc=1&random=29245055&ipr=y&ulfeg=n

50 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
financeirabetatrend.club/arquivo2/
Redirect Chain

http://financeirabetatrend.club/arquivo2
http://financeirabetatrend.club/arquivo2/

1 KB
1 KB

36ms
18ms

Document
text/html

178.62.89.113
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL: http://financeirabetatrend.club/arquivo2/
Protocol: HTTP/1.1
Server: 178.62.89.113 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: baa1990608ff9032207cea1c93f9735492ab5becdf8459a83a0411702e903f50

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: financeirabetatrend.club
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Cache-Control: no-cache
Connection: keep-alive
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date: Tue, 21 Nov 2017 13:38:43 GMT
Last-Modified: Wed, 16 Dec 2015 23:30:08 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "57a-566-5270c49650000"
Content-Type: text/html; charset=UTF-8
Connection: close
Accept-Ranges: bytes
Content-Length: 1382

Redirect headers

Location: http://financeirabetatrend.club/arquivo2/
Date: Tue, 21 Nov 2017 13:38:43 GMT
Server: Apache/2.2.15 (CentOS)
Connection: close
Content-Length: 339
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK Primary Request anexo.html Show response
financeirabetatrend.club/arquivo2/ 132 B
132 B 37ms
18ms Document
text/html 178.62.89.113
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL: http://financeirabetatrend.club/arquivo2/anexo.html
Protocol: HTTP/1.1
Server: 178.62.89.113 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 7da532094b3c0e8d2a63485604ab31dba056e382d4169c419e3833ff8b8fbf4b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: financeirabetatrend.club
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://financeirabetatrend.club/arquivo2/
Connection: keep-alive
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
Referer: http://financeirabetatrend.club/arquivo2/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date: Tue, 21 Nov 2017 13:38:44 GMT
Last-Modified: Sat, 12 Dec 2015 06:07:18 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "578-84-526ad40911180"
Content-Type: text/html; charset=UTF-8
Connection: close
Accept-Ranges: bytes
Content-Length: 132

GET

http://financeirabetatrend.club/arquivo2/localizador/index.php
https://storage-br-1.sharefile.com/download.ashx?dt=dtfb6e9167865e44bb9a8c359e4feb8d07&h=sYP3qXD9136%2fFkv4EEVQ0lwDmZU3ulF%2bo0OQv8WzhDA%3d
https://secure.sharefile.com/Authentication/Login

0
0

GET
H/1.1 200
OK Cookie set Login Show response
secure.sharefile.com/Authentication/ Frame 6091 9 KB
4 KB 436ms
129ms Document
text/html 52.22.72.157
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.sharefile.com/Authentication/Login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.22.72.157 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-22-72-157.compute-1.amazonaws.com

Software

Resource Hash

b266d23b924851106b47ef080f253f287dc1e06c86d05b248ac9ce27cea294ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: secure.sharefile.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://financeirabetatrend.club/arquivo2/anexo.html
Connection: keep-alive
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
Referer: http://financeirabetatrend.club/arquivo2/anexo.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 21 Nov 2017 13:38:36 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-SF-Server: web_ssl/i-03549f30f475d8574_172.16.106.68_us-east-1c
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Set-Cookie: ASP.NET_SessionId=y4zoydtbf4eyqm3eenhgldgw; path=/; secure; HttpOnly __RequestVerificationToken=r0BDaerY6bgKgEUHaBn_7rQ_qpXFypqOoyPMP6gtqu7bCyJFkEnK1nSO17hw9-aYIYGdaQ4R5ByRftbvCNGXn3HGTMPdbKX4PlC8t_KN_3Q1; path=/; secure; HttpOnly SFWEB_SRVNAME=i-03549f30f475d8574; path=/
Cache-Control: private,no-cache, no-store, must-revalidate
Strict-Transport-Security: max-age=16000000; includeSubDomains; preload;
Content-Length: 4260
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H/1.1 200
OK onecitrix.css
secure.sharefile.com/cache/sha/_Auth/Styles/onecitrix/ Frame 6091 39 KB
7 KB 99ms
99ms Stylesheet
text/css 52.22.72.157
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.sharefile.com/cache/sha/_Auth/Styles/onecitrix/onecitrix.css?v=I-M3lKBNeESt-ovhZXI0Iic-Gv-rX2kRgjinKJJTfZY1

Requested by

Host: secure.sharefile.com
URL: https://secure.sharefile.com/Authentication/Login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.22.72.157 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-22-72-157.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 /

Resource Hash

735ed34da0b30643ea5a2a367240cf1afcdd34ece08d5d3fc7bb4f3c2378f18f

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: secure.sharefile.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://secure.sharefile.com/Authentication/Login
Cookie: ASP.NET_SessionId=y4zoydtbf4eyqm3eenhgldgw; __RequestVerificationToken=r0BDaerY6bgKgEUHaBn_7rQ_qpXFypqOoyPMP6gtqu7bCyJFkEnK1nSO17hw9-aYIYGdaQ4R5ByRftbvCNGXn3HGTMPdbKX4PlC8t_KN_3Q1; SFWEB_SRVNAME=i-03549f30f475d8574
Connection: keep-alive
Cache-Control: no-cache
Referer: https://secure.sharefile.com/Authentication/Login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date: Tue, 21 Nov 2017 13:38:36 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 16 Nov 2017 21:43:58 GMT
Server: Microsoft-IIS/8.5
ETag: "063f21245fd31:0"
Vary: Accept-Encoding
X-SF-Server: web_ssl/i-03549f30f475d8574_172.16.106.68_us-east-1c
Content-Type: text/css
Cache-Control: max-age=1209600
Strict-Transport-Security: max-age=16000000; includeSubDomains; preload;
Accept-Ranges: bytes
Content-Length: 7054
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK webpop Show response
secure.sharefile.com/cache/sha/javascript/bundles/ Frame 6091 36 KB
13 KB 201ms
102ms Script
text/javascript 52.22.72.157
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.sharefile.com/cache/sha/javascript/bundles/webpop?v=SXVj9sfn-_JSXuz784QGcLIHOOOoJkEBPubvx-ceYKU1

Requested by

Host: secure.sharefile.com
URL: https://secure.sharefile.com/Authentication/Login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.22.72.157 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-22-72-157.compute-1.amazonaws.com

Software

Resource Hash

97ee8756b647520016115244984b9d1e6474c62ecb7a9f9e0c68f145b5f82a7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: secure.sharefile.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: */*
Referer: https://secure.sharefile.com/Authentication/Login
Cookie: ASP.NET_SessionId=y4zoydtbf4eyqm3eenhgldgw; __RequestVerificationToken=r0BDaerY6bgKgEUHaBn_7rQ_qpXFypqOoyPMP6gtqu7bCyJFkEnK1nSO17hw9-aYIYGdaQ4R5ByRftbvCNGXn3HGTMPdbKX4PlC8t_KN_3Q1; SFWEB_SRVNAME=i-03549f30f475d8574
Connection: keep-alive
Cache-Control: no-cache
Referer: https://secure.sharefile.com/Authentication/Login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 21 Nov 2017 13:38:36 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 21 Nov 2017 13:38:37 GMT
X-SF-Server: web_ssl/i-03549f30f475d8574_172.16.106.68_us-east-1c
Vary: User-Agent,Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public
Strict-Transport-Security: max-age=16000000; includeSubDomains; preload;
Content-Length: 13562
X-XSS-Protection: 1; mode=block
Expires: Wed, 21 Nov 2018 13:38:37 GMT

GET
H/1.1 200
OK webpoprequireconfig Show response
secure.sharefile.com/cache/sha/bundles/ Frame 6091 1 KB
477 B 301ms
100ms Script
text/javascript 52.22.72.157
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.sharefile.com/cache/sha/bundles/webpoprequireconfig?v=x8IseZJFw3PuwiuSVHlCSh1LZtaAiovtxtqKISBQcXE1

Requested by

Host: secure.sharefile.com
URL: https://secure.sharefile.com/Authentication/Login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.22.72.157 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-22-72-157.compute-1.amazonaws.com

Software

Resource Hash

633435cd68b2ae45f42b6c2d3069c31d1b55269c6f9e0d358a0dd43238421eef

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: secure.sharefile.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: */*
Referer: https://secure.sharefile.com/Authentication/Login
Cookie: ASP.NET_SessionId=y4zoydtbf4eyqm3eenhgldgw; __RequestVerificationToken=r0BDaerY6bgKgEUHaBn_7rQ_qpXFypqOoyPMP6gtqu7bCyJFkEnK1nSO17hw9-aYIYGdaQ4R5ByRftbvCNGXn3HGTMPdbKX4PlC8t_KN_3Q1; SFWEB_SRVNAME=i-03549f30f475d8574
Connection: keep-alive
Cache-Control: no-cache
Referer: https://secure.sharefile.com/Authentication/Login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 21 Nov 2017 13:38:36 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 21 Nov 2017 13:38:37 GMT
X-SF-Server: web_ssl/i-03549f30f475d8574_172.16.106.68_us-east-1c
Vary: User-Agent,Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public
Strict-Transport-Security: max-age=16000000; includeSubDomains; preload;
Content-Length: 477
X-XSS-Protection: 1; mode=block
Expires: Wed, 21 Nov 2018 13:38:37 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 6091 106 KB
35 KB 28ms
16ms Script
application/javascript 2a00:1450:4001:817::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-XCGM

Requested by

Host: secure.sharefile.com
URL: https://secure.sharefile.com/Authentication/Login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:817::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

6726309f12886c87c404ed3882424fb04d50bf45d3ea68190301260af2fbabc3

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /gtm.js?id=GTM-XCGM
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.googletagmanager.com
referer: https://secure.sharefile.com/Authentication/Login
:scheme: https
:method: GET
Referer: https://secure.sharefile.com/Authentication/Login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date: Tue, 21 Nov 2017 13:38:46 GMT
content-encoding: gzip
server: Google Tag Manager (scaffolding)
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 35876
x-xss-protection: 1; mode=block
expires: Tue, 21 Nov 2017 13:38:46 GMT

GET
H/1.1 200
OK es6-shim-min.js Show response
secure.sharefile.com/cache/ca549dd797d616ea92ec79ce3b5863b2921c3452/_Auth/Lib/shims/ Frame 6091 55 KB
16 KB 99ms
99ms Script
application/javascript 52.22.72.157
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.sharefile.com/cache/ca549dd797d616ea92ec79ce3b5863b2921c3452/_Auth/Lib/shims/es6-shim-min.js

Requested by

Host: secure.sharefile.com
URL: https://secure.sharefile.com/cache/sha/javascript/bundles/webpop?v=SXVj9sfn-_JSXuz784QGcLIHOOOoJkEBPubvx-ceYKU1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.22.72.157 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-22-72-157.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 /

Resource Hash

6fee0cfe78705de2b6e3473b536d963ccbad9ff68c2b03561bf5363ba6906b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: secure.sharefile.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: */*
Referer: https://secure.sharefile.com/Authentication/Login
Cookie: ASP.NET_SessionId=y4zoydtbf4eyqm3eenhgldgw; __RequestVerificationToken=r0BDaerY6bgKgEUHaBn_7rQ_qpXFypqOoyPMP6gtqu7bCyJFkEnK1nSO17hw9-aYIYGdaQ4R5ByRftbvCNGXn3HGTMPdbKX4PlC8t_KN_3Q1; SFWEB_SRVNAME=i-03549f30f475d8574
Connection: keep-alive
Cache-Control: no-cache
Referer: https://secure.sharefile.com/Authentication/Login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date: Tue, 21 Nov 2017 13:38:36 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 16 Nov 2017 21:39:54 GMT
Server: Microsoft-IIS/8.5
ETag: "0f18270235fd31:0"
Vary: Accept-Encoding
X-SF-Server: web_ssl/i-03549f30f475d8574_172.16.106.68_us-east-1c
Content-Type: application/javascript
Cache-Control: max-age=1209600
Strict-Transport-Security: max-age=16000000; includeSubDomains; preload;
Accept-Ranges: bytes
Content-Length: 16699
X-XSS-Protection: 1; mode=block

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 6091 35 KB
14 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:818::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: financeirabetatrend.club
URL: http://financeirabetatrend.club/arquivo2/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:818::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f8ef655ef916e39713ede9c6db56d7ca5618bd82cf5ac991dcd013f05e0fdfc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /analytics.js
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.google-analytics.com
referer: https://secure.sharefile.com/Authentication/Login
:scheme: https
:method: GET
Referer: https://secure.sharefile.com/Authentication/Login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 13 Nov 2017 20:19:12 GMT
server: Golfe2
age: 6614
date: Tue, 21 Nov 2017 11:48:32 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 14597
expires: Tue, 21 Nov 2017 13:48:32 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame 6091 16 KB
6 KB 39ms
39ms Script
text/javascript 172.217.22.66
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-XCGM

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.217.22.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

cafe /

Resource Hash

3bd894051d3b2cf7ccda11ec0af9fec052d48d27841d2a3eb8843323007a806f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /pagead/conversion_async.js
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.googleadservices.com
referer: https://secure.sharefile.com/Authentication/Login
:scheme: https
:method: GET
Referer: https://secure.sharefile.com/Authentication/Login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 21 Nov 2017 13:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
etag: 17607175602077283663
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: private, max-age=3600
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 6078
x-xss-protection: 1; mode=block
expires: Tue, 21 Nov 2017 13:38:46 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ Frame 6091 1 KB
708 B 33ms
6ms Script
application/x-javascript 23.67.141.100
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: financeirabetatrend.club
URL: http://financeirabetatrend.club/arquivo2/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.67.141.100 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-67-141-100.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 3ff29d0e937c5180321601fad67d8fa4a911e59147321a1c79f29fffff6ef32c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: munchkin.marketo.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: */*
Referer: https://secure.sharefile.com/Authentication/Login
Connection: keep-alive
Cache-Control: no-cache
Referer: https://secure.sharefile.com/Authentication/Login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date: Tue, 21 Nov 2017 13:38:46 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 May 2017 17:22:06 GMT
Server: Apache
ETag: "b546970ab6767ca502690d7810adb72f:1495041726"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR" policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 708

GET
H2 200 5wDCfOAs.min.js Show response
scripts.demandbase.com/ Frame 6091 50 KB
13 KB 31ms
13ms Script
application/javascript 52.222.157.75
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.demandbase.com/5wDCfOAs.min.js
Requested by: Host: financeirabetatrend.club
URL: http://financeirabetatrend.club/arquivo2/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.157.75 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-222-157-75.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d2b57811120bd1da9f5d8e4c6890c77597cd8a295a5691ad59b374a6365f21aa

Request headers

:path: /5wDCfOAs.min.js
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept: */*
cache-control: no-cache
:authority: scripts.demandbase.com
referer: https://secure.sharefile.com/Authentication/Login
:scheme: https
:method: GET
Referer: https://secure.sharefile.com/Authentication/Login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date: Thu, 16 Nov 2017 05:31:01 GMT
content-encoding: gzip
last-modified: Thu, 16 Nov 2017 03:13:22 GMT
server: AmazonS3
age: 946
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: Qvu8ClQYndnfNR.t.56zfoE1msTwNjfs
status: 200
cache-control: public, max-age=3600
content-type: application/javascript
x-amz-cf-id: DN9ZLDdLMvgaBD9VErxt_stai27UXhVa_Y3xl4UEbVhzOif4eskohA==
via: 1.1 e9cb084a7980d1028202eee7e07a5589.cloudfront.net (CloudFront)

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 6091 32 KB
11 KB 18ms
5ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: financeirabetatrend.club
URL: http://financeirabetatrend.club/arquivo2/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

e1f244c41a11d32ede57cc0db3c2c2cf6b1cb0fc55a0bdf23130ef607ad80969

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* .akamaihd.net wss://.facebook.com:* https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

:path: /en_US/fbevents.js
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept: */*
cache-control: no-cache
:authority: connect.facebook.net
referer: https://secure.sharefile.com/Authentication/Login
:scheme: https
:method: GET
Referer: https://secure.sharefile.com/Authentication/Login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

pragma: public
x-fb-debug: k5W215pD4Wc+UVxOlK0rc+i0DfOHPQ22tNtEXNr/ItTRwo15EJUdc/Gl53dgSdZLQ6D6HQ8VvPGNnixr79T1Ig==
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 21 Nov 2017 13:38:46 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
status: 200
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
strict-transport-security: max-age=31536000; preload; includeSubDomains
vary: Accept-Encoding
content-length: 10869
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ Frame 6091 5 KB
2 KB 23ms
6ms Script
application/javascript 104.244.43.48
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: financeirabetatrend.club
URL: http://financeirabetatrend.club/arquivo2/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.43.48 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software: /
Resource Hash: ec66e9623104977ac60bfd82d3c77e4fc3758b60478114da618bbd6d660d1437

Request headers

:path: /uwt.js
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept: */*
cache-control: no-cache
:authority: static.ads-twitter.com
referer: https://secure.sharefile.com/Authentication/Login
:scheme: https
:method: GET
Referer: https://secure.sharefile.com/Authentication/Login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date: Tue, 21 Nov 2017 13:38:46 GMT
content-encoding: gzip
age: 49266
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 1984
x-served-by: cache-tw-fra1-cr1-12-TWFRA1
last-modified: Wed, 25 Oct 2017 17:46:26 GMT
x-timer: S1511271527.740565,VS0,VE0
etag: "87a891b1783ec3405c81cfd6141d12b3+gzip"
vary: Accept-Encoding,Host
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: no-cache
accept-ranges: bytes

GET
H/1.1 200
OK px
secure.adnxs.com/ Frame 6091 0
0 37ms
12ms Image
text/html 185.33.223.202
AppNexus

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/px?id=850058&seg=8621473&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fpixel.mediaiqdigital.com%2Fpixel%3Fpixel_id%3D850058%26uid%3D%24UID&t=2&gtmcb=1013041134

Requested by

Host: secure.sharefile.com
URL: https://secure.sharefile.com/Authentication/Login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

185.33.223.202 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://secure.sharefile.com/Authentication/Login
Connection: keep-alive
Cache-Control: no-cache
Referer: https://secure.sharefile.com/Authentication/Login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 21 Nov 2017 13:38:48 GMT
X-Proxy-Origin: 148.251.45.254; 148.251.45.254; 318.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.85:80
AN-X-Request-Uuid: 8f67f052-57a6-43ee-9053-94da82f390c4
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

/
attr.ml-api.io/ Frame 6091
Redirect Chain

https://s.ml-attr.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dsharefile.com%26pId%3d%24UID&gtmcb=47962468
https://secure.adnxs.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dsharefile.com%26pId%3d%24UID&gtmcb=47962468
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fattr.ml-api.io%252f%253fdomain%253dsharefile.com%2526pId%253d%2524UID%26gtmcb%3D47962468
https://attr.ml-api.io/?domain=sharefile.com&pId=2629731069992747295&gtmcb=47962468

4 B
4 B

456ms
138ms

Image
image/jpeg

52.222.157.34
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://attr.ml-api.io/?domain=sharefile.com&pId=2629731069992747295&gtmcb=47962468
Requested by: Host: secure.sharefile.com
URL: https://secure.sharefile.com/Authentication/Login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.157.34 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-222-157-34.fra53.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: attr.ml-api.io
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://secure.sharefile.com/Authentication/Login
Connection: keep-alive
Cache-Control: no-cache
Referer: https://secure.sharefile.com/Authentication/Login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date: Tue, 21 Nov 2017 13:38:47 GMT
Via: 1.1 1f95d1a95c6f2df8073daccac07b7570.cloudfront.net (CloudFront)
x-amzn-RequestId: 4d232c58-cec1-11e7-8bb5-1748e3317079
X-Cache: Miss from cloudfront
Content-Type: image/jpeg
X-Amzn-Trace-Id: sampled=0;root=1-5a142c67-289f524304c2cfad6d37743d
Connection: keep-alive
Content-Length: 4
X-Amz-Cf-Id: PkLhCBWUCHWZmhu1i_mep5CTpT3lcsTjzGufX6i4AAcY9XCrLYRlUA==

Redirect headers

Date: Tue, 21 Nov 2017 13:38:49 GMT
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 148.251.45.254; 148.251.45.254; 318.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.70:80
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 434a4bb5-21c2-4ca0-af8d-46a6b305c220
Server: nginx/1.13.4
Location: https://attr.ml-api.io/?domain=sharefile.com&pId=2629731069992747295&gtmcb=47962468
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Set-Cookie: sess=1; Path=/; Max-Age=86400; Expires=Wed, 22-Nov-2017 13:38:49 GMT; Domain=.adnxs.com; HttpOnly uuid2=2629731069992747295; Path=/; Max-Age=7776000; Expires=Mon, 19-Feb-2018 13:38:49 GMT; Domain=.adnxs.com; HttpOnly
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET

activityi;dc_pre=CKLejJTlz9cCFaKi7QodaT0Itw;src=3845646;type=LogIn-;cat=Login-;ord=1;num=580830774001;gtm=Gbe;~oref=https%3A%2F%2Fsecure.sharefile.com%2FAuthentication%2FLogin
3845646.fls.doubleclick.net/ Frame 6091
Redirect Chain

https://3845646.fls.doubleclick.net/activityi;src=3845646;type=LogIn-;cat=Login-;ord=1;num=580830774001;gtm=Gbe;~oref=https%3A%2F%2Fsecure.sharefile.com%2FAuthentication%2FLogin?
https://3845646.fls.doubleclick.net/activityi;dc_pre=CKLejJTlz9cCFaKi7QodaT0Itw;src=3845646;type=LogIn-;cat=Login-;ord=1;num=580830774001;gtm=Gbe;~oref=https%3A%2F%2Fsecure.sharefile.com%2FAuthenti...

0
0

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ Frame 6091 2 KB
865 B 6ms
6ms Script
text/javascript 2a00:1450:4001:818::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:818::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /plugins/ua/linkid.js
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.google-analytics.com
referer: https://secure.sharefile.com/Authentication/Login
:scheme: https
:method: GET
Referer: https://secure.sharefile.com/Authentication/Login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date: Tue, 21 Nov 2017 13:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 21 Apr 2016 03:17:22 GMT
server: sffe
age: 1814
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 856
x-xss-protection: 1; mode=block
expires: Tue, 21 Nov 2017 14:08:32 GMT

GET
H2 200 collect
www.google-analytics.com/ Frame 6091 35 B
44 B 6ms
5ms Image
image/gif 2a00:1450:4001:818::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j66&a=1791671723&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.sharefile.com%2FAuthentication%2FLogin&dr=http%3A%2F%2Ffinanceirabetatrend.club%2Farquivo2%2Fanexo.html&ul=en-us&de=UTF-8&dt=ShareFile%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEAj~&jid=803443090&gjid=1679445253&cid=890680746.1511271527&tid=UA-142592-2&_gid=600822097.1511271527&z=2072111829

Requested by

Host: secure.sharefile.com
URL: https://secure.sharefile.com/Authentication/Login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:818::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /collect?v=1&_v=j66&a=1791671723&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.sharefile.com%2FAuthentication%2FLogin&dr=http%3A%2F%2Ffinanceirabetatrend.club%2Farquivo2%2Fanexo.html&ul=en-us&de=UTF-8&dt=ShareFile%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEAj~&jid=803443090&gjid=1679445253&cid=890680746.1511271527&tid=UA-142592-2&_gid=600822097.1511271527&z=2072111829
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.google-analytics.com
referer: https://secure.sharefile.com/Authentication/Login
:scheme: https
:method: GET
Referer: https://secure.sharefile.com/Authentication/Login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Nov 2017 18:09:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 502176
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/ Frame 6091
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j66&tid=UA-142592-2&cid=890680746.1511271527&jid=803443090&gjid=1679445253&_gid=600822097.1511271527&_u=aGBAgEAj~&z=1272861390
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-142592-2&cid=890680746.1511271527&jid=803443090&_v=j66&z=1272861390
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-142592-2&cid=890680746.1511271527&jid=803443090&_v=j66&z=1272861390&slf_rd=1&random=3880827955

42 B
60 B

16ms
15ms

Image
image/gif

2a00:1450:4001:818::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-142592-2&cid=890680746.1511271527&jid=803443090&_v=j66&z=1272861390&slf_rd=1&random=3880827955

Requested by

Host: secure.sharefile.com
URL: https://secure.sharefile.com/Authentication/Login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:818::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-142592-2&cid=890680746.1511271527&jid=803443090&_v=j66&z=1272861390&slf_rd=1&random=3880827955
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.google.de
referer: https://secure.sharefile.com/Authentication/Login
:scheme: https
:method: GET
Referer: https://secure.sharefile.com/Authentication/Login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2017 13:38:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2017 13:38:46 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-142592-2&cid=890680746.1511271527&jid=803443090&_v=j66&z=1272861390&slf_rd=1&random=3880827955
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1048210928594272 Show response
connect.facebook.net/signals/config/ Frame 6091 39 KB
11 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1048210928594272?v=2.8.1

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

e64c9361762ec08c0ff6cb6dd67acc25e3828471b69c9985688392cea4403c1d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* .akamaihd.net wss://.facebook.com:* https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

:path: /signals/config/1048210928594272?v=2.8.1
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept: */*
cache-control: no-cache
:authority: connect.facebook.net
referer: https://secure.sharefile.com/Authentication/Login
:scheme: https
:method: GET
Referer: https://secure.sharefile.com/Authentication/Login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin Accept-Encoding
content-length: 10753
x-xss-protection: 0
pragma: public
x-fb-debug: oGkzDY/A+1qyXSKQXqWxY/qEroL9/UtiPm14Q3nmRbiYjwbLqHWDsjfau9VpLkWPtMtKmXTFZV4UrNPwHRbLFQ==
x-frame-options: DENY
date: Tue, 21 Nov 2017 13:38:46 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ Frame 6091 43 B
74 B 142ms
123ms Image
image/gif 104.244.42.133
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nvxr6&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0

Requested by

Host: secure.sharefile.com
URL: https://secure.sharefile.com/Authentication/Login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.133 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /i/adsct?p_id=Twitter&p_user_id=0&txn_id=nvxr6&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: t.co
referer: https://secure.sharefile.com/Authentication/Login
:scheme: https
:method: GET
Referer: https://secure.sharefile.com/Authentication/Login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date: Tue, 21 Nov 2017 13:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 1; mode=block
x-response-time: 112
pragma: no-cache
last-modified: Tue, 21 Nov 2017 13:38:46 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: ea3f14eba0149484e6ab50ece4c788db
x-transaction: 008362a400113e36
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/151/ Frame 6091 8 KB
3 KB 7ms
7ms Script
application/x-javascript 23.67.141.100
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/151/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.67.141.100 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-67-141-100.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 585107ada7f42329cd4d6ab1d1e87fdf26f4994e8f47d72a44ee8ab5bd291288

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: munchkin.marketo.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: */*
Referer: https://secure.sharefile.com/Authentication/Login
Connection: keep-alive
Cache-Control: no-cache
Referer: https://secure.sharefile.com/Authentication/Login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date: Tue, 21 Nov 2017 13:38:46 GMT
Content-Encoding: gzip
Last-Modified: Thu, 20 Aug 2015 02:19:08 GMT
Server: Apache
ETag: "bd3daad4a1e88a1196d76b6dd3c9deed:1440037148"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR" policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 3503
Expires: Thu, 01 Mar 2018 13:38:46 GMT

GET
H2 200 ip.json Show response
api.company-target.com/api/v2/ Frame 6091 1 KB
599 B 365ms
46ms XHR
application/json 52.222.157.204
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?referrer=http%3A%2F%2Ffinanceirabetatrend.club%2Farquivo2%2Fanexo.html&page=https%3A%2F%2Fsecure.sharefile.com%2FAuthentication%2FLogin&page_title=ShareFile%20Login&key=766b5e63438f2e84c71186e3c6a7a739145fe9ba
Requested by: Host: scripts.demandbase.com
URL: https://scripts.demandbase.com/5wDCfOAs.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.157.204 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-222-157-204.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: 37394c12e56edbe1f1de324b6b73344d23b4c8044b546afa4c923077e64c5153

Request headers

:path: /api/v2/ip.json?referrer=http%3A%2F%2Ffinanceirabetatrend.club%2Farquivo2%2Fanexo.html&page=https%3A%2F%2Fsecure.sharefile.com%2FAuthentication%2FLogin&page_title=ShareFile%20Login&key=766b5e63438f2e84c71186e3c6a7a739145fe9ba
pragma: no-cache
origin: https://secure.sharefile.com
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept: */*
cache-control: no-cache
:authority: api.company-target.com
referer: https://secure.sharefile.com/Authentication/Login
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Referer: https://secure.sharefile.com/Authentication/Login
Origin: https://secure.sharefile.com

Response headers

date: Tue, 21 Nov 2017 13:38:47 GMT
content-encoding: gzip
vary: Accept-Encoding, Origin
access-control-allow-origin: https://secure.sharefile.com
x-cache: Miss from cloudfront
status: 200
request-id: 56a9f052-0b7c-4fe2-a0a0-6f64595bb8b9
pragma: no-cache
server: nginx
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json;charset=utf-8
via: 1.1 ac27d939fa02703c4b28926f53f95083.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: xb6Inel44upj-y6gChRPkrx80rAJmcG6Dd0qz_5eL0DQBglemAWk1A==
expires: Mon, 20 Nov 2017 13:38:49 GMT

GET
H2

200

pixel
d.company-target.com/ul_cb/ Frame 6091
Redirect Chain

https://d.company-target.com/pixel?type=js&id=1387408172&page=https%3A%2F%2Fsecure.sharefile.com%2FAuthentication%2FLogin
https://d.company-target.com/ul_cb/pixel?type=js&id=1387408172&page=https%3A%2F%2Fsecure.sharefile.com%2FAuthentication%2FLogin

421 B
0

17ms
17ms

Image
text/javascript

35.190.27.37
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.company-target.com/ul_cb/pixel?type=js&id=1387408172&page=https%3A%2F%2Fsecure.sharefile.com%2FAuthentication%2FLogin
Requested by: Host: secure.sharefile.com
URL: https://secure.sharefile.com/Authentication/Login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.190.27.37 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 37.27.190.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /ul_cb/pixel?type=js&id=1387408172&page=https%3A%2F%2Fsecure.sharefile.com%2FAuthentication%2FLogin
pragma: no-cache
cookie: tuuid=fe184136-6ad6-4af6-83b5-c77b787fd8c1; tuuid_last_update=1511271527
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: d.company-target.com
referer: https://secure.sharefile.com/Authentication/Login
:scheme: https
:method: GET
Referer: https://secure.sharefile.com/Authentication/Login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date: Tue, 21 Nov 2017 13:38:47 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
status: 200
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=fe184136-6ad6-4af6-83b5-c77b787fd8c1; path=/; expires=Thu, 21-Nov-2019 13:38:47 GMT; domain=.company-target.com tuuid_last_update=1511271527; path=/; expires=Thu, 21-Nov-2019 13:38:47 GMT; domain=.company-target.com
content-type: text/javascript; charset=UTF-8
alt-svc: clear
content-length: 421

Redirect headers

date: Tue, 21 Nov 2017 13:38:47 GMT
via: 1.1 google
status: 302
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://d.company-target.com/ul_cb/pixel?type=js&id=1387408172&page=https%3A%2F%2Fsecure.sharefile.com%2FAuthentication%2FLogin
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=fe184136-6ad6-4af6-83b5-c77b787fd8c1; path=/; expires=Thu, 21-Nov-2019 13:38:47 GMT; domain=.company-target.com tuuid_last_update=1511271527; path=/; expires=Thu, 21-Nov-2019 13:38:47 GMT; domain=.company-target.com
alt-svc: clear
content-length: 0

GET
H2

200

pixel
d.company-target.com/ul_cb/ Frame 6091
Redirect Chain

https://d.company-target.com/pixel?type=js&id=1387408066&page=https%3A%2F%2Fsecure.sharefile.com%2FAuthentication%2FLogin
https://d.company-target.com/ul_cb/pixel?type=js&id=1387408066&page=https%3A%2F%2Fsecure.sharefile.com%2FAuthentication%2FLogin

421 B
0

17ms
17ms

Image
text/javascript

35.190.27.37
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.company-target.com/ul_cb/pixel?type=js&id=1387408066&page=https%3A%2F%2Fsecure.sharefile.com%2FAuthentication%2FLogin
Requested by: Host: secure.sharefile.com
URL: https://secure.sharefile.com/Authentication/Login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.190.27.37 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 37.27.190.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /ul_cb/pixel?type=js&id=1387408066&page=https%3A%2F%2Fsecure.sharefile.com%2FAuthentication%2FLogin
pragma: no-cache
cookie: tuuid=fe184136-6ad6-4af6-83b5-c77b787fd8c1; tuuid_last_update=1511271527
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: d.company-target.com
referer: https://secure.sharefile.com/Authentication/Login
:scheme: https
:method: GET
Referer: https://secure.sharefile.com/Authentication/Login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date: Tue, 21 Nov 2017 13:38:47 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
status: 200
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=fe184136-6ad6-4af6-83b5-c77b787fd8c1; path=/; expires=Thu, 21-Nov-2019 13:38:47 GMT; domain=.company-target.com tuuid_last_update=1511271527; path=/; expires=Thu, 21-Nov-2019 13:38:47 GMT; domain=.company-target.com
content-type: text/javascript; charset=UTF-8
alt-svc: clear
content-length: 421

Redirect headers

date: Tue, 21 Nov 2017 13:38:47 GMT
via: 1.1 google
status: 302
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://d.company-target.com/ul_cb/pixel?type=js&id=1387408066&page=https%3A%2F%2Fsecure.sharefile.com%2FAuthentication%2FLogin
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=ca128f07-af63-4ca2-a24f-cadb4d622a84; path=/; expires=Thu, 21-Nov-2019 13:38:47 GMT; domain=.company-target.com tuuid_last_update=1511271527; path=/; expires=Thu, 21-Nov-2019 13:38:47 GMT; domain=.company-target.com
alt-svc: clear
content-length: 0

GET
H2

200

/ Show response
www.google.de/ads/user-lists/1068539930/ Frame 6091
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1068539930/?random=1511271526765&cv=8&fst=1511271526765&num=1&guid=ON&eid=659238990&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_...
https://www.google.com/ads/user-lists/1068539930/?random=1511271526765&cv=8&fst=1511269200000&num=1&guid=ON&eid=659238990&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u...
https://www.google.de/ads/user-lists/1068539930/?random=1511271526765&cv=8&fst=1511269200000&num=1&guid=ON&eid=659238990&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_...

43 B
72 B

15ms
15ms

Script
text/javascript

2a00:1450:4001:818::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.de/ads/user-lists/1068539930/?random=1511271526765&cv=8&fst=1511269200000&num=1&guid=ON&eid=659238990&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=https%3A%2F%2Fsecure.sharefile.com%2FAuthentication%2FLogin&ref=http%3A%2F%2Ffinanceirabetatrend.club%2Farquivo2%2Fanexo.html&tiba=ShareFile%20Login&async=1&fmt=4&cdct=2&is_vtc=1&random=29245055&ipr=y&ulfeg=n

Requested by

Host: secure.sharefile.com
URL: https://secure.sharefile.com/Authentication/Login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:818::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

adclick_server /

Resource Hash

77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /ads/user-lists/1068539930/?random=1511271526765&cv=8&fst=1511269200000&num=1&guid=ON&eid=659238990&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=https%3A%2F%2Fsecure.sharefile.com%2FAuthentication%2FLogin&ref=http%3A%2F%2Ffinanceirabetatrend.club%2Farquivo2%2Fanexo.html&tiba=ShareFile%20Login&async=1&fmt=4&cdct=2&is_vtc=1&random=29245055&ipr=y&ulfeg=n
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.google.de
referer: https://secure.sharefile.com/Authentication/Login
:scheme: https
:method: GET
Referer: https://secure.sharefile.com/Authentication/Login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2017 13:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: adclick_server
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: no-cache, no-store, must-revalidate
content-disposition: attachment; filename="f.txt"
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 63
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 21 Nov 2017 13:38:46 GMT
x-content-type-options: nosniff
server: adclick_server
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/user-lists/1068539930/?random=1511271526765&cv=8&fst=1511269200000&num=1&guid=ON&eid=659238990&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=https%3A%2F%2Fsecure.sharefile.com%2FAuthentication%2FLogin&ref=http%3A%2F%2Ffinanceirabetatrend.club%2Farquivo2%2Fanexo.html&tiba=ShareFile%20Login&async=1&fmt=4&cdct=2&is_vtc=1&random=29245055&ipr=y&ulfeg=n
cache-control: private, max-age=43200
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 734
x-xss-protection: 1; mode=block
expires: Tue, 21 Nov 2017 13:38:46 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 6091 44 B
53 B 18ms
5ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=1048210928594272&ev=PageView&dl=https%3A%2F%2Fsecure.sharefile.com%2FAuthentication%2FLogin&rl=http%3A%2F%2Ffinanceirabetatrend.club%2Farquivo2%2Fanexo.html&if=false&ts=1511271526770&v=2.8.1&ec=0&o=28&it=1511271526751
Requested by: Host: secure.sharefile.com
URL: https://secure.sharefile.com/Authentication/Login
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

:path: /tr/?id=1048210928594272&ev=PageView&dl=https%3A%2F%2Fsecure.sharefile.com%2FAuthentication%2FLogin&rl=http%3A%2F%2Ffinanceirabetatrend.club%2Farquivo2%2Fanexo.html&if=false&ts=1511271526770&v=2.8.1&ec=0&o=28&it=1511271526751
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.facebook.com
referer: https://secure.sharefile.com/Authentication/Login
:scheme: https
:method: GET
Referer: https://secure.sharefile.com/Authentication/Login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date: Tue, 21 Nov 2017 13:38:46 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
set-cookie: fr=0ED1yHT0BkcsNLKwr..BaFCxm...1.0.BaFCxm.; expires=Monday, 19-Feb-2018 13:38:46 GMT; path=/; domain=.facebook.com; HttpOnly; secure
content-length: 44
expires: Tue, 21 Nov 2017 13:38:46 GMT

GET
H/1.1 200
OK Cookie set visitWebPage Show response
027-lmp-993.mktoresp.com/webevents/ Frame 6091 43 B
43 B 897ms
150ms XHR
image/gif 199.15.215.129
MARKETO

General

Check archive.org

Show headers Download Go to

Full URL

https://027-lmp-993.mktoresp.com/webevents/visitWebPage?_mchNc=1511271526775&_mchCn=&_mchId=027-LMP-993&_mchTk=_mch-sharefile.com-1511271526774-50870&_mchHo=secure.sharefile.com&_mchPo=&_mchRu=%2FAuthentication%2FLogin&_mchPc=https%3A&_mchVr=151&_mchHa=&_mchRe=http%3A%2F%2Ffinanceirabetatrend.club%2Farquivo2%2Fanexo.html&_mchQp=

Requested by

Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/151/munchkin.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

199.15.215.129 San Mateo, United States, ASN53580 (MARKETO - MARKETO, US),

Reverse DNS

Software

Apache /

Resource Hash

cbbd42bb1d88693e6805bd9d676840424af5ecf3e13d874fd06e6b57d53d8d40

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Origin: https://secure.sharefile.com
Accept-Encoding: gzip, deflate
Host: 027-lmp-993.mktoresp.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: */*
Referer: https://secure.sharefile.com/Authentication/Login
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Referer: https://secure.sharefile.com/Authentication/Login
Origin: https://secure.sharefile.com

Response headers

Pragma: no-cache
Date: Tue, 21 Nov 2017 13:38:47 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 21 Nov 2017 07:38:47 -0600
Server: Apache
Connection: Keep-Alive
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Set-Cookie: BIGipServersjpweb-mch_https=!NKIPFucO6mSHMUR/cfcmzfAqVFw0HNXS0gnCQRfBbAyqsJpF+EYXYW/Rqd8zVs1GK6R3PyvysZXu/fU=; path=/; Httponly; Secure
Content-Type: image/gif
Keep-Alive: timeout=5, max=100
Content-Length: 43
Expires: -1

GET
H/1.1 200
OK webpop.js Show response
secure.sharefile.com/cache/f4bc26bfc5/bundles/ Frame 6091 639 KB
181 KB 100ms
99ms Script
application/javascript 52.22.72.157
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.sharefile.com/cache/f4bc26bfc5/bundles/webpop.js

Requested by

Host: secure.sharefile.com
URL: https://secure.sharefile.com/cache/sha/javascript/bundles/webpop?v=SXVj9sfn-_JSXuz784QGcLIHOOOoJkEBPubvx-ceYKU1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.22.72.157 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-22-72-157.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 /

Resource Hash

1fce942f1f154ab1af5caa4a90cb7b80dbf632f9f140e83c1c48fb48ea66fae7

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: secure.sharefile.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: */*
Referer: https://secure.sharefile.com/Authentication/Login
Cookie: ASP.NET_SessionId=y4zoydtbf4eyqm3eenhgldgw; __RequestVerificationToken=r0BDaerY6bgKgEUHaBn_7rQ_qpXFypqOoyPMP6gtqu7bCyJFkEnK1nSO17hw9-aYIYGdaQ4R5ByRftbvCNGXn3HGTMPdbKX4PlC8t_KN_3Q1; SFWEB_SRVNAME=i-03549f30f475d8574; _ga=GA1.2.890680746.1511271527; _gid=GA1.2.600822097.1511271527; _gat=1; _mkto_trk=id:027-LMP-993&token:_mch-sharefile.com-1511271526774-50870
Connection: keep-alive
Cache-Control: no-cache
Referer: https://secure.sharefile.com/Authentication/Login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date: Tue, 21 Nov 2017 13:38:36 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 16 Nov 2017 21:39:54 GMT
Server: Microsoft-IIS/8.5
ETag: "0f18270235fd31:0"
Vary: Accept-Encoding
X-SF-Server: web_ssl/i-03549f30f475d8574_172.16.106.68_us-east-1c
Content-Type: application/javascript
Cache-Control: max-age=1209600
Strict-Transport-Security: max-age=16000000; includeSubDomains; preload;
Accept-Ranges: bytes
Content-Length: 185476
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK en.json Show response
secure.sharefile.com/cache/ca549dd797d616ea92ec79ce3b5863b2921c3452/_Auth/locales/ Frame 6091 15 KB
5 KB 101ms
101ms XHR
application/json 52.22.72.157
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.sharefile.com/cache/ca549dd797d616ea92ec79ce3b5863b2921c3452/_Auth/locales/en.json

Requested by

Host: secure.sharefile.com
URL: https://secure.sharefile.com/cache/f4bc26bfc5/bundles/webpop.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.22.72.157 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-22-72-157.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 /

Resource Hash

fc2d1eea355b84cd9dfbd04d7c74d627934d0a817b8c0078c7121222ddea24f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: secure.sharefile.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://secure.sharefile.com/Authentication/Login
X-Requested-With: XMLHttpRequest
Cookie: ASP.NET_SessionId=y4zoydtbf4eyqm3eenhgldgw; __RequestVerificationToken=r0BDaerY6bgKgEUHaBn_7rQ_qpXFypqOoyPMP6gtqu7bCyJFkEnK1nSO17hw9-aYIYGdaQ4R5ByRftbvCNGXn3HGTMPdbKX4PlC8t_KN_3Q1; SFWEB_SRVNAME=i-03549f30f475d8574; _ga=GA1.2.890680746.1511271527; _gid=GA1.2.600822097.1511271527; _gat=1; _mkto_trk=id:027-LMP-993&token:_mch-sharefile.com-1511271526774-50870; i18next=en
Connection: keep-alive
Cache-Control: no-cache
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://secure.sharefile.com/Authentication/Login
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date: Tue, 21 Nov 2017 13:38:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 16 Nov 2017 21:39:56 GMT
Server: Microsoft-IIS/8.5
ETag: "01eb471235fd31:0"
Vary: Accept-Encoding
X-SF-Server: web_ssl/i-03549f30f475d8574_172.16.106.68_us-east-1c
Content-Type: application/json
Cache-Control: max-age=1209600
Strict-Transport-Security: max-age=16000000; includeSubDomains; preload;
Accept-Ranges: bytes
Content-Length: 5141
X-XSS-Protection: 1; mode=block

GET
H2 200 collect
www.google-analytics.com/ Frame 6091 35 B
44 B 6ms
5ms Image
image/gif 2a00:1450:4001:818::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j66&a=1791671723&t=event&ni=1&_s=2&dl=https%3A%2F%2Fsecure.sharefile.com%2FAuthentication%2FLogin&dr=http%3A%2F%2Ffinanceirabetatrend.club%2Farquivo2%2Fanexo.html&ul=en-us&de=UTF-8&dt=ShareFile%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Demandbase&ea=API%20Resolution&el=IP%20API&_u=aHBAgEAj~&jid=&gjid=&cid=890680746.1511271527&tid=UA-142592-2&_gid=600822097.1511271527&cd6=SMB&cd7=Hetzner%20%26%20Goebel%20GmbH%20Steuerberatungsgesellschaft&cd8=Professional%20Services&cd9=%241M%20-%20%245M&cd10=Business%20Services&cd11=Accounting&cd12=1%20to%20250&cd13=115724970&cd14=(Non-AccountWatch%20Visitor)&cd15=(Non-AccountWatch%20Visitor)&cd16=(Non-AccountWatch%20Visitor)&cd17=BW&cd18=74072&cd19=Germany&cd20=Heilbronn&cd21=false&cd22=false&cd23=true&cd24=true&cd25=DE&cd26=Gymnasiumstr.%2079&cd27=%2B49%207131%206428230&cd28=8721&cd29=5&cd30=1075000&cd31=hgstb.de&cd32=(Non-Company%20Visitor)&cd33=Low&cd34=51.29930114746094&cd35=9.491000175476074&cd36=HETZNER&cd37=(Non-Company%20Visitor)&cd38=(Non-Company%20Visitor)&cd39=(Non-Company%20Visitor)&cd40=(Non-Company%20Visitor)&cd41=(Non-Company%20Visitor)&cd42=Germany&cd43=DE&cd44=DEU&cd45=51.29930114746094&cd46=9.491000175476074&z=663608572

Requested by

Host: secure.sharefile.com
URL: https://secure.sharefile.com/Authentication/Login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:818::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /collect?v=1&_v=j66&a=1791671723&t=event&ni=1&_s=2&dl=https%3A%2F%2Fsecure.sharefile.com%2FAuthentication%2FLogin&dr=http%3A%2F%2Ffinanceirabetatrend.club%2Farquivo2%2Fanexo.html&ul=en-us&de=UTF-8&dt=ShareFile%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Demandbase&ea=API%20Resolution&el=IP%20API&_u=aHBAgEAj~&jid=&gjid=&cid=890680746.1511271527&tid=UA-142592-2&_gid=600822097.1511271527&cd6=SMB&cd7=Hetzner%20%26%20Goebel%20GmbH%20Steuerberatungsgesellschaft&cd8=Professional%20Services&cd9=%241M%20-%20%245M&cd10=Business%20Services&cd11=Accounting&cd12=1%20to%20250&cd13=115724970&cd14=(Non-AccountWatch%20Visitor)&cd15=(Non-AccountWatch%20Visitor)&cd16=(Non-AccountWatch%20Visitor)&cd17=BW&cd18=74072&cd19=Germany&cd20=Heilbronn&cd21=false&cd22=false&cd23=true&cd24=true&cd25=DE&cd26=Gymnasiumstr.%2079&cd27=%2B49%207131%206428230&cd28=8721&cd29=5&cd30=1075000&cd31=hgstb.de&cd32=(Non-Company%20Visitor)&cd33=Low&cd34=51.29930114746094&cd35=9.491000175476074&cd36=HETZNER&cd37=(Non-Company%20Visitor)&cd38=(Non-Company%20Visitor)&cd39=(Non-Company%20Visitor)&cd40=(Non-Company%20Visitor)&cd41=(Non-Company%20Visitor)&cd42=Germany&cd43=DE&cd44=DEU&cd45=51.29930114746094&cd46=9.491000175476074&z=663608572
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.google-analytics.com
referer: https://secure.sharefile.com/Authentication/Login
:scheme: https
:method: GET
Referer: https://secure.sharefile.com/Authentication/Login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Nov 2017 18:09:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 502177
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 nr-1044.min.js Show response
js-agent.newrelic.com/ Frame 6091 22 KB
9 KB 6ms
6ms Script
application/javascript 151.101.114.110
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1044.min.js
Requested by: Host: secure.sharefile.com
URL: https://secure.sharefile.com/Authentication/Login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.110 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 574558bc99cbcc4c8a0e57519cb6a317a0a4e0b70094fbec41946138d576486b

Request headers

:path: /nr-1044.min.js
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept: */*
cache-control: no-cache
:authority: js-agent.newrelic.com
referer: https://secure.sharefile.com/Authentication/Login
:scheme: https
:method: GET
Referer: https://secure.sharefile.com/Authentication/Login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date: Tue, 21 Nov 2017 13:38:47 GMT
content-encoding: gzip
x-amz-request-id: DEFF4C4504138100
x-cache: HIT
status: 200
content-length: 8859
x-amz-id-2: ZMcc7b6VjTFSTqE1T8zlmKnx5DBSdINXQppRWgbi3l+nBxVRZP8qLIMntmKYT3U/Lwwq6Ml251g=
x-served-by: cache-hhn1523-HHN
last-modified: Fri, 30 Jun 2017 21:57:05 GMT
server: AmazonS3
x-timer: S1511271528.868415,VS0,VE0
etag: "6442aaa45ec28f8b2c541026f3c24871"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 88887

GET
H2 200 adsct Show response
analytics.twitter.com/i/ Frame 6091 31 B
66 B 132ms
114ms Script
application/javascript 104.244.42.3
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nvxr6&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&cache_bust=0.7656778043331889

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.3 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /i/adsct?p_id=Twitter&p_user_id=0&txn_id=nvxr6&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&cache_bust=0.7656778043331889
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept: */*
cache-control: no-cache
:authority: analytics.twitter.com
referer: https://secure.sharefile.com/Authentication/Login
:scheme: https
:method: GET
Referer: https://secure.sharefile.com/Authentication/Login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date: Tue, 21 Nov 2017 13:38:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 200 OK
x-twitter-response-tags: BouncerCompliant
x-connection-hash: 6658682c3cba68c79a9d773976051517
strict-transport-security: max-age=631138519
content-length: 57
x-xss-protection: 1; mode=block
x-response-time: 108
pragma: no-cache
last-modified: Tue, 21 Nov 2017 13:38:47 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
set-cookie: personalization_id="v1_y637grdbubci9PRn+/i1xQ=="; Expires=Thu, 21 Nov 2019 13:38:47 UTC; Path=/; Domain=.twitter.com guest_id=v1%3A151127152793760228; Expires=Thu, 21 Nov 2019 13:38:47 UTC; Path=/; Domain=.twitter.com
x-transaction: 006278de00470e0f
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1 200
OK CitrixSans-Regular.woff
secure.sharefile.com/cache/ca549dd797d616ea92ec79ce3b5863b2921c3452/_auth/styles/fonts/ Frame 6091 26 KB
26 KB 99ms
99ms Font
application/x-font-woff 52.22.72.157
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.sharefile.com/cache/ca549dd797d616ea92ec79ce3b5863b2921c3452/_auth/styles/fonts/CitrixSans-Regular.woff

Requested by

Host: secure.sharefile.com
URL: https://secure.sharefile.com/cache/f4bc26bfc5/bundles/webpop.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.22.72.157 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-22-72-157.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 /

Resource Hash

bd4d5f23336beb3b603af3bcaedb1944361755757ad50616d83d9147ba4cf56d

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Origin: https://secure.sharefile.com
Accept-Encoding: gzip, deflate
Host: secure.sharefile.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: */*
Referer: https://secure.sharefile.com/cache/sha/_Auth/Styles/onecitrix/onecitrix.css?v=I-M3lKBNeESt-ovhZXI0Iic-Gv-rX2kRgjinKJJTfZY1
Cookie: ASP.NET_SessionId=y4zoydtbf4eyqm3eenhgldgw; __RequestVerificationToken=r0BDaerY6bgKgEUHaBn_7rQ_qpXFypqOoyPMP6gtqu7bCyJFkEnK1nSO17hw9-aYIYGdaQ4R5ByRftbvCNGXn3HGTMPdbKX4PlC8t_KN_3Q1; SFWEB_SRVNAME=i-03549f30f475d8574; _ga=GA1.2.890680746.1511271527; _gid=GA1.2.600822097.1511271527; _gat=1; _mkto_trk=id:027-LMP-993&token:_mch-sharefile.com-1511271526774-50870; i18next=en
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Referer: https://secure.sharefile.com/cache/sha/_Auth/Styles/onecitrix/onecitrix.css?v=I-M3lKBNeESt-ovhZXI0Iic-Gv-rX2kRgjinKJJTfZY1
Origin: https://secure.sharefile.com

Response headers

Date: Tue, 21 Nov 2017 13:38:37 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 16 Nov 2017 21:39:56 GMT
Server: Microsoft-IIS/8.5
ETag: "01eb471235fd31:0"
Strict-Transport-Security: max-age=16000000; includeSubDomains; preload;
X-SF-Server: web_ssl/i-03549f30f475d8574_172.16.106.68_us-east-1c
Content-Type: application/x-font-woff
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Content-Length: 26249
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Cookie set fd14b65b5e Show response
bam.nr-data.net/1/ Frame 6091 57 B
57 B 107ms
107ms Script
text/javascript 162.247.242.19
New Relic

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/fd14b65b5e?a=30139816&v=1044.a6554e7&to=ZlBaN0RQV0JVUUJdV18adTV1HnhEQFpTWkxYVlkXX15XcltcQkZXXVldERl9VlZdXA%3D%3D&rst=1539&ref=https://secure.sharefile.com/Authentication/Login&ap=29&be=18&fe=1523&dc=319&tt=6BCD6E15025910DD&perf=%7B%22timing%22:%7B%22of%22:1511271526341,%22n%22:0,%22f%22:12,%22dn%22:-437,%22dne%22:-424,%22c%22:-424,%22s%22:-327,%22ce%22:-129,%22rq%22:-129,%22rp%22:0,%22rpe%22:12,%22dl%22:13,%22di%22:319,%22ds%22:319,%22de%22:319,%22dc%22:1522,%22l%22:1523,%22le%22:1530%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1044.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.247.242.19 , United States, ASN23467 (NEWRELIC-AS-1 - New Relic, US),
Reverse DNS: bam-7.nr-data.net
Software: /
Resource Hash: f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: */*
Referer: https://secure.sharefile.com/Authentication/Login
Connection: keep-alive
Cache-Control: no-cache
Referer: https://secure.sharefile.com/Authentication/Login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Set-Cookie: JSESSIONID=edca32aa45af76d8;Path=/;Domain=.nr-data.net;Secure
Content-Type: text/javascript;charset=ISO-8859-1
Content-Length: 57
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ Frame 6091 35 B
44 B 6ms
6ms Image
image/gif 2a00:1450:4001:818::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j66&a=1791671723&t=timing&_s=3&dl=https%3A%2F%2Fsecure.sharefile.com%2FAuthentication%2FLogin&dr=http%3A%2F%2Ffinanceirabetatrend.club%2Farquivo2%2Fanexo.html&ul=en-us&de=UTF-8&dt=ShareFile%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=1523&pdt=12&dns=13&rrt=12&srt=129&tcp=295&dit=319&clt=319&_u=aHBAgEAj~&jid=&gjid=&cid=890680746.1511271527&tid=UA-142592-2&_gid=600822097.1511271527&cd6=SMB&cd7=Hetzner%20%26%20Goebel%20GmbH%20Steuerberatungsgesellschaft&cd8=Professional%20Services&cd9=%241M%20-%20%245M&cd10=Business%20Services&cd11=Accounting&cd12=1%20to%20250&cd13=115724970&cd14=(Non-AccountWatch%20Visitor)&cd15=(Non-AccountWatch%20Visitor)&cd16=(Non-AccountWatch%20Visitor)&cd17=BW&cd18=74072&cd19=Germany&cd20=Heilbronn&cd21=false&cd22=false&cd23=true&cd24=true&cd25=DE&cd26=Gymnasiumstr.%2079&cd27=%2B49%207131%206428230&cd28=8721&cd29=5&cd30=1075000&cd31=hgstb.de&cd32=(Non-Company%20Visitor)&cd33=Low&cd34=51.29930114746094&cd35=9.491000175476074&cd36=HETZNER&cd37=(Non-Company%20Visitor)&cd38=(Non-Company%20Visitor)&cd39=(Non-Company%20Visitor)&cd40=(Non-Company%20Visitor)&cd41=(Non-Company%20Visitor)&cd42=Germany&cd43=DE&cd44=DEU&cd45=51.29930114746094&cd46=9.491000175476074&z=954082203

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:818::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /collect?v=1&_v=j66&a=1791671723&t=timing&_s=3&dl=https%3A%2F%2Fsecure.sharefile.com%2FAuthentication%2FLogin&dr=http%3A%2F%2Ffinanceirabetatrend.club%2Farquivo2%2Fanexo.html&ul=en-us&de=UTF-8&dt=ShareFile%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=1523&pdt=12&dns=13&rrt=12&srt=129&tcp=295&dit=319&clt=319&_u=aHBAgEAj~&jid=&gjid=&cid=890680746.1511271527&tid=UA-142592-2&_gid=600822097.1511271527&cd6=SMB&cd7=Hetzner%20%26%20Goebel%20GmbH%20Steuerberatungsgesellschaft&cd8=Professional%20Services&cd9=%241M%20-%20%245M&cd10=Business%20Services&cd11=Accounting&cd12=1%20to%20250&cd13=115724970&cd14=(Non-AccountWatch%20Visitor)&cd15=(Non-AccountWatch%20Visitor)&cd16=(Non-AccountWatch%20Visitor)&cd17=BW&cd18=74072&cd19=Germany&cd20=Heilbronn&cd21=false&cd22=false&cd23=true&cd24=true&cd25=DE&cd26=Gymnasiumstr.%2079&cd27=%2B49%207131%206428230&cd28=8721&cd29=5&cd30=1075000&cd31=hgstb.de&cd32=(Non-Company%20Visitor)&cd33=Low&cd34=51.29930114746094&cd35=9.491000175476074&cd36=HETZNER&cd37=(Non-Company%20Visitor)&cd38=(Non-Company%20Visitor)&cd39=(Non-Company%20Visitor)&cd40=(Non-Company%20Visitor)&cd41=(Non-Company%20Visitor)&cd42=Germany&cd43=DE&cd44=DEU&cd45=51.29930114746094&cd46=9.491000175476074&z=954082203
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.google-analytics.com
referer: https://secure.sharefile.com/Authentication/Login
:scheme: https
:method: GET
Referer: https://secure.sharefile.com/Authentication/Login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Nov 2017 18:09:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 502177
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK AuthShell.html Show response
secure.sharefile.com/cache/ca549dd797d616ea92ec79ce3b5863b2921c3452/_Auth/ Frame 6091 2 KB
527 B 108ms
107ms XHR
text/html 52.3.211.188
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.sharefile.com/cache/ca549dd797d616ea92ec79ce3b5863b2921c3452/_Auth/AuthShell.html

Requested by

Host: secure.sharefile.com
URL: https://secure.sharefile.com/cache/f4bc26bfc5/bundles/webpop.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.3.211.188 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-3-211-188.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 /

Resource Hash

7f16951f20b7258d154348223eff9f5b5cbbe599b20ad80851ff652295d2a89d

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: secure.sharefile.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: */*
Referer: https://secure.sharefile.com/Authentication/Login
Cookie: ASP.NET_SessionId=y4zoydtbf4eyqm3eenhgldgw; __RequestVerificationToken=r0BDaerY6bgKgEUHaBn_7rQ_qpXFypqOoyPMP6gtqu7bCyJFkEnK1nSO17hw9-aYIYGdaQ4R5ByRftbvCNGXn3HGTMPdbKX4PlC8t_KN_3Q1; SFWEB_SRVNAME=i-03549f30f475d8574; _ga=GA1.2.890680746.1511271527; _gid=GA1.2.600822097.1511271527; _gat=1; _mkto_trk=id:027-LMP-993&token:_mch-sharefile.com-1511271526774-50870; i18next=en
Connection: keep-alive
Cache-Control: no-cache
Referer: https://secure.sharefile.com/Authentication/Login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date: Tue, 21 Nov 2017 13:38:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 16 Nov 2017 21:43:58 GMT
Server: Microsoft-IIS/8.5
ETag: "063f21245fd31:0"
Vary: Accept-Encoding
X-SF-Server: web_ssl/i-03549f30f475d8574_172.16.106.68_us-east-1c
Content-Type: text/html; charset=utf-8
Cache-Control: max-age=1209600
Strict-Transport-Security: max-age=16000000; includeSubDomains; preload;
Accept-Ranges: bytes
Content-Length: 527
X-XSS-Protection: 1; mode=block

GET core.js
tags.extole.com/22556/ Frame 6091 0
0

GET
H/1.1 200
OK sharefile-logo-with-icon.svg
secure.sharefile.com/cache/ca549dd797d616ea92ec79ce3b5863b2921c3452/_Auth/Styles/onecitrix/ Frame 6091 13 KB
13 KB 109ms
108ms Image
image/svg+xml 52.3.211.188
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.sharefile.com/cache/ca549dd797d616ea92ec79ce3b5863b2921c3452/_Auth/Styles/onecitrix/sharefile-logo-with-icon.svg

Requested by

Host: secure.sharefile.com
URL: https://secure.sharefile.com/cache/f4bc26bfc5/bundles/webpop.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.3.211.188 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-3-211-188.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 /

Resource Hash

0fa17adef93728a57acfb2cf4cc315927314b0dfc069f9ac7191e21ccaa2bb2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: secure.sharefile.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://secure.sharefile.com/cache/sha/_Auth/Styles/onecitrix/onecitrix.css?v=I-M3lKBNeESt-ovhZXI0Iic-Gv-rX2kRgjinKJJTfZY1
Cookie: ASP.NET_SessionId=y4zoydtbf4eyqm3eenhgldgw; __RequestVerificationToken=r0BDaerY6bgKgEUHaBn_7rQ_qpXFypqOoyPMP6gtqu7bCyJFkEnK1nSO17hw9-aYIYGdaQ4R5ByRftbvCNGXn3HGTMPdbKX4PlC8t_KN_3Q1; SFWEB_SRVNAME=i-03549f30f475d8574; _ga=GA1.2.890680746.1511271527; _gid=GA1.2.600822097.1511271527; _gat=1; _mkto_trk=id:027-LMP-993&token:_mch-sharefile.com-1511271526774-50870; i18next=en
Connection: keep-alive
Cache-Control: no-cache
Referer: https://secure.sharefile.com/cache/sha/_Auth/Styles/onecitrix/onecitrix.css?v=I-M3lKBNeESt-ovhZXI0Iic-Gv-rX2kRgjinKJJTfZY1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date: Tue, 21 Nov 2017 13:38:38 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 16 Nov 2017 21:39:56 GMT
Server: Microsoft-IIS/8.5
ETag: "01eb471235fd31:0"
Strict-Transport-Security: max-age=16000000; includeSubDomains; preload;
X-SF-Server: web_ssl/i-03549f30f475d8574_172.16.106.68_us-east-1c
Content-Type: image/svg+xml
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Content-Length: 13628
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK sprites.png
secure.sharefile.com/cache/ca549dd797d616ea92ec79ce3b5863b2921c3452/_Auth/Styles/ Frame 6091 19 KB
19 KB 99ms
99ms Image
image/png 52.22.72.157
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.sharefile.com/cache/ca549dd797d616ea92ec79ce3b5863b2921c3452/_Auth/Styles/sprites.png

Requested by

Host: secure.sharefile.com
URL: https://secure.sharefile.com/cache/f4bc26bfc5/bundles/webpop.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.22.72.157 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-22-72-157.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 /

Resource Hash

670b084396c44c7485b7f75b20e0232d1eeaaaf22f54291388b6c54f8bc35541

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: secure.sharefile.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://secure.sharefile.com/cache/sha/_Auth/Styles/onecitrix/onecitrix.css?v=I-M3lKBNeESt-ovhZXI0Iic-Gv-rX2kRgjinKJJTfZY1
Cookie: ASP.NET_SessionId=y4zoydtbf4eyqm3eenhgldgw; __RequestVerificationToken=r0BDaerY6bgKgEUHaBn_7rQ_qpXFypqOoyPMP6gtqu7bCyJFkEnK1nSO17hw9-aYIYGdaQ4R5ByRftbvCNGXn3HGTMPdbKX4PlC8t_KN_3Q1; SFWEB_SRVNAME=i-03549f30f475d8574; _ga=GA1.2.890680746.1511271527; _gid=GA1.2.600822097.1511271527; _gat=1; _mkto_trk=id:027-LMP-993&token:_mch-sharefile.com-1511271526774-50870; i18next=en
Connection: keep-alive
Cache-Control: no-cache
Referer: https://secure.sharefile.com/cache/sha/_Auth/Styles/onecitrix/onecitrix.css?v=I-M3lKBNeESt-ovhZXI0Iic-Gv-rX2kRgjinKJJTfZY1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date: Tue, 21 Nov 2017 13:38:38 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 16 Nov 2017 21:39:56 GMT
Server: Microsoft-IIS/8.5
ETag: "01eb471235fd31:0"
Strict-Transport-Security: max-age=16000000; includeSubDomains; preload;
X-SF-Server: web_ssl/i-03549f30f475d8574_172.16.106.68_us-east-1c
Content-Type: image/png
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Content-Length: 19177
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK citrix-logo-black.svg
secure.sharefile.com/cache/ca549dd797d616ea92ec79ce3b5863b2921c3452/_Auth/Styles/onecitrix/ Frame 6091 6 KB
6 KB 113ms
113ms Image
image/svg+xml 52.3.211.188
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.sharefile.com/cache/ca549dd797d616ea92ec79ce3b5863b2921c3452/_Auth/Styles/onecitrix/citrix-logo-black.svg

Requested by

Host: secure.sharefile.com
URL: https://secure.sharefile.com/cache/f4bc26bfc5/bundles/webpop.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.3.211.188 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-3-211-188.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 /

Resource Hash

fcb691ebb27098e8bdec453b4b1aa0be38572691e9b962a4733a4412c6396d84

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: secure.sharefile.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://secure.sharefile.com/cache/sha/_Auth/Styles/onecitrix/onecitrix.css?v=I-M3lKBNeESt-ovhZXI0Iic-Gv-rX2kRgjinKJJTfZY1
Cookie: ASP.NET_SessionId=y4zoydtbf4eyqm3eenhgldgw; __RequestVerificationToken=r0BDaerY6bgKgEUHaBn_7rQ_qpXFypqOoyPMP6gtqu7bCyJFkEnK1nSO17hw9-aYIYGdaQ4R5ByRftbvCNGXn3HGTMPdbKX4PlC8t_KN_3Q1; SFWEB_SRVNAME=i-03549f30f475d8574; _ga=GA1.2.890680746.1511271527; _gid=GA1.2.600822097.1511271527; _gat=1; _mkto_trk=id:027-LMP-993&token:_mch-sharefile.com-1511271526774-50870; i18next=en
Connection: keep-alive
Cache-Control: no-cache
Referer: https://secure.sharefile.com/cache/sha/_Auth/Styles/onecitrix/onecitrix.css?v=I-M3lKBNeESt-ovhZXI0Iic-Gv-rX2kRgjinKJJTfZY1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date: Tue, 21 Nov 2017 13:38:38 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 16 Nov 2017 21:39:56 GMT
Server: Microsoft-IIS/8.5
ETag: "01eb471235fd31:0"
Strict-Transport-Security: max-age=16000000; includeSubDomains; preload;
X-SF-Server: web_ssl/i-03549f30f475d8574_172.16.106.68_us-east-1c
Content-Type: image/svg+xml
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Content-Length: 6413
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Credentials.html Show response
secure.sharefile.com/cache/ca549dd797d616ea92ec79ce3b5863b2921c3452/_Auth/Credentials/ Frame 6091 6 KB
1 KB 191ms
98ms XHR
text/html 52.22.72.157
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.sharefile.com/cache/ca549dd797d616ea92ec79ce3b5863b2921c3452/_Auth/Credentials/Credentials.html

Requested by

Host: secure.sharefile.com
URL: https://secure.sharefile.com/cache/f4bc26bfc5/bundles/webpop.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.22.72.157 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-22-72-157.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 /

Resource Hash

1479e17e365ca0046a8dd23f02f48943147652358c270db0093d090f0c8adc43

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: secure.sharefile.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: */*
Referer: https://secure.sharefile.com/Authentication/Login
Cookie: ASP.NET_SessionId=y4zoydtbf4eyqm3eenhgldgw; __RequestVerificationToken=r0BDaerY6bgKgEUHaBn_7rQ_qpXFypqOoyPMP6gtqu7bCyJFkEnK1nSO17hw9-aYIYGdaQ4R5ByRftbvCNGXn3HGTMPdbKX4PlC8t_KN_3Q1; SFWEB_SRVNAME=i-03549f30f475d8574; _ga=GA1.2.890680746.1511271527; _gid=GA1.2.600822097.1511271527; _gat=1; _mkto_trk=id:027-LMP-993&token:_mch-sharefile.com-1511271526774-50870; i18next=en
Connection: keep-alive
Cache-Control: no-cache
Referer: https://secure.sharefile.com/Authentication/Login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date: Tue, 21 Nov 2017 13:38:38 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 16 Nov 2017 21:43:58 GMT
Server: Microsoft-IIS/8.5
ETag: "063f21245fd31:0"
Vary: Accept-Encoding
X-SF-Server: web_ssl/i-03549f30f475d8574_172.16.106.68_us-east-1c
Content-Type: text/html; charset=utf-8
Cache-Control: max-age=1209600
Strict-Transport-Security: max-age=16000000; includeSubDomains; preload;
Accept-Ranges: bytes
Content-Length: 1535
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK MarketingTips.html Show response
secure.sharefile.com/cache/ca549dd797d616ea92ec79ce3b5863b2921c3452/_Auth/Marketing/ Frame 6091 2 KB
686 B 209ms
107ms XHR
text/html 52.3.211.188
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.sharefile.com/cache/ca549dd797d616ea92ec79ce3b5863b2921c3452/_Auth/Marketing/MarketingTips.html

Requested by

Host: secure.sharefile.com
URL: https://secure.sharefile.com/cache/f4bc26bfc5/bundles/webpop.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.3.211.188 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-3-211-188.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 /

Resource Hash

2c32fe168c9552955afee4b137d4435a014ed9e689af34c0af13f12f869a74a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: secure.sharefile.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: */*
Referer: https://secure.sharefile.com/Authentication/Login
Cookie: ASP.NET_SessionId=y4zoydtbf4eyqm3eenhgldgw; __RequestVerificationToken=r0BDaerY6bgKgEUHaBn_7rQ_qpXFypqOoyPMP6gtqu7bCyJFkEnK1nSO17hw9-aYIYGdaQ4R5ByRftbvCNGXn3HGTMPdbKX4PlC8t_KN_3Q1; SFWEB_SRVNAME=i-03549f30f475d8574; _ga=GA1.2.890680746.1511271527; _gid=GA1.2.600822097.1511271527; _gat=1; _mkto_trk=id:027-LMP-993&token:_mch-sharefile.com-1511271526774-50870; i18next=en
Connection: keep-alive
Cache-Control: no-cache
Referer: https://secure.sharefile.com/Authentication/Login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date: Tue, 21 Nov 2017 13:38:38 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 16 Nov 2017 21:43:58 GMT
Server: Microsoft-IIS/8.5
ETag: "063f21245fd31:0"
Vary: Accept-Encoding
X-SF-Server: web_ssl/i-03549f30f475d8574_172.16.106.68_us-east-1c
Content-Type: text/html; charset=utf-8
Cache-Control: max-age=1209600
Strict-Transport-Security: max-age=16000000; includeSubDomains; preload;
Accept-Ranges: bytes
Content-Length: 686
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK CitrixSans-Light.woff
secure.sharefile.com/cache/ca549dd797d616ea92ec79ce3b5863b2921c3452/_auth/styles/fonts/ Frame 6091 25 KB
25 KB 99ms
99ms Font
application/x-font-woff 52.22.72.157
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.sharefile.com/cache/ca549dd797d616ea92ec79ce3b5863b2921c3452/_auth/styles/fonts/CitrixSans-Light.woff

Requested by

Host: secure.sharefile.com
URL: https://secure.sharefile.com/cache/f4bc26bfc5/bundles/webpop.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.22.72.157 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-22-72-157.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 /

Resource Hash

2fc2ac72f4d63a038ca248de81b16a9edae98d2a0cb115a19ce8e6618b0490dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Origin: https://secure.sharefile.com
Accept-Encoding: gzip, deflate
Host: secure.sharefile.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: */*
Referer: https://secure.sharefile.com/cache/sha/_Auth/Styles/onecitrix/onecitrix.css?v=I-M3lKBNeESt-ovhZXI0Iic-Gv-rX2kRgjinKJJTfZY1
Cookie: ASP.NET_SessionId=y4zoydtbf4eyqm3eenhgldgw; __RequestVerificationToken=r0BDaerY6bgKgEUHaBn_7rQ_qpXFypqOoyPMP6gtqu7bCyJFkEnK1nSO17hw9-aYIYGdaQ4R5ByRftbvCNGXn3HGTMPdbKX4PlC8t_KN_3Q1; SFWEB_SRVNAME=i-03549f30f475d8574; _ga=GA1.2.890680746.1511271527; _gid=GA1.2.600822097.1511271527; _gat=1; _mkto_trk=id:027-LMP-993&token:_mch-sharefile.com-1511271526774-50870; i18next=en
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Referer: https://secure.sharefile.com/cache/sha/_Auth/Styles/onecitrix/onecitrix.css?v=I-M3lKBNeESt-ovhZXI0Iic-Gv-rX2kRgjinKJJTfZY1
Origin: https://secure.sharefile.com

Response headers

Date: Tue, 21 Nov 2017 13:38:38 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 16 Nov 2017 21:39:56 GMT
Server: Microsoft-IIS/8.5
ETag: "01eb471235fd31:0"
Strict-Transport-Security: max-age=16000000; includeSubDomains; preload;
X-SF-Server: web_ssl/i-03549f30f475d8574_172.16.106.68_us-east-1c
Content-Type: application/x-font-woff
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Content-Length: 25804
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK i-tips.svg
secure.sharefile.com/cache/ca549dd797d616ea92ec79ce3b5863b2921c3452/_Auth/Styles/onecitrix/ Frame 6091 3 KB
3 KB 109ms
108ms Image
image/svg+xml 52.3.211.188
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.sharefile.com/cache/ca549dd797d616ea92ec79ce3b5863b2921c3452/_Auth/Styles/onecitrix/i-tips.svg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.3.211.188 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-3-211-188.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 /

Resource Hash

61fde65a0da31921d6d5019c14370a19645376cf59f11560fdad09acdbf1c57d

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: secure.sharefile.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://secure.sharefile.com/cache/sha/_Auth/Styles/onecitrix/onecitrix.css?v=I-M3lKBNeESt-ovhZXI0Iic-Gv-rX2kRgjinKJJTfZY1
Cookie: ASP.NET_SessionId=y4zoydtbf4eyqm3eenhgldgw; __RequestVerificationToken=r0BDaerY6bgKgEUHaBn_7rQ_qpXFypqOoyPMP6gtqu7bCyJFkEnK1nSO17hw9-aYIYGdaQ4R5ByRftbvCNGXn3HGTMPdbKX4PlC8t_KN_3Q1; SFWEB_SRVNAME=i-03549f30f475d8574; _ga=GA1.2.890680746.1511271527; _gid=GA1.2.600822097.1511271527; _gat=1; _mkto_trk=id:027-LMP-993&token:_mch-sharefile.com-1511271526774-50870; i18next=en
Connection: keep-alive
Cache-Control: no-cache
Referer: https://secure.sharefile.com/cache/sha/_Auth/Styles/onecitrix/onecitrix.css?v=I-M3lKBNeESt-ovhZXI0Iic-Gv-rX2kRgjinKJJTfZY1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date: Tue, 21 Nov 2017 13:38:38 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 16 Nov 2017 21:39:56 GMT
Server: Microsoft-IIS/8.5
ETag: "01eb471235fd31:0"
Strict-Transport-Security: max-age=16000000; includeSubDomains; preload;
X-SF-Server: web_ssl/i-03549f30f475d8574_172.16.106.68_us-east-1c
Content-Type: image/svg+xml
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Content-Length: 3506
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK i-refer.svg
secure.sharefile.com/cache/ca549dd797d616ea92ec79ce3b5863b2921c3452/_Auth/Styles/onecitrix/ Frame 6091 2 KB
2 KB 113ms
112ms Image
image/svg+xml 52.3.211.188
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.sharefile.com/cache/ca549dd797d616ea92ec79ce3b5863b2921c3452/_Auth/Styles/onecitrix/i-refer.svg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.3.211.188 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-3-211-188.compute-1.amazonaws.com

Software

Microsoft-IIS/8.5 /

Resource Hash

b1668321d8b8877edb3e7559d08ccb92535a870080448ac1a9d4d023c97437a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: secure.sharefile.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://secure.sharefile.com/cache/sha/_Auth/Styles/onecitrix/onecitrix.css?v=I-M3lKBNeESt-ovhZXI0Iic-Gv-rX2kRgjinKJJTfZY1
Cookie: ASP.NET_SessionId=y4zoydtbf4eyqm3eenhgldgw; __RequestVerificationToken=r0BDaerY6bgKgEUHaBn_7rQ_qpXFypqOoyPMP6gtqu7bCyJFkEnK1nSO17hw9-aYIYGdaQ4R5ByRftbvCNGXn3HGTMPdbKX4PlC8t_KN_3Q1; SFWEB_SRVNAME=i-03549f30f475d8574; _ga=GA1.2.890680746.1511271527; _gid=GA1.2.600822097.1511271527; _gat=1; _mkto_trk=id:027-LMP-993&token:_mch-sharefile.com-1511271526774-50870; i18next=en
Connection: keep-alive
Cache-Control: no-cache
Referer: https://secure.sharefile.com/cache/sha/_Auth/Styles/onecitrix/onecitrix.css?v=I-M3lKBNeESt-ovhZXI0Iic-Gv-rX2kRgjinKJJTfZY1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date: Tue, 21 Nov 2017 13:38:38 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 16 Nov 2017 21:39:56 GMT
Server: Microsoft-IIS/8.5
ETag: "01eb471235fd31:0"
Strict-Transport-Security: max-age=16000000; includeSubDomains; preload;
X-SF-Server: web_ssl/i-03549f30f475d8574_172.16.106.68_us-east-1c
Content-Type: image/svg+xml
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Content-Length: 1834
X-XSS-Protection: 1; mode=block

GET i-help.svg
secure.sharefile.com/cache/ca549dd797d616ea92ec79ce3b5863b2921c3452/_Auth/Styles/onecitrix/ Frame 6091 0
0

GET
H2 200 /
www.facebook.com/tr/ Frame 6091 44 B
53 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=1048210928594272&ev=Microdata&dl=https%3A%2F%2Fsecure.sharefile.com%2FAuthentication%2FLogin&rl=http%3A%2F%2Ffinanceirabetatrend.club%2Farquivo2%2Fanexo.html&if=false&ts=1511271528272&cd[Schema.org]=%5B%5D&cd[OpenGraph]=%7B%7D&cd[Meta]=%7B%22title%22%3A%22ShareFile%20Login%22%2C%22meta%3Adescription%22%3A%22Welcome%20to%20the%20ShareFile%20login%20page.%20Please%20enter%20your%20email%20and%20password.%22%7D&v=2.8.1&o=28
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

:path: /tr/?id=1048210928594272&ev=Microdata&dl=https%3A%2F%2Fsecure.sharefile.com%2FAuthentication%2FLogin&rl=http%3A%2F%2Ffinanceirabetatrend.club%2Farquivo2%2Fanexo.html&if=false&ts=1511271528272&cd[Schema.org]=%5B%5D&cd[OpenGraph]=%7B%7D&cd[Meta]=%7B%22title%22%3A%22ShareFile%20Login%22%2C%22meta%3Adescription%22%3A%22Welcome%20to%20the%20ShareFile%20login%20page.%20Please%20enter%20your%20email%20and%20password.%22%7D&v=2.8.1&o=28
pragma: no-cache
cookie: fr=0ED1yHT0BkcsNLKwr..BaFCxm...1.0.BaFCxm.
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.facebook.com
referer: https://secure.sharefile.com/Authentication/Login
:scheme: https
:method: GET
Referer: https://secure.sharefile.com/Authentication/Login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date: Tue, 21 Nov 2017 13:38:48 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
set-cookie
content-length: 44
expires: Tue, 21 Nov 2017 13:38:48 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: secure.sharefile.com
URL: https://secure.sharefile.com/Authentication/Login

Domain: 3845646.fls.doubleclick.net
URL: https://3845646.fls.doubleclick.net/activityi;dc_pre=CKLejJTlz9cCFaKi7QodaT0Itw;src=3845646;type=LogIn-;cat=Login-;ord=1;num=580830774001;gtm=Gbe;~oref=https%3A%2F%2Fsecure.sharefile.com%2FAuthentication%2FLogin?

Domain: tags.extole.com
URL: https://tags.extole.com/22556/core.js

Domain: secure.sharefile.com
URL: https://secure.sharefile.com/cache/ca549dd797d616ea92ec79ce3b5863b2921c3452/_Auth/Styles/onecitrix/i-help.svg

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-18 21:09:27	Name: IDE Value: AHWqTUkvTPEXKrKmsgiqb5u01FxevF1g5AekmoiIbcdTkv9z9mOKnUAktWauQeO5
secure.sharefile.com/	1970-01-01 00:00:00	Name: i18next Value: en
.sharefile.com/	1970-01-19 05:19:03	Name: _mkto_trk Value: id:027-LMP-993&token:_mch-sharefile.com-1511271526774-50870
.sharefile.com/	1970-01-18 11:47:51	Name: _gat Value: 1
.sharefile.com/	1970-01-18 11:49:17	Name: _gid Value: GA1.2.600822097.1511271527
secure.sharefile.com/	1970-01-01 00:00:00	Name: SFWEB_SRVNAME Value: i-03549f30f475d8574
.sharefile.com/	1970-01-19 05:19:03	Name: _ga Value: GA1.2.890680746.1511271527
secure.sharefile.com/	1970-01-01 00:00:00	Name: __RequestVerificationToken Value: r0BDaerY6bgKgEUHaBn_7rQ_qpXFypqOoyPMP6gtqu7bCyJFkEnK1nSO17hw9-aYIYGdaQ4R5ByRftbvCNGXn3HGTMPdbKX4PlC8t_KN_3Q1
secure.sharefile.com/	1970-01-01 00:00:00	Name: ASP.NET_SessionId Value: y4zoydtbf4eyqm3eenhgldgw

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://secure.sharefile.com/cache/f4bc26bfc5/bundles/webpop.js(Line 172) Message: Debug:Enabled
console-api	log	URL: https://secure.sharefile.com/cache/f4bc26bfc5/bundles/webpop.js(Line 172) Message: Application:Starting
console-api	log	URL: https://secure.sharefile.com/cache/f4bc26bfc5/bundles/webpop.js(Line 172) Message: Plugin:Installed plugins/router
console-api	log	URL: https://secure.sharefile.com/cache/f4bc26bfc5/bundles/webpop.js(Line 172) Message: Plugin:Installed plugins/dialog
console-api	log	URL: https://secure.sharefile.com/cache/f4bc26bfc5/bundles/webpop.js(Line 172) Message: Application:Started
console-api	log	URL: https://secure.sharefile.com/cache/f4bc26bfc5/bundles/webpop.js(Line 172) Message: Navigation Complete
console-api	log	URL: https://secure.sharefile.com/cache/f4bc26bfc5/bundles/webpop.js(Line 172) Message: Binding
console-api	log	URL: https://secure.sharefile.com/cache/f4bc26bfc5/bundles/webpop.js(Line 172) Message: Binding
console-api	log	URL: https://secure.sharefile.com/cache/f4bc26bfc5/bundles/webpop.js(Line 172) Message: Binding

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

027-lmp-993.mktoresp.com
3845646.fls.doubleclick.net
analytics.twitter.com
api.company-target.com
attr.ml-api.io
bam.nr-data.net
connect.facebook.net
d.company-target.com
financeirabetatrend.club
googleads.g.doubleclick.net
js-agent.newrelic.com
munchkin.marketo.net
s.ml-attr.com
scripts.demandbase.com
secure.adnxs.com
secure.sharefile.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
tags.extole.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
3845646.fls.doubleclick.net
secure.sharefile.com
tags.extole.com
104.244.42.133
104.244.42.3
104.244.43.48
151.101.114.110
162.247.242.19
172.217.22.66
178.62.89.113
185.33.223.202
199.15.215.129
23.67.141.100
2a00:1450:4001:817::2008
2a00:1450:4001:818::2003
2a00:1450:4001:818::2004
2a00:1450:4001:818::200e
2a00:1450:4001:820::2002
2a00:1450:400c:c04::9c
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
35.190.27.37
52.22.72.157
52.222.157.204
52.222.157.34
52.222.157.75
52.3.211.188
68.67.153.60
0fa17adef93728a57acfb2cf4cc315927314b0dfc069f9ac7191e21ccaa2bb2e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1479e17e365ca0046a8dd23f02f48943147652358c270db0093d090f0c8adc43
1fce942f1f154ab1af5caa4a90cb7b80dbf632f9f140e83c1c48fb48ea66fae7
2c32fe168c9552955afee4b137d4435a014ed9e689af34c0af13f12f869a74a3
2fc2ac72f4d63a038ca248de81b16a9edae98d2a0cb115a19ce8e6618b0490dc
37394c12e56edbe1f1de324b6b73344d23b4c8044b546afa4c923077e64c5153
3bd894051d3b2cf7ccda11ec0af9fec052d48d27841d2a3eb8843323007a806f
3ff29d0e937c5180321601fad67d8fa4a911e59147321a1c79f29fffff6ef32c
574558bc99cbcc4c8a0e57519cb6a317a0a4e0b70094fbec41946138d576486b
585107ada7f42329cd4d6ab1d1e87fdf26f4994e8f47d72a44ee8ab5bd291288
61fde65a0da31921d6d5019c14370a19645376cf59f11560fdad09acdbf1c57d
633435cd68b2ae45f42b6c2d3069c31d1b55269c6f9e0d358a0dd43238421eef
670b084396c44c7485b7f75b20e0232d1eeaaaf22f54291388b6c54f8bc35541
6726309f12886c87c404ed3882424fb04d50bf45d3ea68190301260af2fbabc3
6fee0cfe78705de2b6e3473b536d963ccbad9ff68c2b03561bf5363ba6906b88
735ed34da0b30643ea5a2a367240cf1afcdd34ece08d5d3fc7bb4f3c2378f18f
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
7da532094b3c0e8d2a63485604ab31dba056e382d4169c419e3833ff8b8fbf4b
7f16951f20b7258d154348223eff9f5b5cbbe599b20ad80851ff652295d2a89d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
97ee8756b647520016115244984b9d1e6474c62ecb7a9f9e0c68f145b5f82a7f
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b1668321d8b8877edb3e7559d08ccb92535a870080448ac1a9d4d023c97437a5
b266d23b924851106b47ef080f253f287dc1e06c86d05b248ac9ce27cea294ab
baa1990608ff9032207cea1c93f9735492ab5becdf8459a83a0411702e903f50
bd4d5f23336beb3b603af3bcaedb1944361755757ad50616d83d9147ba4cf56d
cbbd42bb1d88693e6805bd9d676840424af5ecf3e13d874fd06e6b57d53d8d40
d2b57811120bd1da9f5d8e4c6890c77597cd8a295a5691ad59b374a6365f21aa
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e1f244c41a11d32ede57cc0db3c2c2cf6b1cb0fc55a0bdf23130ef607ad80969
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64c9361762ec08c0ff6cb6dd67acc25e3828471b69c9985688392cea4403c1d
ec66e9623104977ac60bfd82d3c77e4fc3758b60478114da618bbd6d660d1437
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23
f8ef655ef916e39713ede9c6db56d7ca5618bd82cf5ac991dcd013f05e0fdfc7
fc2d1eea355b84cd9dfbd04d7c74d627934d0a817b8c0078c7121222ddea24f0
fcb691ebb27098e8bdec453b4b1aa0be38572691e9b962a4733a4412c6396d84

financeirabetatrend.club Open in urlscan Pro 178.62.89.113 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

50 Requests

88 %HTTPS

32 %IPv6

23 Domains

26 Subdomains

22 IPs

5 Countries

432 kBTransfer

1218 kBSize

9 Cookies

0 Outgoing links

Page URL History

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

financeirabetatrend.club Open in urlscan Pro
178.62.89.113 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

88 %
HTTPS

32 %
IPv6

23
Domains

26
Subdomains

22
IPs

5
Countries

432 kB
Transfer

1218 kB
Size

9
Cookies

50 HTTP transactions
0 data transactions