tenhamenosdividas.com Open in urlscan Pro
209.58.128.87 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://track.suamelhorpromocao.pt/track/c?u=6858&c=3892&e=csp_pt&cuid=2c788abcf32ef9a6959102381e844366&l=5&r=aHR0cHM6Ly9jbGsudHJhZ...
Effective URL:
https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098
Submission: On October 18 via manual (October 18th 2019, 8:05:49 am UTC) from PT

Summary HTTP 47 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 21 IPs in 8 countries across 23 domains to perform 47 HTTP transactions. The main IP is 209.58.128.87, located in San Francisco, United States and belongs to LEASEWEB-USA-SFO-12 - Leaseweb USA, Inc., US. The main domain is tenhamenosdividas.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on August 26th 2019. Valid for: 3 months.

This is the only time tenhamenosdividas.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	148.251.48.109 148.251.48.109	24940 (HETZNER-AS) (HETZNER-AS)
1 2	52.16.193.190 52.16.193.190	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	13.225.78.49 13.225.78.49	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	188.165.150.177 188.165.150.177	16276 (OVH) (OVH)
1	37.252.173.62 37.252.173.62	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
2 5	99.80.231.125 99.80.231.125	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 2	54.77.150.202 54.77.150.202	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	52.207.130.22 52.207.130.22	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
13	209.58.128.87 209.58.128.87	7203 (LEASEWEB-...) (LEASEWEB-USA-SFO-12 - Leaseweb USA)
3	2a00:1450:400... 2a00:1450:4001:81a::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2606:4700::68... 2606:4700::6813:c697	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:3b	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
4	23.210.248.44 23.210.248.44	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1 4	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1 3	2a00:1450:400... 2a00:1450:4001:815::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	216.58.205.226 216.58.205.226	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:400c:c04::9b	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:81a::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81f::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:821::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a03:2880:f00... 2a03:2880:f007:1:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK - Facebook)
47	21

1 148.251.48.109 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.109.48.251.148.clients.your-server.de

track.suamelhorpromocao.pt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.16.193.190 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-16-193-190.eu-west-1.compute.amazonaws.com

clk.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.49 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-225-78-49.fra2.r.cloudfront.net

vht.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.165.150.177 (France)

ASN16276 (OVH, FR)
PTR: lb01.net.royalcactus.com

analytics.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.173.62 (Ascension Island)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 99.80.231.125 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-99-80-231-125.eu-west-1.compute.amazonaws.com

fd.yioleny.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.77.150.202 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-77-150-202.eu-west-1.compute.amazonaws.com

tracking.check-my-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.207.130.22 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-207-130-22.compute-1.amazonaws.com

adsplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 209.58.128.87 (San Francisco, United States)

ASN7203 (LEASEWEB-USA-SFO-12 - Leaseweb USA, Inc., US)
PTR: isaltino.srv.codereach.pw

tenhamenosdividas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
oxy.agency	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.easyacross.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:c697 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.210.248.44 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-210-248-44.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:815::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.205.226 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s24-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9b (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f007:1:face:b00c:0:1 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	tenhamenosdividas.com tenhamenosdividas.com	552 KB
5	yioleny.com 2 redirects fd.yioleny.com	4 KB
4	yandex.ru 1 redirects mc.yandex.ru	94 KB
4	tradedoubler.com 1 redirects clk.tradedoubler.com vht.tradedoubler.com analytics.tradedoubler.com	14 KB
3	gstatic.com fonts.gstatic.com	43 KB
3	google-analytics.com 1 redirects www.google-analytics.com	18 KB
3	addthis.com s7.addthis.com	191 KB
3	googletagmanager.com www.googletagmanager.com	84 KB
2	facebook.com graph.facebook.com	938 B
2	google.de www.google.de	219 B
2	google.com 1 redirects www.google.com	296 B
2	doubleclick.net 1 redirects stats.g.doubleclick.net googleads.g.doubleclick.net	1 KB
2	cloudflare.com cdnjs.cloudflare.com	7 KB
2	adsplatform.com 1 redirects adsplatform.com	688 B
2	check-my-ads.com 2 redirects tracking.check-my-ads.com	2 KB
1	addthisedge.com v1.addthisedge.com	1011 B
1	googleapis.com fonts.googleapis.com	807 B
1	googleadservices.com www.googleadservices.com	9 KB
1	easyacross.com api.easyacross.com	14 KB
1	jquery.com code.jquery.com	30 KB
1	oxy.agency oxy.agency	2 KB
1	adnxs.com ib.adnxs.com	708 B
1	suamelhorpromocao.pt 1 redirects track.suamelhorpromocao.pt	284 B
47	23

	Domain	Requested by
11	tenhamenosdividas.com	fd.yioleny.com tenhamenosdividas.com
5	fd.yioleny.com	2 redirects clk.tradedoubler.com
4	mc.yandex.ru	1 redirects tenhamenosdividas.com
3	fonts.gstatic.com	tenhamenosdividas.com
3	www.google-analytics.com	1 redirects www.googletagmanager.com tenhamenosdividas.com
3	s7.addthis.com	tenhamenosdividas.com s7.addthis.com
3	www.googletagmanager.com	tenhamenosdividas.com
2	graph.facebook.com	s7.addthis.com
2	www.google.de	tenhamenosdividas.com
2	www.google.com	1 redirects tenhamenosdividas.com
2	cdnjs.cloudflare.com	tenhamenosdividas.com
2	adsplatform.com	1 redirects tenhamenosdividas.com
2	tracking.check-my-ads.com	2 redirects
2	clk.tradedoubler.com	1 redirects
1	v1.addthisedge.com	s7.addthis.com
1	fonts.googleapis.com	tenhamenosdividas.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	stats.g.doubleclick.net	1 redirects
1	www.googleadservices.com	www.googletagmanager.com
1	api.easyacross.com	tenhamenosdividas.com
1	code.jquery.com	tenhamenosdividas.com
1	oxy.agency	tenhamenosdividas.com
1	ib.adnxs.com	clk.tradedoubler.com
1	analytics.tradedoubler.com	vht.tradedoubler.com
1	vht.tradedoubler.com	clk.tradedoubler.com
1	track.suamelhorpromocao.pt	1 redirects
47	26

This site contains links to these domains. Also see Links.

Domain
www.codigo-postal.pt
www.addthis.com

Subject Issuer	Validity	Valid
*.tradedoubler.com GlobalSign Domain Validation CA - SHA256 - G2	`2018-12-10` - `2021-01-27`	2 years	crt.sh
analytics.tradedoubler.com COMODO RSA Domain Validation Secure Server CA	`2018-02-02` - `2021-02-01`	3 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
fd.yioleny.com Amazon	`2019-08-07` - `2020-09-07`	a year	crt.sh
tenhamenosdividas.com Let's Encrypt Authority X3	`2019-08-26` - `2019-11-24`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-10-03` - `2019-12-26`	3 months	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-08-10` - `2020-02-16`	6 months	crt.sh
oxy.agency Let's Encrypt Authority X3	`2019-09-02` - `2019-12-01`	3 months	crt.sh
jquery.org COMODO RSA Domain Validation Secure Server CA	`2018-10-17` - `2020-10-16`	2 years	crt.sh
api.easyacross.com Let's Encrypt Authority X3	`2019-10-17` - `2020-01-15`	3 months	crt.sh
odc-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2019-10-10` - `2020-09-04`	a year	crt.sh
mc.yandex.ru Yandex CA	`2019-09-23` - `2020-09-22`	a year	crt.sh
adsplatform.com Amazon	`2019-08-13` - `2020-09-13`	a year	crt.sh
www.googleadservices.com GTS CA 1O1	`2019-10-03` - `2019-12-26`	3 months	crt.sh
www.google.de GTS CA 1O1	`2019-10-03` - `2019-12-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-10-03` - `2019-12-26`	3 months	crt.sh
www.google.com GTS CA 1O1	`2019-10-03` - `2019-12-26`	3 months	crt.sh
*.googleapis.com GTS CA 1O1	`2019-10-03` - `2019-12-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2019-10-03` - `2019-12-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-09-22` - `2019-12-20`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098
Frame ID: 16A795305D2624408AA4D0BD11527874
Requests: 47 HTTP requests in this frame

Frame: https://adsplatform.com/?action=click&adsid=_73705311616257098
Frame ID: 3D70840A207316252EAA448CBCAA930B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://track.suamelhorpromocao.pt/track/c?u=6858&c=3892&e=csp_pt&cuid=2c788abcf32ef9a6959102381e844366&l=5&r=a... HTTP 303
https://clk.tradedoubler.com/click?p=301703&a=3068685&g=24652728&epi=2c788abcf32ef9a6959102381e844366&epi... Page URL
https://clk.tradedoubler.com/click?p=301703&a=3068685&g=24652728&epi=2c788abcf32ef9a6959102381e844366&epi... HTTP 302
https://fd.yioleny.com/aff_c?offer_id=8301&aff_id=1026&file_id=29723&source=2c788abcf32ef9a69591023... HTTP 302
https://fd.yioleny.com/aff_r?offer_id=8301&aff_id=1026&url=http%3A%2F%2Ftracking.check-my-ads.com%2... Page URL
https://fd.yioleny.com/aff_r?offer_id=8301&aff_id=1026&redirect_pass=2&url=http%3A%2F%2Ftracking.ch... Page URL
https://fd.yioleny.com/aff_r?offer_id=8301&aff_id=1026&redirect_pass=3&url=http%3A%2F%2Ftracking.ch... HTTP 302
http://tracking.check-my-ads.com/aff_c?offer_id=4312&aff_id=137&url_id=5342&file_id=21824&aff_sub=fb10&aff_su... HTTP 302
http://tracking.check-my-ads.com/aff_r?offer_id=4312&aff_id=137&url=http%3A%2F%2Fadsplatform.com%2F%3Fadsid%3... HTTP 302
http://adsplatform.com/?adsid=d7007dd001366cac1d269540af43605b&sub_id=102b8f1949341f6458d4e1272ab376 HTTP 302
https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098 Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

47
Requests

100 %
HTTPS

52 %
IPv6

23
Domains

26
Subdomains

21
IPs

8
Countries

1061 kB
Transfer

2037 kB
Size

13
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.codigo-postal.pt/
Title: Pesquise aqui

Search URL Search Domain Scan URL

URL: https://www.addthis.com/website-tools/overview?utm_source=AddThis%20Tools&utm_medium=image
Title: AddThis

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://track.suamelhorpromocao.pt/track/c?u=6858&c=3892&e=csp_pt&cuid=2c788abcf32ef9a6959102381e844366&l=5&r=aHR0cHM6Ly9jbGsudHJhZGVkb3VibGVyLmNvbS9jbGljaz9wPTMwMTcwMyZhPTMwNjg2ODUmZz0yNDY1MjcyOCZlcGk9MmM3ODhhYmNmMzJlZjlhNjk1OTEwMjM4MWU4NDQzNjYmZXBpMj0zODky HTTP 303
https://clk.tradedoubler.com/click?p=301703&a=3068685&g=24652728&epi=2c788abcf32ef9a6959102381e844366&epi2=3892 Page URL
https://clk.tradedoubler.com/click?p=301703&a=3068685&g=24652728&epi=2c788abcf32ef9a6959102381e844366&epi2=3892 HTTP 302
https://fd.yioleny.com/aff_c?offer_id=8301&aff_id=1026&file_id=29723&source=2c788abcf32ef9a6959102381e844366&aff_sub=48ceab78a27c9298b8b7a21ac4b3546f&aff_sub2=3892 HTTP 302
https://fd.yioleny.com/aff_r?offer_id=8301&aff_id=1026&url=http%3A%2F%2Ftracking.check-my-ads.com%2Faff_c%3Foffer_id%3D4312%26aff_id%3D137%26url_id%3D5342%26file_id%3D21824%26aff_sub%3Dfb10%26aff_sub3%3Demail%26url_id%3D5342%26aff_sub2%3D102c9458a66fae0d013d50985fca08&urlauth=502903752776603381387408144451 Page URL
https://fd.yioleny.com/aff_r?offer_id=8301&aff_id=1026&redirect_pass=2&url=http%3A%2F%2Ftracking.check-my-ads.com%2Faff_c%3Foffer_id%3D4312%26aff_id%3D137%26url_id%3D5342%26file_id%3D21824%26aff_sub%3Dfb10%26aff_sub3%3Demail%26url_id%3D5342%26aff_sub2%3D102c9458a66fae0d013d50985fca08&urlauth=502903752776603381387408144451 Page URL
https://fd.yioleny.com/aff_r?offer_id=8301&aff_id=1026&redirect_pass=3&url=http%3A%2F%2Ftracking.check-my-ads.com%2Faff_c%3Foffer_id%3D4312%26aff_id%3D137%26url_id%3D5342%26file_id%3D21824%26aff_sub%3Dfb10%26aff_sub3%3Demail%26url_id%3D5342%26aff_sub2%3D102c9458a66fae0d013d50985fca08&urlauth=502903752776603381387408144451 HTTP 302
http://tracking.check-my-ads.com/aff_c?offer_id=4312&aff_id=137&url_id=5342&file_id=21824&aff_sub=fb10&aff_sub3=email&url_id=5342&aff_sub2=102c9458a66fae0d013d50985fca08 HTTP 302
http://tracking.check-my-ads.com/aff_r?offer_id=4312&aff_id=137&url=http%3A%2F%2Fadsplatform.com%2F%3Fadsid%3Dd7007dd001366cac1d269540af43605b%26sub_id%3D102b8f1949341f6458d4e1272ab376&urlauth=339017833536884493871321237152 HTTP 302
http://adsplatform.com/?adsid=d7007dd001366cac1d269540af43605b&sub_id=102b8f1949341f6458d4e1272ab376 HTTP 302
https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://track.suamelhorpromocao.pt/track/c?u=6858&c=3892&e=csp_pt&cuid=2c788abcf32ef9a6959102381e844366&l=5&r=aHR0cHM6Ly9jbGsudHJhZGVkb3VibGVyLmNvbS9jbGljaz9wPTMwMTcwMyZhPTMwNjg2ODUmZz0yNDY1MjcyOCZlcGk9MmM3ODhhYmNmMzJlZjlhNjk1OTEwMjM4MWU4NDQzNjYmZXBpMj0zODky HTTP 303
https://clk.tradedoubler.com/click?p=301703&a=3068685&g=24652728&epi=2c788abcf32ef9a6959102381e844366&epi2=3892

Request Chain 4

https://clk.tradedoubler.com/click?p=301703&a=3068685&g=24652728&epi=2c788abcf32ef9a6959102381e844366&epi2=3892 HTTP 302
https://fd.yioleny.com/aff_c?offer_id=8301&aff_id=1026&file_id=29723&source=2c788abcf32ef9a6959102381e844366&aff_sub=48ceab78a27c9298b8b7a21ac4b3546f&aff_sub2=3892 HTTP 302
https://fd.yioleny.com/aff_r?offer_id=8301&aff_id=1026&url=http%3A%2F%2Ftracking.check-my-ads.com%2Faff_c%3Foffer_id%3D4312%26aff_id%3D137%26url_id%3D5342%26file_id%3D21824%26aff_sub%3Dfb10%26aff_sub3%3Demail%26url_id%3D5342%26aff_sub2%3D102c9458a66fae0d013d50985fca08&urlauth=502903752776603381387408144451

Request Chain 30

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1348367233&t=pageview&_s=1&dl=https%3A%2F%2Ftenhamenosdividas.com%2Fsimulacao%2F%3Fv%3D1%26sub_id%3D102b8f1949341f6458d4e1272ab376%26adsid%3D_73705311616257098&ul=en-us&de=UTF-8&dt=Simulador%20Cr%C3%A9dito%20Consolidado&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEDAAUAB~&jid=302903298&gjid=488445914&cid=760517030.1571385936&tid=UA-139839791-1&_gid=1033354634.1571385936&_r=1&gtm=2oaaa0&z=1284199652 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-139839791-1&cid=760517030.1571385936&jid=302903298&_gid=1033354634.1571385936&gjid=488445914&_v=j79&z=1284199652 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-139839791-1&cid=760517030.1571385936&jid=302903298&_v=j79&z=1284199652 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-139839791-1&cid=760517030.1571385936&jid=302903298&_v=j79&z=1284199652&slf_rd=1&random=3571868523

Request Chain 34

https://mc.yandex.ru/watch/52397326?wmode=7&page-url=https%3A%2F%2Ftenhamenosdividas.com%2Fsimulacao%2F%3Fv%3D1%26sub_id%3D102b8f1949341f6458d4e1272ab376%26adsid%3D_73705311616257098&charset=utf-8&browser-info=ti%3A10%3Ans%3A1571385934496%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A120%3Ai%3A20191018100536%3Aet%3A1571385936%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A731693987%3Ahid%3A512176210%3Ads%3A88%2C321%2C332%2C0%2C763%2C0%2C0%2C%2C%2C%2C%2C%2C%3Awn%3A62982%3Ahl%3A3%3Agdpr%3A14%3Av%3A1731%3Awv%3A2%3Ast%3A1571385936%3Au%3A1571385936204380216%3At%3ASimulador%20Cr%C3%A9dito%20Consolidado HTTP 302
https://mc.yandex.ru/watch/52397326/1?wmode=7&page-url=https%3A%2F%2Ftenhamenosdividas.com%2Fsimulacao%2F%3Fv%3D1%26sub_id%3D102b8f1949341f6458d4e1272ab376%26adsid%3D_73705311616257098&charset=utf-8&browser-info=ti%3A10%3Ans%3A1571385934496%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A120%3Ai%3A20191018100536%3Aet%3A1571385936%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A731693987%3Ahid%3A512176210%3Ads%3A88%2C321%2C332%2C0%2C763%2C0%2C0%2C%2C%2C%2C%2C%2C%3Awn%3A62982%3Ahl%3A3%3Agdpr%3A14%3Av%3A1731%3Awv%3A2%3Ast%3A1571385936%3Au%3A1571385936204380216%3At%3ASimulador%20Cr%C3%A9dito%20Consolidado

47 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Cookie set click Show response
clk.tradedoubler.com/
Redirect Chain

https://track.suamelhorpromocao.pt/track/c?u=6858&c=3892&e=csp_pt&cuid=2c788abcf32ef9a6959102381e844366&l=5&r=aHR0cHM6Ly9jbGsudHJhZGVkb3VibGVyLmNvbS9jbGljaz9wPTMwMTcwMyZhPTMwNjg2ODUmZz0yNDY1MjcyOCZ...
https://clk.tradedoubler.com/click?p=301703&a=3068685&g=24652728&epi=2c788abcf32ef9a6959102381e844366&epi2=3892

2 KB
3 KB

122ms
28ms

Document
text/html

52.16.193.190
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://clk.tradedoubler.com/click?p=301703&a=3068685&g=24652728&epi=2c788abcf32ef9a6959102381e844366&epi2=3892
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.193.190 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-16-193-190.eu-west-1.compute.amazonaws.com
Software: TXServerHttp /
Resource Hash: 6cd8c18be12a4ca2df7ffa6022634ab36d81cbc6923df9f436254750156467f9

Request headers

Host: clk.tradedoubler.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: none
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1

Response headers

Access-Control-Allow-Origin: *
Cache-Control: private, max-age=0
Content-Type: text/html; charset=ISO-8859-1
Date: Fri, 18 Oct 2019 08:05:33 GMT
P3P: policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
Pragma: no-cache
Server: TXServerHttp
Set-Cookie: SYNC=1z11zzefz292hrDzy1571385934098;expires=Sat, 17-Oct-2020 08:05:34 GMT;path=/;domain=.tradedoubler.com
Content-Length: 2440
Connection: keep-alive

Redirect headers

Server: nginx
Date: Fri, 18 Oct 2019 08:05:33 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Location: https://clk.tradedoubler.com/click?p=301703&a=3068685&g=24652728&epi=2c788abcf32ef9a6959102381e844366&epi2=3892

GET
H/1.1 200
OK prefs.js Show response
vht.tradedoubler.com/fp/ 9 KB
10 KB 23ms
8ms Script
application/javascript 13.225.78.49
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://vht.tradedoubler.com/fp/prefs.js
Requested by: Host: clk.tradedoubler.com
URL: https://clk.tradedoubler.com/click?p=301703&a=3068685&g=24652728&epi=2c788abcf32ef9a6959102381e844366&epi2=3892
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.78.49 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-225-78-49.fra2.r.cloudfront.net
Software: Apache /
Resource Hash: 17ee72d8421cc64e48d5e885c090851028f91129555be935403a51c55eff2e9d

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://clk.tradedoubler.com/click?p=301703&a=3068685&g=24652728&epi=2c788abcf32ef9a6959102381e844366&epi2=3892
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 27 May 2019 17:21:32 GMT
Via: 1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Mon, 15 Oct 2018 09:28:46 GMT
Server: Apache
Age: 312108
ETag: "2509-57841106334e6"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Cache-Control: max-age=604800, public
X-Amz-Cf-Pop: FRA2-C2
Accept-Ranges: bytes
Content-Length: 9481
X-Amz-Cf-Id: OgGmgevOyriVowvoErG3Kn6MhhAt2d4CF0JfnKCjHwBM3odlfiRQhQ==
Expires: Mon, 03 Jun 2019 17:21:32 GMT

POST
H/1.1 200
OK /
analytics.tradedoubler.com/ 0
241 B 90ms
21ms Other
text/html 188.165.150.177
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tradedoubler.com/
Requested by: Host: vht.tradedoubler.com
URL: https://vht.tradedoubler.com/fp/prefs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.165.150.177 , France, ASN16276 (OVH, FR),
Reverse DNS: lb01.net.royalcactus.com
Software: nginx /
Resource Hash

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://clk.tradedoubler.com/click?p=301703&a=3068685&g=24652728&epi=2c788abcf32ef9a6959102381e844366&epi2=3892
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 18 Oct 2019 08:05:34 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK getuidj
ib.adnxs.com/ 11 B
708 B 21ms
6ms XHR
application/json 37.252.173.62
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: clk.tradedoubler.com
URL: https://clk.tradedoubler.com/click?p=301703&a=3068685&g=24652728&epi=2c788abcf32ef9a6959102381e844366&epi2=3892

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.62 , Ascension Island, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://clk.tradedoubler.com/click?p=301703&a=3068685&g=24652728&epi=2c788abcf32ef9a6959102381e844366&epi2=3892
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Oct 2019 08:05:36 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 535.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.230:80
AN-X-Request-Uuid: babc8fa0-1adf-4fd9-a802-04e73e062ac6
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://clk.tradedoubler.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

aff_r
fd.yioleny.com/
Redirect Chain

https://clk.tradedoubler.com/click?p=301703&a=3068685&g=24652728&epi=2c788abcf32ef9a6959102381e844366&epi2=3892
https://fd.yioleny.com/aff_c?offer_id=8301&aff_id=1026&file_id=29723&source=2c788abcf32ef9a6959102381e844366&aff_sub=48ceab78a27c9298b8b7a21ac4b3546f&aff_sub2=3892
https://fd.yioleny.com/aff_r?offer_id=8301&aff_id=1026&url=http%3A%2F%2Ftracking.check-my-ads.com%2Faff_c%3Foffer_id%3D4312%26aff_id%3D137%26url_id%3D5342%26file_id%3D21824%26aff_sub%3Dfb10%26aff_s...

371 B
559 B

36ms
30ms

Document
text/html

99.80.231.125
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://fd.yioleny.com/aff_r?offer_id=8301&aff_id=1026&url=http%3A%2F%2Ftracking.check-my-ads.com%2Faff_c%3Foffer_id%3D4312%26aff_id%3D137%26url_id%3D5342%26file_id%3D21824%26aff_sub%3Dfb10%26aff_sub3%3Demail%26url_id%3D5342%26aff_sub2%3D102c9458a66fae0d013d50985fca08&urlauth=502903752776603381387408144451
Requested by: Host: clk.tradedoubler.com
URL: https://clk.tradedoubler.com/click?p=301703&a=3068685&g=24652728&epi=2c788abcf32ef9a6959102381e844366&epi2=3892
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.231.125 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-99-80-231-125.eu-west-1.compute.amazonaws.com
Software: nginx/1.13.12 /
Resource Hash

Request headers

:method: GET
:authority: fd.yioleny.com
:scheme: https
:path: /aff_r?offer_id=8301&aff_id=1026&url=http%3A%2F%2Ftracking.check-my-ads.com%2Faff_c%3Foffer_id%3D4312%26aff_id%3D137%26url_id%3D5342%26file_id%3D21824%26aff_sub%3Dfb10%26aff_sub3%3Demail%26url_id%3D5342%26aff_sub2%3D102c9458a66fae0d013d50985fca08&urlauth=502903752776603381387408144451
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://clk.tradedoubler.com/click?p=301703&a=3068685&g=24652728&epi=2c788abcf32ef9a6959102381e844366&epi2=3892
accept-encoding: gzip, deflate, br
cookie: enc_aff_session_8301=ENC0379b3ad2d549603601ce32f795e81ee0e62dca2f878c62adae1f7542ac39b0aa3a859eb5bd1acae2fbba0554cbcd4ae78c3520c887f5713637c2c876917bf95945376e1789b44ed2675120dd53834e342440301cb3676df8f9fd7f505166c0fc6f4d073e76a8b4e4be7de3e966b3eac1007ae0ac3ddf00a53bd61ba955daed3aa5281a4d5e59c74db0fa019f66e8244f87a1b034e0110df85d0900b7f9a0941ba2355674f3c859db52e715a84fb0a9a4aba18a6cc0438957b4bd87d21ad37eed11beea8c8a18b5476caac4bef9f877b71806bb3a53398d4648ee8c92fb310190f1f8063887fed1d640e8d823b66dac52bcecc04ed861f9860db02e98e547f243820cf6bfbf023af44cc69890412e4757f9f8c1d2a5747fd97f3b991bb681bb7032c5e4e63; ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI3NC4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS83NC4wLjM3MjkuMTY5IFNhZmFyaS81MzcuMzYiLCJjb25uZWN0aW9uX3NwZWVkIjoiYnJvYWRiYW5kIn0=
Origin: https://clk.tradedoubler.com
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Referer: https://clk.tradedoubler.com/click?p=301703&a=3068685&g=24652728&epi=2c788abcf32ef9a6959102381e844366&epi2=3892

Response headers

status: 200
date: Fri, 18 Oct 2019 08:05:34 GMT
content-type: text/html
content-length: 371
server: nginx/1.13.12
expires: Sat, 26 Jul 1997 05:00:00 GMT
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *

Redirect headers

status: 302
date: Fri, 18 Oct 2019 08:05:34 GMT
content-type: text/html; charset=iso-8859-1
content-length: 481
server: nginx/1.13.12
expires: Sat, 26 Jul 1997 05:00:00 GMT
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
x-robots-tag: noindex, nofollow
tracking_id: 102c9458a66fae0d013d50985fca08
location: /aff_r?offer_id=8301&aff_id=1026&url=http%3A%2F%2Ftracking.check-my-ads.com%2Faff_c%3Foffer_id%3D4312%26aff_id%3D137%26url_id%3D5342%26file_id%3D21824%26aff_sub%3Dfb10%26aff_sub3%3Demail%26url_id%3D5342%26aff_sub2%3D102c9458a66fae0d013d50985fca08&urlauth=502903752776603381387408144451
set-cookie: enc_aff_session_8301=ENC0379b3ad2d549603601ce32f795e81ee0e62dca2f878c62adae1f7542ac39b0aa3a859eb5bd1acae2fbba0554cbcd4ae78c3520c887f5713637c2c876917bf95945376e1789b44ed2675120dd53834e342440301cb3676df8f9fd7f505166c0fc6f4d073e76a8b4e4be7de3e966b3eac1007ae0ac3ddf00a53bd61ba955daed3aa5281a4d5e59c74db0fa019f66e8244f87a1b034e0110df85d0900b7f9a0941ba2355674f3c859db52e715a84fb0a9a4aba18a6cc0438957b4bd87d21ad37eed11beea8c8a18b5476caac4bef9f877b71806bb3a53398d4648ee8c92fb310190f1f8063887fed1d640e8d823b66dac52bcecc04ed861f9860db02e98e547f243820cf6bfbf023af44cc69890412e4757f9f8c1d2a5747fd97f3b991bb681bb7032c5e4e63; expires=Mon, 18 Nov 2019 08:05:34 GMT; path=/; ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI3NC4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS83NC4wLjM3MjkuMTY5IFNhZmFyaS81MzcuMzYiLCJjb25uZWN0aW9uX3NwZWVkIjoiYnJvYWRiYW5kIn0=; expires=Sun, 11 Sep 2022 18:45:34 GMT; path=/;
p3p: CP="NOI CUR OUR NOR INT"
access-control-allow-origin: *

GET
H2 200 aff_r
fd.yioleny.com/ 0
399 B 45ms
44ms Document
text/plain 99.80.231.125
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://fd.yioleny.com/aff_r?offer_id=8301&aff_id=1026&redirect_pass=1&url=http%3A%2F%2Ftracking.check-my-ads.com%2Faff_c%3Foffer_id%3D4312%26aff_id%3D137%26url_id%3D5342%26file_id%3D21824%26aff_sub%3Dfb10%26aff_sub3%3Demail%26url_id%3D5342%26aff_sub2%3D102c9458a66fae0d013d50985fca08&urlauth=502903752776603381387408144451
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.231.125 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-99-80-231-125.eu-west-1.compute.amazonaws.com
Software: nginx/1.13.12 /
Resource Hash

Request headers

:method: GET
:authority: fd.yioleny.com
:scheme: https
:path: /aff_r?offer_id=8301&aff_id=1026&redirect_pass=1&url=http%3A%2F%2Ftracking.check-my-ads.com%2Faff_c%3Foffer_id%3D4312%26aff_id%3D137%26url_id%3D5342%26file_id%3D21824%26aff_sub%3Dfb10%26aff_sub3%3Demail%26url_id%3D5342%26aff_sub2%3D102c9458a66fae0d013d50985fca08&urlauth=502903752776603381387408144451
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: same-origin
referer: https://fd.yioleny.com/aff_r?offer_id=8301&aff_id=1026&url=http%3A%2F%2Ftracking.check-my-ads.com%2Faff_c%3Foffer_id%3D4312%26aff_id%3D137%26url_id%3D5342%26file_id%3D21824%26aff_sub%3Dfb10%26aff_sub3%3Demail%26url_id%3D5342%26aff_sub2%3D102c9458a66fae0d013d50985fca08&urlauth=502903752776603381387408144451
accept-encoding: gzip, deflate, br
cookie: enc_aff_session_8301=ENC0379b3ad2d549603601ce32f795e81ee0e62dca2f878c62adae1f7542ac39b0aa3a859eb5bd1acae2fbba0554cbcd4ae78c3520c887f5713637c2c876917bf95945376e1789b44ed2675120dd53834e342440301cb3676df8f9fd7f505166c0fc6f4d073e76a8b4e4be7de3e966b3eac1007ae0ac3ddf00a53bd61ba955daed3aa5281a4d5e59c74db0fa019f66e8244f87a1b034e0110df85d0900b7f9a0941ba2355674f3c859db52e715a84fb0a9a4aba18a6cc0438957b4bd87d21ad37eed11beea8c8a18b5476caac4bef9f877b71806bb3a53398d4648ee8c92fb310190f1f8063887fed1d640e8d823b66dac52bcecc04ed861f9860db02e98e547f243820cf6bfbf023af44cc69890412e4757f9f8c1d2a5747fd97f3b991bb681bb7032c5e4e63; ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI3NC4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS83NC4wLjM3MjkuMTY5IFNhZmFyaS81MzcuMzYiLCJjb25uZWN0aW9uX3NwZWVkIjoiYnJvYWRiYW5kIn0=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Referer: https://fd.yioleny.com/aff_r?offer_id=8301&aff_id=1026&url=http%3A%2F%2Ftracking.check-my-ads.com%2Faff_c%3Foffer_id%3D4312%26aff_id%3D137%26url_id%3D5342%26file_id%3D21824%26aff_sub%3Dfb10%26aff_sub3%3Demail%26url_id%3D5342%26aff_sub2%3D102c9458a66fae0d013d50985fca08&urlauth=502903752776603381387408144451

Response headers

status: 200
date: Fri, 18 Oct 2019 08:05:34 GMT
content-length: 0
server: nginx/1.13.12
expires: Sat, 26 Jul 1997 05:00:00 GMT
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
refresh: 0;url=/aff_r?offer_id=8301&aff_id=1026&redirect_pass=2&url=http%3A%2F%2Ftracking.check-my-ads.com%2Faff_c%3Foffer_id%3D4312%26aff_id%3D137%26url_id%3D5342%26file_id%3D21824%26aff_sub%3Dfb10%26aff_sub3%3Demail%26url_id%3D5342%26aff_sub2%3D102c9458a66fae0d013d50985fca08&urlauth=502903752776603381387408144451
access-control-allow-origin: *

GET
H2 200 aff_r Show response
fd.yioleny.com/ 779 B
967 B 32ms
31ms Document
text/html 99.80.231.125
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://fd.yioleny.com/aff_r?offer_id=8301&aff_id=1026&redirect_pass=2&url=http%3A%2F%2Ftracking.check-my-ads.com%2Faff_c%3Foffer_id%3D4312%26aff_id%3D137%26url_id%3D5342%26file_id%3D21824%26aff_sub%3Dfb10%26aff_sub3%3Demail%26url_id%3D5342%26aff_sub2%3D102c9458a66fae0d013d50985fca08&urlauth=502903752776603381387408144451
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.231.125 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-99-80-231-125.eu-west-1.compute.amazonaws.com
Software: nginx/1.13.12 /
Resource Hash: 6a64f3d308a61b7c20a15f19ec010830b8c8e47da64b4bea1511b8e3d69f2acb

Request headers

:method: GET
:authority: fd.yioleny.com
:scheme: https
:path: /aff_r?offer_id=8301&aff_id=1026&redirect_pass=2&url=http%3A%2F%2Ftracking.check-my-ads.com%2Faff_c%3Foffer_id%3D4312%26aff_id%3D137%26url_id%3D5342%26file_id%3D21824%26aff_sub%3Dfb10%26aff_sub3%3Demail%26url_id%3D5342%26aff_sub2%3D102c9458a66fae0d013d50985fca08&urlauth=502903752776603381387408144451
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: same-origin
referer: https://fd.yioleny.com/aff_r?offer_id=8301&aff_id=1026&redirect_pass=1&url=http%3A%2F%2Ftracking.check-my-ads.com%2Faff_c%3Foffer_id%3D4312%26aff_id%3D137%26url_id%3D5342%26file_id%3D21824%26aff_sub%3Dfb10%26aff_sub3%3Demail%26url_id%3D5342%26aff_sub2%3D102c9458a66fae0d013d50985fca08&urlauth=502903752776603381387408144451
accept-encoding: gzip, deflate, br
cookie: enc_aff_session_8301=ENC0379b3ad2d549603601ce32f795e81ee0e62dca2f878c62adae1f7542ac39b0aa3a859eb5bd1acae2fbba0554cbcd4ae78c3520c887f5713637c2c876917bf95945376e1789b44ed2675120dd53834e342440301cb3676df8f9fd7f505166c0fc6f4d073e76a8b4e4be7de3e966b3eac1007ae0ac3ddf00a53bd61ba955daed3aa5281a4d5e59c74db0fa019f66e8244f87a1b034e0110df85d0900b7f9a0941ba2355674f3c859db52e715a84fb0a9a4aba18a6cc0438957b4bd87d21ad37eed11beea8c8a18b5476caac4bef9f877b71806bb3a53398d4648ee8c92fb310190f1f8063887fed1d640e8d823b66dac52bcecc04ed861f9860db02e98e547f243820cf6bfbf023af44cc69890412e4757f9f8c1d2a5747fd97f3b991bb681bb7032c5e4e63; ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI3NC4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS83NC4wLjM3MjkuMTY5IFNhZmFyaS81MzcuMzYiLCJjb25uZWN0aW9uX3NwZWVkIjoiYnJvYWRiYW5kIn0=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Referer: https://fd.yioleny.com/aff_r?offer_id=8301&aff_id=1026&redirect_pass=1&url=http%3A%2F%2Ftracking.check-my-ads.com%2Faff_c%3Foffer_id%3D4312%26aff_id%3D137%26url_id%3D5342%26file_id%3D21824%26aff_sub%3Dfb10%26aff_sub3%3Demail%26url_id%3D5342%26aff_sub2%3D102c9458a66fae0d013d50985fca08&urlauth=502903752776603381387408144451

Response headers

status: 200
date: Fri, 18 Oct 2019 08:05:34 GMT
content-type: text/html
content-length: 779
server: nginx/1.13.12
expires: Sat, 26 Jul 1997 05:00:00 GMT
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *

GET
H2

200

Primary Request / Show response
tenhamenosdividas.com/simulacao/
Redirect Chain

https://fd.yioleny.com/aff_r?offer_id=8301&aff_id=1026&redirect_pass=3&url=http%3A%2F%2Ftracking.check-my-ads.com%2Faff_c%3Foffer_id%3D4312%26aff_id%3D137%26url_id%3D5342%26file_id%3D21824%26aff_su...
http://tracking.check-my-ads.com/aff_c?offer_id=4312&aff_id=137&url_id=5342&file_id=21824&aff_sub=fb10&aff_sub3=email&url_id=5342&aff_sub2=102c9458a66fae0d013d50985fca08
http://tracking.check-my-ads.com/aff_r?offer_id=4312&aff_id=137&url=http%3A%2F%2Fadsplatform.com%2F%3Fadsid%3Dd7007dd001366cac1d269540af43605b%26sub_id%3D102b8f1949341f6458d4e1272ab376&urlauth=3390...
http://adsplatform.com/?adsid=d7007dd001366cac1d269540af43605b&sub_id=102b8f1949341f6458d4e1272ab376
https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098

45 KB
11 KB

744ms
331ms

Document
text/html

209.58.128.87
Leaseweb USA

General

Check archive.org

Show headers Download Go to

Full URL: https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098
Requested by: Host: fd.yioleny.com
URL: https://fd.yioleny.com/aff_r?offer_id=8301&aff_id=1026&redirect_pass=2&url=http%3A%2F%2Ftracking.check-my-ads.com%2Faff_c%3Foffer_id%3D4312%26aff_id%3D137%26url_id%3D5342%26file_id%3D21824%26aff_sub%3Dfb10%26aff_sub3%3Demail%26url_id%3D5342%26aff_sub2%3D102c9458a66fae0d013d50985fca08&urlauth=502903752776603381387408144451
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.58.128.87 San Francisco, United States, ASN7203 (LEASEWEB-USA-SFO-12 - Leaseweb USA, Inc., US),
Reverse DNS: isaltino.srv.codereach.pw
Software: nginx / PHP/5.5.9-1ubuntu4.29 PleskLin
Resource Hash: bcb4fe6b72cdb3de0386efad6e4527adfdf5f0cc45ffec4dec2e138106de1341

Request headers

:method: GET
:authority: tenhamenosdividas.com
:scheme: https
:path: /simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate

Response headers

status: 200
server: nginx
date: Fri, 18 Oct 2019 08:05:35 GMT
content-type: text/html; charset=utf-8
content-length: 11153
x-powered-by: PHP/5.5.9-1ubuntu4.29 PleskLin
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: PHPSESSID=kl0i5h1jgc2ab1938t4como5e3; path=/
vary: Accept-Encoding
content-encoding: gzip

Redirect headers

Date: Fri, 18 Oct 2019 08:05:35 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 704
Connection: keep-alive
Server: Apache
Cache-Control: no-cache
Location: https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098
Set-Cookie: laravel_session=eyJpdiI6InZSY2lJY1NZZ0pEd2I3ZFhvT2laQUE9PSIsInZhbHVlIjoiQTl2SnRuUHozalI4STY2Z01sTUtBd0N2TXFsaHNRSmxqYzRIOGVOREZtSGRmWSsrdktxdmRaTnlcL1ZrSTZXTmd1Y1FNMjRkM08yZWJLbFBrYW5ONDdBPT0iLCJtYWMiOiIzODRhMTA2ZjMyNGYwOTZiZWVhZWVmMmFkYjQzNzU0YmJmODYzYjRlNDBlZjgxM2JiYmNiOGY1MTFhNDNjZWYzIn0%3D; expires=Sat, 21-Sep-2024 08:05:35 GMT; Max-Age=155520000; path=/; HttpOnly

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 74 KB
28 KB 33ms
32ms Script
application/javascript 2a00:1450:4001:81a::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-134638537-2

Requested by

Host: tenhamenosdividas.com
URL: https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

668522ce09acfd384d09a3f821e0c64763e2570368f76a3ae1e21738d6ce36df

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 08:05:36 GMT
content-encoding: br
last-modified: Fri, 18 Oct 2019 06:00:00 GMT
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28470
x-xss-protection: 0
expires: Fri, 18 Oct 2019 08:05:36 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 74 KB
28 KB 31ms
31ms Script
application/javascript 2a00:1450:4001:81a::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-760329461

Requested by

Host: tenhamenosdividas.com
URL: https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

73b5fd7a552e4a9e24ded07eb7159afe80dffa2df58ae9990d657bf5b9c01a4b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 08:05:36 GMT
content-encoding: br
last-modified: Fri, 18 Oct 2019 06:00:00 GMT
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28467
x-xss-protection: 0
expires: Fri, 18 Oct 2019 08:05:36 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 74 KB
28 KB 42ms
38ms Script
application/javascript 2a00:1450:4001:81a::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-139839791-1

Requested by

Host: tenhamenosdividas.com
URL: https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ff070f7d693fdc010504f59a2bb43fa7c05306bc928b58cb5be5dcf74ef94c15

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 08:05:36 GMT
content-encoding: br
last-modified: Fri, 18 Oct 2019 06:00:00 GMT
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28470
x-xss-protection: 0
expires: Fri, 18 Oct 2019 08:05:36 GMT

GET
H2 200 style.css
tenhamenosdividas.com/simulacao/dist/ 65 KB
65 KB 164ms
164ms Stylesheet
text/css 209.58.128.87
Leaseweb USA

General

Check archive.org

Show headers Download Go to

Full URL: https://tenhamenosdividas.com/simulacao/dist/style.css
Requested by: Host: tenhamenosdividas.com
URL: https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.58.128.87 San Francisco, United States, ASN7203 (LEASEWEB-USA-SFO-12 - Leaseweb USA, Inc., US),
Reverse DNS: isaltino.srv.codereach.pw
Software: nginx / PleskLin
Resource Hash: 4ca26fa85fbc0624c511df651feab2532b477c1d50cc3d5567924a74f798f417

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 08:05:36 GMT
last-modified: Mon, 22 Jul 2019 10:14:30 GMT
server: nginx
x-powered-by: PleskLin
etag: "5d358c86-103f0"
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 66544

GET
H2 200 logo.png
tenhamenosdividas.com/simulacao/dist/images/ 3 KB
3 KB 441ms
437ms Image
image/png 209.58.128.87
Leaseweb USA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tenhamenosdividas.com/simulacao/dist/images/logo.png
Requested by: Host: tenhamenosdividas.com
URL: https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.58.128.87 San Francisco, United States, ASN7203 (LEASEWEB-USA-SFO-12 - Leaseweb USA, Inc., US),
Reverse DNS: isaltino.srv.codereach.pw
Software: nginx / PleskLin
Resource Hash: d39c54f2463d628397998bf547ff60183ae98bdd480efff23e9df38263eefee0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 08:05:36 GMT
last-modified: Mon, 22 Jul 2019 10:14:37 GMT
server: nginx
x-powered-by: PleskLin
etag: "5d358c8d-d42"
content-type: image/png
status: 200
accept-ranges: bytes
content-length: 3394

GET
H2 200 simulacao-desktop.gif
tenhamenosdividas.com/simulacao/dist/images/ 89 KB
89 KB 441ms
437ms Image
image/gif 209.58.128.87
Leaseweb USA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tenhamenosdividas.com/simulacao/dist/images/simulacao-desktop.gif
Requested by: Host: tenhamenosdividas.com
URL: https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.58.128.87 San Francisco, United States, ASN7203 (LEASEWEB-USA-SFO-12 - Leaseweb USA, Inc., US),
Reverse DNS: isaltino.srv.codereach.pw
Software: nginx / PleskLin
Resource Hash: 9f2917bb2e27d806bb90f896c90239be8a263732f792cb8265f39a7b3c893861

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 08:05:36 GMT
last-modified: Mon, 22 Jul 2019 10:12:52 GMT
server: nginx
x-powered-by: PleskLin
etag: "5d358c24-1641d"
content-type: image/gif
status: 200
accept-ranges: bytes
content-length: 91165

GET
H2 200 simulacao-mobile.gif
tenhamenosdividas.com/simulacao/dist/images/ 109 KB
109 KB 441ms
437ms Image
image/gif 209.58.128.87
Leaseweb USA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tenhamenosdividas.com/simulacao/dist/images/simulacao-mobile.gif
Requested by: Host: tenhamenosdividas.com
URL: https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.58.128.87 San Francisco, United States, ASN7203 (LEASEWEB-USA-SFO-12 - Leaseweb USA, Inc., US),
Reverse DNS: isaltino.srv.codereach.pw
Software: nginx / PleskLin
Resource Hash: af10f344644a26cb841faf7db9da8140814908d7f6fe0f8044ab2586d20d0e04

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 08:05:36 GMT
last-modified: Mon, 22 Jul 2019 10:12:52 GMT
server: nginx
x-powered-by: PleskLin
etag: "5d358c24-1b23a"
content-type: image/gif
status: 200
accept-ranges: bytes
content-length: 111162

GET
H2 200 arrowdown.svg
tenhamenosdividas.com/simulacao/dist/images/ 493 B
666 B 440ms
437ms Image
image/svg+xml 209.58.128.87
Leaseweb USA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tenhamenosdividas.com/simulacao/dist/images/arrowdown.svg
Requested by: Host: tenhamenosdividas.com
URL: https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.58.128.87 San Francisco, United States, ASN7203 (LEASEWEB-USA-SFO-12 - Leaseweb USA, Inc., US),
Reverse DNS: isaltino.srv.codereach.pw
Software: nginx / PleskLin
Resource Hash: 5737512afe5af4dd46940d84c0312f4a486d8cd231ffc93af9564264f19e8b97

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 08:05:36 GMT
etag: "1ed-58e425780aa27"
last-modified: Mon, 22 Jul 2019 10:14:30 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/svg+xml
status: 200
x-accel-version: 0.01
accept-ranges: bytes
content-length: 493

GET
H2 200 arrowright.svg
tenhamenosdividas.com/simulacao/dist/images/ 408 B
581 B 441ms
437ms Image
image/svg+xml 209.58.128.87
Leaseweb USA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tenhamenosdividas.com/simulacao/dist/images/arrowright.svg
Requested by: Host: tenhamenosdividas.com
URL: https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.58.128.87 San Francisco, United States, ASN7203 (LEASEWEB-USA-SFO-12 - Leaseweb USA, Inc., US),
Reverse DNS: isaltino.srv.codereach.pw
Software: nginx / PleskLin
Resource Hash: 6fc9f6b04711e15e8bb63d819efd89fdaca8f0768d5e59582f301f25f3c9f795

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 08:05:36 GMT
etag: "198-58e4257827ee7"
last-modified: Mon, 22 Jul 2019 10:14:30 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/svg+xml
status: 200
x-accel-version: 0.01
accept-ranges: bytes
content-length: 408

GET
H2 200 img.jpg
tenhamenosdividas.com/simulacao/dist/images/ 134 KB
134 KB 441ms
438ms Image
image/jpeg 209.58.128.87
Leaseweb USA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tenhamenosdividas.com/simulacao/dist/images/img.jpg
Requested by: Host: tenhamenosdividas.com
URL: https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.58.128.87 San Francisco, United States, ASN7203 (LEASEWEB-USA-SFO-12 - Leaseweb USA, Inc., US),
Reverse DNS: isaltino.srv.codereach.pw
Software: nginx / PleskLin
Resource Hash: 3fe882b4bbc682a69556b1de01ea429af8894116e341f3446ea1929ad8cb1796

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 08:05:36 GMT
last-modified: Mon, 22 Jul 2019 10:14:37 GMT
server: nginx
x-powered-by: PleskLin
etag: "5d358c8d-21779"
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 137081

GET
H2 200 quote.svg
tenhamenosdividas.com/simulacao/dist/images/ 1 KB
1 KB 441ms
438ms Image
image/svg+xml 209.58.128.87
Leaseweb USA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tenhamenosdividas.com/simulacao/dist/images/quote.svg
Requested by: Host: tenhamenosdividas.com
URL: https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.58.128.87 San Francisco, United States, ASN7203 (LEASEWEB-USA-SFO-12 - Leaseweb USA, Inc., US),
Reverse DNS: isaltino.srv.codereach.pw
Software: nginx / PleskLin
Resource Hash: 1d4af28662ec7b9cd456825a5a4d27a1d98a160b27c8b45a32ea8694221b427b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 08:05:36 GMT
last-modified: Mon, 22 Jul 2019 10:14:36 GMT
server: nginx
x-powered-by: PleskLin
etag: "5d358c8c-438"
content-type: image/svg+xml
status: 200
accept-ranges: bytes
content-length: 1080

GET
H2 200 cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 4 KB
1 KB 24ms
16ms Stylesheet
text/css 2606:4700::6813:c697
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css

Requested by

Host: tenhamenosdividas.com
URL: https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c697 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 08:05:36 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 16019879
status: 200
served-in-seconds: 0.005
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:18:32 GMT
server: cloudflare
etag: W/"5afd48e8-f62"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 527902146cbacbc4-VIE
expires: Wed, 07 Oct 2020 08:05:36 GMT

GET
H2 200 modal.css
oxy.agency/common/css/ 2 KB
2 KB 627ms
163ms Stylesheet
text/css 209.58.128.87
Leaseweb USA

General

Check archive.org

Show headers Download Go to

Full URL: https://oxy.agency/common/css/modal.css
Requested by: Host: tenhamenosdividas.com
URL: https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.58.128.87 San Francisco, United States, ASN7203 (LEASEWEB-USA-SFO-12 - Leaseweb USA, Inc., US),
Reverse DNS: isaltino.srv.codereach.pw
Software: nginx / PleskLin
Resource Hash: 42a1360af50656d0a0b7b3a40d07f7eeeeb9b5bdfa5c8c95ba5b15b7880be6ad

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 08:05:36 GMT
last-modified: Wed, 17 Jul 2019 18:24:18 GMT
server: nginx
x-powered-by: PleskLin
etag: "5d2f67d2-7b0"
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 1968

GET
H2 200 cookieconsent.min.js Show response
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 19 KB
6 KB 28ms
21ms Script
application/javascript 2606:4700::6813:c697
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js

Requested by

Host: tenhamenosdividas.com
URL: https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c697 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 08:05:36 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 16019878
status: 200
served-in-seconds: 0.025
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:18:36 GMT
server: cloudflare
etag: W/"5afd48ec-4d5a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 527902146cbdcbc4-VIE
expires: Wed, 07 Oct 2020 08:05:36 GMT

GET
H/1.1 200
OK jquery-2.2.4.min.js Show response
code.jquery.com/ 84 KB
30 KB 22ms
8ms Script
application/javascript 2001:4de0:ac19::1:b:3b
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.4.min.js
Requested by: Host: tenhamenosdividas.com
URL: https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

Sec-Fetch-Mode: cors
Referer: https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098
Origin: https://tenhamenosdividas.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 18 Oct 2019 08:05:36 GMT
Content-Encoding: gzip
Last-Modified: Fri, 20 May 2016 17:24:41 GMT
Server: nginx
ETag: W/"573f4859-14e4a"
Vary: Accept-Encoding
X-HW: 1571385936.dop142.fr8.shc,1571385936.dop142.fr8.t,1571385936.cds130.fr8.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 29811

GET
H2 200 jquery.seoval.min.js Show response
api.easyacross.com/js/validation/ 14 KB
14 KB 666ms
310ms Script
application/javascript 209.58.128.87
Leaseweb USA

General

Check archive.org

Show headers Download Go to

Full URL: https://api.easyacross.com/js/validation/jquery.seoval.min.js
Requested by: Host: tenhamenosdividas.com
URL: https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.58.128.87 San Francisco, United States, ASN7203 (LEASEWEB-USA-SFO-12 - Leaseweb USA, Inc., US),
Reverse DNS: isaltino.srv.codereach.pw
Software: nginx / PleskLin
Resource Hash: b8da5a01a403fd9b978e77b69f3275ae3e5370145dcbcd3af42c509735426e3d

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 08:05:36 GMT
last-modified: Fri, 01 Dec 2017 02:20:38 GMT
server: nginx
x-powered-by: PleskLin
etag: "5a20bc76-3825"
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 14373

GET
H2 200 scripts.js Show response
tenhamenosdividas.com/simulacao/dist/ 127 KB
128 KB 441ms
437ms Script
application/javascript 209.58.128.87
Leaseweb USA

General

Check archive.org

Show headers Download Go to

Full URL: https://tenhamenosdividas.com/simulacao/dist/scripts.js
Requested by: Host: tenhamenosdividas.com
URL: https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.58.128.87 San Francisco, United States, ASN7203 (LEASEWEB-USA-SFO-12 - Leaseweb USA, Inc., US),
Reverse DNS: isaltino.srv.codereach.pw
Software: nginx / PleskLin
Resource Hash: 1191d7af1bc73d8b7d32f042374d51f6f412a27613c71013ae7d47615406fb32

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 08:05:36 GMT
last-modified: Mon, 22 Jul 2019 10:14:36 GMT
server: nginx
x-powered-by: PleskLin
etag: "5d358c8c-1fd36"
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 130358

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 349 KB
113 KB 14ms
11ms Script
application/javascript 23.210.248.44
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: tenhamenosdividas.com
URL: https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

a95ebbca9b2c9a1cbd25f9b5070862c532bf98170e12f9d53b0212e2569622c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Thu, 10 Oct 2019 17:01:35 GMT
server: nginx/1.15.8
etag: "5d9f63ef-573ea"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
status: 200
cache-control: public, max-age=600
date: Fri, 18 Oct 2019 08:05:36 GMT
x-host: s7.addthis.com
content-length: 114882

GET
H/1.1 200
OK tag.js Show response
mc.yandex.ru/metrika/ 355 KB
91 KB 240ms
95ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: tenhamenosdividas.com
URL: https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

cd85630e963a6f91f4995e7589ca6fb44e77b1843e5727f2fc3f85113f7d03d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 18 Oct 2019 08:05:36 GMT
Content-Encoding: br
Last-Modified: Tue, 24 Sep 2019 13:01:01 GMT
Server: nginx/1.14.2
ETag: "5d8a138d-16ad7"
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Content-Length: 92887
Expires: Fri, 18 Oct 2019 09:05:36 GMT

GET
H2 200 /
adsplatform.com/ Frame 3D70 0
0 392ms
202ms Document
text/plain 52.207.130.22
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://adsplatform.com/?action=click&adsid=_73705311616257098
Requested by: Host: tenhamenosdividas.com
URL: https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.207.130.22 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-207-130-22.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

:method: GET
:authority: adsplatform.com
:scheme: https
:path: /?action=click&adsid=_73705311616257098
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098
accept-encoding: gzip, deflate, br
cookie: laravel_session=eyJpdiI6InZSY2lJY1NZZ0pEd2I3ZFhvT2laQUE9PSIsInZhbHVlIjoiQTl2SnRuUHozalI4STY2Z01sTUtBd0N2TXFsaHNRSmxqYzRIOGVOREZtSGRmWSsrdktxdmRaTnlcL1ZrSTZXTmd1Y1FNMjRkM08yZWJLbFBrYW5ONDdBPT0iLCJtYWMiOiIzODRhMTA2ZjMyNGYwOTZiZWVhZWVmMmFkYjQzNzU0YmJmODYzYjRlNDBlZjgxM2JiYmNiOGY1MTFhNDNjZWYzIn0%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098

Response headers

status: 200
date: Fri, 18 Oct 2019 08:05:36 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
server: Apache
cache-control: no-cache
set-cookie: uci[10507]=eyJpdiI6Ijd2Wng5QTZEVXpGamRCWDZwVm9KMFE9PSIsInZhbHVlIjoiY0RjQ2pXRTE4M093RjAyTHlSUmh4QT09IiwibWFjIjoiYTAzZWZhMWIxM2E2ODA0ODM2YjcwOWQxNTYyYWQ5YjMyZWY5ZWM5OTM1NDY0ZDdiMjIwNjBhYmY4YzU1M2RjNCJ9; expires=Fri, 18-Oct-2019 20:05:36 GMT; Max-Age=43200; path=/; HttpOnly laravel_session=eyJpdiI6InlXdGY2dWVGcXdZVXE4bG53blwva0pBPT0iLCJ2YWx1ZSI6ImUzSzlzb2RkdmJhaWN3MkNhaVdqbGFcL05ZZmhMWWdOZG1qcDcrcU1uS2tXaGNESklQS0Y1dVlcL0k4NTArRzhWcU1FRWZtSjZzVmpVb1RKSVwvYmE4cWhBPT0iLCJtYWMiOiI5NmFkZTk1OThiMjM0OGI4ZGVhZTZhMDU4ZDU5ZTU2MTIyYjBkNDM0NTI1OTZiNjIxMTliYzQ2NDdkYzI0YWZlIn0%3D; expires=Sat, 21-Sep-2024 08:05:36 GMT; Max-Age=155520000; path=/; HttpOnly

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-760329461

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 686
date: Fri, 18 Oct 2019 07:54:10 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Fri, 18 Oct 2019 09:54:10 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 24 KB
9 KB 61ms
60ms Script
text/javascript 216.58.205.226
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-760329461

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.205.226 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s24-in-f2.1e100.net

Software

cafe /

Resource Hash

04cc99186aa1ed2c9e0989ad7f6a2e180508c8656caef8cd2b153fa8dbba9038

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 08:05:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9198
x-xss-protection: 0
server: cafe
etag: 4566352449703540938
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 18 Oct 2019 08:05:36 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
112 B 17ms
16ms Image
image/gif 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1348367233&t=pageview&_s=1&dl=https%3A%2F%2Ftenhamenosdividas.com%2Fsimulacao%2F%3Fv%3D1%26sub_id%3D102b8f1949341f6458d4e1272ab376%26adsid%3D_73705311616257098&ul=en-us&de=UTF-8&dt=Simulador%20Cr%C3%A9dito%20Consolidado&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=1894498350&gjid=1647984004&cid=760517030.1571385936&tid=UA-134638537-2&_gid=1033354634.1571385936&_r=1&gtm=2oaaa0&z=1641532724

Requested by

Host: tenhamenosdividas.com
URL: https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Oct 2019 08:05:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1348367233&t=pageview&_s=1&dl=https%3A%2F%2Ftenhamenosdividas.com%2Fsimulacao%2F%3Fv%3D1%26sub_id%3D102b8f1949341f6458d4e1272ab376%26adsid%3D...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-139839791-1&cid=760517030.1571385936&jid=302903298&_gid=1033354634.1571385936&gjid=488445914&_v=j79&z=1284199652
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-139839791-1&cid=760517030.1571385936&jid=302903298&_v=j79&z=1284199652
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-139839791-1&cid=760517030.1571385936&jid=302903298&_v=j79&z=1284199652&slf_rd=1&random=3571868523

42 B
109 B

36ms
35ms

Image
image/gif

2a00:1450:4001:81a::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-139839791-1&cid=760517030.1571385936&jid=302903298&_v=j79&z=1284199652&slf_rd=1&random=3571868523

Requested by

Host: tenhamenosdividas.com
URL: https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Oct 2019 08:05:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Oct 2019 08:05:36 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-139839791-1&cid=760517030.1571385936&jid=302903298&_v=j79&z=1284199652&slf_rd=1&random=3571868523
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/760329461/ 2 KB
1 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:81f::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/760329461/?random=1571385936167&cv=9&fst=1571385936167&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oaaa0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Ftenhamenosdividas.com%2Fsimulacao%2F%3Fv%3D1%26sub_id%3D102b8f1949341f6458d4e1272ab376%26adsid%3D_73705311616257098&tiba=Simulador%20Cr%C3%A9dito%20Consolidado&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

85f044d9457633c93a8bae610b43eebeed55114c60ac6e499f23732c3334d85e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Oct 2019 08:05:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1031
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/760329461/ 42 B
114 B 24ms
24ms Image
image/gif 2a00:1450:4001:800::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/760329461/?random=1571385936167&cv=9&fst=1571385600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oaaa0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Ftenhamenosdividas.com%2Fsimulacao%2F%3Fv%3D1%26sub_id%3D102b8f1949341f6458d4e1272ab376%26adsid%3D_73705311616257098&tiba=Simulador%20Cr%C3%A9dito%20Consolidado&async=1&fmt=3&is_vtc=1&random=3424401154&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: tenhamenosdividas.com
URL: https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Oct 2019 08:05:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/760329461/ 42 B
110 B 23ms
23ms Image
image/gif 2a00:1450:4001:81a::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/760329461/?random=1571385936167&cv=9&fst=1571385600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oaaa0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Ftenhamenosdividas.com%2Fsimulacao%2F%3Fv%3D1%26sub_id%3D102b8f1949341f6458d4e1272ab376%26adsid%3D_73705311616257098&tiba=Simulador%20Cr%C3%A9dito%20Consolidado&async=1&fmt=3&is_vtc=1&random=3424401154&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: tenhamenosdividas.com
URL: https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Oct 2019 08:05:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

1 Show response
mc.yandex.ru/watch/52397326/
Redirect Chain

https://mc.yandex.ru/watch/52397326?wmode=7&page-url=https%3A%2F%2Ftenhamenosdividas.com%2Fsimulacao%2F%3Fv%3D1%26sub_id%3D102b8f1949341f6458d4e1272ab376%26adsid%3D_73705311616257098&charset=utf-8&...
https://mc.yandex.ru/watch/52397326/1?wmode=7&page-url=https%3A%2F%2Ftenhamenosdividas.com%2Fsimulacao%2F%3Fv%3D1%26sub_id%3D102b8f1949341f6458d4e1272ab376%26adsid%3D_73705311616257098&charset=utf-...

152 B
709 B

53ms
52ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/52397326/1?wmode=7&page-url=https%3A%2F%2Ftenhamenosdividas.com%2Fsimulacao%2F%3Fv%3D1%26sub_id%3D102b8f1949341f6458d4e1272ab376%26adsid%3D_73705311616257098&charset=utf-8&browser-info=ti%3A10%3Ans%3A1571385934496%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A120%3Ai%3A20191018100536%3Aet%3A1571385936%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A731693987%3Ahid%3A512176210%3Ads%3A88%2C321%2C332%2C0%2C763%2C0%2C0%2C%2C%2C%2C%2C%2C%3Awn%3A62982%3Ahl%3A3%3Agdpr%3A14%3Av%3A1731%3Awv%3A2%3Ast%3A1571385936%3Au%3A1571385936204380216%3At%3ASimulador%20Cr%C3%A9dito%20Consolidado

Requested by

Host: tenhamenosdividas.com
URL: https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

def4d6916a11bb915c9fe13d9a8a1da220b12d4a3060ac07e49f33c5c36ce294

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Oct 2019 08:05:36 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 18-Oct-2019 08:05:36 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=31536000
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://tenhamenosdividas.com
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 152
X-XSS-Protection: 1; mode=block
Expires: Fri, 18-Oct-2019 08:05:36 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 18 Oct 2019 08:05:36 GMT
Last-Modified: Fri, 18-Oct-2019 08:05:36 GMT
Server: nginx/1.14.2
Access-Control-Allow-Origin: https://tenhamenosdividas.com
Strict-Transport-Security: max-age=31536000
Location: /watch/52397326/1?wmode=7&page-url=https%3A%2F%2Ftenhamenosdividas.com%2Fsimulacao%2F%3Fv%3D1%26sub_id%3D102b8f1949341f6458d4e1272ab376%26adsid%3D_73705311616257098&charset=utf-8&browser-info=ti%3A10%3Ans%3A1571385934496%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A120%3Ai%3A20191018100536%3Aet%3A1571385936%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A731693987%3Ahid%3A512176210%3Ads%3A88%2C321%2C332%2C0%2C763%2C0%2C0%2C%2C%2C%2C%2C%2C%3Awn%3A62982%3Ahl%3A3%3Agdpr%3A14%3Av%3A1731%3Awv%3A2%3Ast%3A1571385936%3Au%3A1571385936204380216%3At%3ASimulador%20Cr%C3%A9dito%20Consolidado
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Fri, 18-Oct-2019 08:05:36 GMT

GET
H2 200 sprite.png
tenhamenosdividas.com/simulacao/dist/images/ 10 KB
10 KB 306ms
306ms Image
image/png 209.58.128.87
Leaseweb USA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tenhamenosdividas.com/simulacao/dist/images/sprite.png
Requested by: Host: tenhamenosdividas.com
URL: https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.58.128.87 San Francisco, United States, ASN7203 (LEASEWEB-USA-SFO-12 - Leaseweb USA, Inc., US),
Reverse DNS: isaltino.srv.codereach.pw
Software: nginx / PleskLin
Resource Hash: 01d6ece40a680199158abdfbbc6eb740baa4fd96a9908d63b3737ce45de09c20

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://tenhamenosdividas.com/simulacao/dist/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 08:05:36 GMT
last-modified: Mon, 22 Jul 2019 10:14:37 GMT
server: nginx
x-powered-by: PleskLin
etag: "5d358c8d-2652"
content-type: image/png
status: 200
accept-ranges: bytes
content-length: 9810

GET
H2 200 css
fonts.googleapis.com/ 9 KB
807 B 19ms
19ms Stylesheet
text/css 2a00:1450:4001:821::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:300,400,700

Requested by

Host: tenhamenosdividas.com
URL: https://tenhamenosdividas.com/simulacao/dist/scripts.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

af7d57ae7f1e10331e7c7f2d803aed66185a121fe98b4883b3fe75a59dd84915

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Fri, 18 Oct 2019 08:05:36 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Fri, 18 Oct 2019 08:05:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Fri, 18 Oct 2019 08:05:36 GMT

GET
H/1.1 200
OK advert.gif
mc.yandex.ru/metrika/ 43 B
445 B 48ms
47ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: tenhamenosdividas.com
URL: https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 18 Oct 2019 08:05:37 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Oct 2015 13:09:09 GMT
Server: nginx/1.14.2
ETag: "561bb0f5-3d"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Content-Length: 61
Expires: Fri, 18 Oct 2019 09:05:37 GMT

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-59356b6bdf382d70/ 3 KB
1011 B 101ms
101ms Script
application/javascript 23.210.248.44
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-59356b6bdf382d70/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-210-248-44.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.8.v20180619) /
Resource Hash: db04b08a96796880542fe2887fc0933c52c88171268419eae038d23ce338364d

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 08:05:37 GMT
content-encoding: gzip
surrogate-key: ra-59356b6bdf382d70
server: Jetty(9.4.8.v20180619)
cache-tag: ra-59356b6bdf382d70
etag: -701058824--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
status: 200
cache-control: public, max-age=8, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 765

GET
H2 200 TK3iWkUHHAIjg752GT8Gl-1PKw.woff2
fonts.gstatic.com/s/oswald/v26/ 25 KB
25 KB 5ms
5ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v26/TK3iWkUHHAIjg752GT8Gl-1PKw.woff2

Requested by

Host: tenhamenosdividas.com
URL: https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

e747521bc9729c30f06bda6471e77ad26ce0e05b104743e93fe14c8ef3b559a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:300,400,700
Origin: https://tenhamenosdividas.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 02:04:40 GMT
x-content-type-options: nosniff
last-modified: Thu, 26 Sep 2019 22:26:47 GMT
server: sffe
age: 194457
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 25376
x-xss-protection: 0
expires: Thu, 15 Oct 2020 02:04:40 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 5ms
5ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: tenhamenosdividas.com
URL: https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:300,400,700
Origin: https://tenhamenosdividas.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 09:58:45 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 770812
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9132
x-xss-protection: 0
expires: Thu, 08 Oct 2020 09:58:45 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 5ms
5ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: tenhamenosdividas.com
URL: https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:300,400,700
Origin: https://tenhamenosdividas.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 12 Oct 2019 00:19:13 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:31:11 GMT
server: sffe
age: 546384
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9080
x-xss-protection: 0
expires: Sun, 11 Oct 2020 00:19:13 GMT

GET
H2 200 layers.ab5cd98fe1b9a38a4a9f.js Show response
s7.addthis.com/static/ 263 KB
76 KB 8ms
8ms Script
application/javascript 23.210.248.44
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.ab5cd98fe1b9a38a4a9f.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

ecc0c4a707efeb061b7de57440221feb21ab08022938aaacee779e98fe809235

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Wed, 18 Sep 2019 14:16:17 GMT
server: nginx/1.15.8
etag: W/"5d823c31-41b9f"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86313600
date: Fri, 18 Oct 2019 08:05:37 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77528

GET
H2 200 client.pt.min.json Show response
s7.addthis.com/l10n/ 4 KB
2 KB 14ms
14ms XHR
application/json 23.210.248.44
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/l10n/client.pt.min.json

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

2a0114ee843f8e5fcb15026a43365c3455464f43e1ea135b075e49662a9905b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Sec-Fetch-Mode: cors
Referer: https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Fri, 11 Oct 2019 10:31:06 GMT
server: nginx/1.15.8
status: 200
etag: W/"5da059ea-e24"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, s-maxage=604800
date: Fri, 18 Oct 2019 08:05:37 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 1747

GET
H2 200 / Show response
graph.facebook.com/ 148 B
336 B 179ms
149ms Script
text/javascript 2a03:2880:f007:1:face:b00c:0:1
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?id=https%3A%2F%2Ftenhamenosdividas.com%2Fsimulacao%2F%3Fv%3D1%26sub_id%3D102b8f1949341f6458d4e1272ab376%26adsid%3D_73705311616257098&fields=og_object%7Bengagement%7D&callback=_ate.cbs.rcb_jhwo0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:1:face:b00c:0:1 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

3cfc86f68b9c766ef0dc636ab7f3dbf9fe012cf64da791e23644b9fc4bbfeb9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
etag: "936cba543457c0a4de1341aaa7ff8548bb47edd5"
x-app-usage: {"call_count":0,"total_cputime":0,"total_time":0}
status: 200
x-fb-rev: 1001312371
alt-svc: h3-23=":443"; ma=3600
content-length: 148
pragma: no-cache
x-fb-debug: 0lE3wLYs8zqLSydkXtUiviwT0wKYvXYvMYRqeAJ9e+I8zZTRrIvJy27GrqTYOVKq3p1VocI7tiXMVawNKBkqLQ==
x-fb-trace-id: AQxLupDZhpW
date: Fri, 18 Oct 2019 08:05:38 GMT
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: ATfYSRGhx27yHskZb1De2kh
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v2.10
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
graph.facebook.com/ 147 B
602 B 176ms
146ms Script
text/javascript 2a03:2880:f007:1:face:b00c:0:1
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?id=http%3A%2F%2Ftenhamenosdividas.com%2Fsimulacao%2F%3Fv%3D1%26sub_id%3D102b8f1949341f6458d4e1272ab376%26adsid%3D_73705311616257098&fields=og_object%7Bengagement%7D&callback=_ate.cbs.rcb_h32y0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:1:face:b00c:0:1 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

03c9cd06dadb5227c9152213047bbfc2a89b849ba8df339f120aa98f6cc4f4c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://tenhamenosdividas.com/simulacao/?v=1&sub_id=102b8f1949341f6458d4e1272ab376&adsid=_73705311616257098
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
etag: "8bc76e06eef15a3dcd21c594c25c1ff52ec385b6"
x-app-usage: {"call_count":0,"total_cputime":0,"total_time":0}
status: 200
x-fb-rev: 1001312371
alt-svc: h3-23=":443"; ma=3600
content-length: 147
pragma: no-cache
x-fb-debug: 8mlENTMtYHym6fKyOzN/14fuP3Ea6yLYxNyoPGBYG6BDXeQ9kDr7ygogISVF4Z4AjUtEb1l2Ks1ayvoubijSyw==
x-fb-trace-id: CCh2rLRCoc1
date: Fri, 18 Oct 2019 08:05:38 GMT
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: AWUKXT50sbZvhGQNDW80ZeC
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v2.10
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
DATA 200
OK truncated
/ 443 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
adsplatform.com/	1970-01-20 23:41:45	Name: laravel_session Value: eyJpdiI6InlXdGY2dWVGcXdZVXE4bG53blwva0pBPT0iLCJ2YWx1ZSI6ImUzSzlzb2RkdmJhaWN3MkNhaVdqbGFcL05ZZmhMWWdOZG1qcDcrcU1uS2tXaGNESklQS0Y1dVlcL0k4NTArRzhWcU1FRWZtSjZzVmpVb1RKSVwvYmE4cWhBPT0iLCJtYWMiOiI5NmFkZTk1OThiMjM0OGI4ZGVhZTZhMDU4ZDU5ZTU2MTIyYjBkNDM0NTI1OTZiNjIxMTliYzQ2NDdkYzI0YWZlIn0%3D
adsplatform.com/	1970-01-19 04:30:29	Name: uci[10507] Value: eyJpdiI6Ijd2Wng5QTZEVXpGamRCWDZwVm9KMFE9PSIsInZhbHVlIjoiY0RjQ2pXRTE4M093RjAyTHlSUmh4QT09IiwibWFjIjoiYTAzZWZhMWIxM2E2ODA0ODM2YjcwOWQxNTYyYWQ5YjMyZWY5ZWM5OTM1NDY0ZDdiMjIwNjBhYmY4YzU1M2RjNCJ9
.tenhamenosdividas.com/	1970-01-19 04:30:57	Name: _ym_isad Value: 2
.tenhamenosdividas.com/	1970-01-19 04:29:47	Name: _ym_visorc_52397326 Value: w
.tenhamenosdividas.com/	1970-01-19 13:15:21	Name: _ym_d Value: 1571385936
.tenhamenosdividas.com/	1970-01-19 13:15:21	Name: _ym_uid Value: 1571385936204380216
.tenhamenosdividas.com/	1970-01-19 04:29:45	Name: _gat_gtag_UA_139839791_1 Value: 1
.tenhamenosdividas.com/	1970-01-19 04:29:45	Name: _gat_gtag_UA_134638537_2 Value: 1
tenhamenosdividas.com/	1970-01-19 04:29:47	Name: __atuvs Value: 5da97250243d188d000
tenhamenosdividas.com/	1970-01-19 14:01:30	Name: __atuvc Value: 1%7C42
.tenhamenosdividas.com/	1970-01-19 04:31:12	Name: _gid Value: GA1.2.1033354634.1571385936
.tenhamenosdividas.com/	1970-01-19 22:00:57	Name: _ga Value: GA1.2.760517030.1571385936
tenhamenosdividas.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: kl0i5h1jgc2ab1938t4como5e3

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adsplatform.com
analytics.tradedoubler.com
api.easyacross.com
cdnjs.cloudflare.com
clk.tradedoubler.com
code.jquery.com
fd.yioleny.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
graph.facebook.com
ib.adnxs.com
mc.yandex.ru
oxy.agency
s7.addthis.com
stats.g.doubleclick.net
tenhamenosdividas.com
track.suamelhorpromocao.pt
tracking.check-my-ads.com
v1.addthisedge.com
vht.tradedoubler.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
13.225.78.49
148.251.48.109
188.165.150.177
2001:4de0:ac19::1:b:3b
209.58.128.87
216.58.205.226
23.210.248.44
2606:4700::6813:c697
2a00:1450:4001:800::2004
2a00:1450:4001:815::200e
2a00:1450:4001:81a::2003
2a00:1450:4001:81a::2008
2a00:1450:4001:81f::2002
2a00:1450:4001:821::200a
2a00:1450:4001:825::2003
2a00:1450:400c:c04::9b
2a02:6b8::1:119
2a03:2880:f007:1:face:b00c:0:1
37.252.173.62
52.16.193.190
52.207.130.22
54.77.150.202
99.80.231.125
01d6ece40a680199158abdfbbc6eb740baa4fd96a9908d63b3737ce45de09c20
03c9cd06dadb5227c9152213047bbfc2a89b849ba8df339f120aa98f6cc4f4c7
04cc99186aa1ed2c9e0989ad7f6a2e180508c8656caef8cd2b153fa8dbba9038
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
1191d7af1bc73d8b7d32f042374d51f6f412a27613c71013ae7d47615406fb32
17ee72d8421cc64e48d5e885c090851028f91129555be935403a51c55eff2e9d
1d4af28662ec7b9cd456825a5a4d27a1d98a160b27c8b45a32ea8694221b427b
2a0114ee843f8e5fcb15026a43365c3455464f43e1ea135b075e49662a9905b9
3cfc86f68b9c766ef0dc636ab7f3dbf9fe012cf64da791e23644b9fc4bbfeb9e
3fe882b4bbc682a69556b1de01ea429af8894116e341f3446ea1929ad8cb1796
42a1360af50656d0a0b7b3a40d07f7eeeeb9b5bdfa5c8c95ba5b15b7880be6ad
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
4ca26fa85fbc0624c511df651feab2532b477c1d50cc3d5567924a74f798f417
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5737512afe5af4dd46940d84c0312f4a486d8cd231ffc93af9564264f19e8b97
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
668522ce09acfd384d09a3f821e0c64763e2570368f76a3ae1e21738d6ce36df
6a64f3d308a61b7c20a15f19ec010830b8c8e47da64b4bea1511b8e3d69f2acb
6cd8c18be12a4ca2df7ffa6022634ab36d81cbc6923df9f436254750156467f9
6fc9f6b04711e15e8bb63d819efd89fdaca8f0768d5e59582f301f25f3c9f795
73b5fd7a552e4a9e24ded07eb7159afe80dffa2df58ae9990d657bf5b9c01a4b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85f044d9457633c93a8bae610b43eebeed55114c60ac6e499f23732c3334d85e
9f2917bb2e27d806bb90f896c90239be8a263732f792cb8265f39a7b3c893861
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a95ebbca9b2c9a1cbd25f9b5070862c532bf98170e12f9d53b0212e2569622c2
af10f344644a26cb841faf7db9da8140814908d7f6fe0f8044ab2586d20d0e04
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
af7d57ae7f1e10331e7c7f2d803aed66185a121fe98b4883b3fe75a59dd84915
b8da5a01a403fd9b978e77b69f3275ae3e5370145dcbcd3af42c509735426e3d
bcb4fe6b72cdb3de0386efad6e4527adfdf5f0cc45ffec4dec2e138106de1341
cd85630e963a6f91f4995e7589ca6fb44e77b1843e5727f2fc3f85113f7d03d2
d39c54f2463d628397998bf547ff60183ae98bdd480efff23e9df38263eefee0
db04b08a96796880542fe2887fc0933c52c88171268419eae038d23ce338364d
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
def4d6916a11bb915c9fe13d9a8a1da220b12d4a3060ac07e49f33c5c36ce294
e747521bc9729c30f06bda6471e77ad26ce0e05b104743e93fe14c8ef3b559a7
ecc0c4a707efeb061b7de57440221feb21ab08022938aaacee779e98fe809235
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ff070f7d693fdc010504f59a2bb43fa7c05306bc928b58cb5be5dcf74ef94c15

tenhamenosdividas.com Open in urlscan Pro 209.58.128.87 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

47 Requests

100 %HTTPS

52 %IPv6

23 Domains

26 Subdomains

21 IPs

8 Countries

1061 kBTransfer

2037 kBSize

13 Cookies

2 Outgoing links

Page URL History

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

tenhamenosdividas.com Open in urlscan Pro
209.58.128.87 Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

100 %
HTTPS

52 %
IPv6

23
Domains

26
Subdomains

21
IPs

8
Countries

1061 kB
Transfer

2037 kB
Size

13
Cookies

47 HTTP transactions
1 data transactions