havan.meuacerto.com.br Open in urlscan Pro
191.233.28.251 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://secure-web.cisco.com/1-waVdHC4z1pJMvS_e6q99BIi3BZcqSaOx28SLIEHiyELN-s6LvW-kqUfFMlIxMEf-cm4w3Sbx6AXQSEZHyVQ2bYWtt73ytm...
Effective URL:
https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_c...
Submission: On October 28 via manual (October 28th 2022, 1:00:53 pm UTC) from BR — Scanned from DE

Summary HTTP 145 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 45 IPs in 7 countries across 32 domains to perform 145 HTTP transactions. The main IP is 191.233.28.251, located in Campinas, Brazil and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is havan.meuacerto.com.br.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on January 13th 2022. Valid for: a year.

This is the only time havan.meuacerto.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a04:e4c7:fff... 2a04:e4c7:ffff::69	36692 (OPENDNS) (OPENDNS)
1 1	34.86.85.56 34.86.85.56	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	18.214.171.162 18.214.171.162	14618 (AMAZON-AES) (AMAZON-AES)
41	191.233.28.251 191.233.28.251	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	20.150.111.4 20.150.111.4	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	52.14.86.234 52.14.86.234	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2	2606:4700:1::... 2606:4700:1::6813:844e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6813:9408	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.225.78.63 13.225.78.63	16509 (AMAZON-02) (AMAZON-02)
12	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 4	138.201.230.88 138.201.230.88	24940 (HETZNER-AS) (HETZNER-AS)
1	23.35.236.188 23.35.236.188	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2620:1ec:bdf::45 2620:1ec:bdf::45	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
11	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c1b::9c	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	13.224.189.26 13.224.189.26	16509 (AMAZON-02) (AMAZON-02)
1	185.89.210.244 185.89.210.244	29990 (ASN-APPNEX) (ASN-APPNEX)
2	13.224.189.10 13.224.189.10	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
6	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
4	54.231.231.0 54.231.231.0	16509 (AMAZON-02) (AMAZON-02)
3	3.132.18.62 3.132.18.62	16509 (AMAZON-02) (AMAZON-02)
3	20.75.32.255 20.75.32.255	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	104.16.51.111 104.16.51.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2016	15169 (GOOGLE) (GOOGLE)
1	2.21.20.217 2.21.20.217	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	13.224.189.95 13.224.189.95	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	34.251.90.55 34.251.90.55	16509 (AMAZON-02) (AMAZON-02)
1	62.138.6.193 62.138.6.193	20773 (GODADDY) (GODADDY)
1	85.25.203.29 85.25.203.29	8972 (GD-EMEA-D...) (GD-EMEA-DC-SXB1)
1	157.245.26.63 157.245.26.63	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
145	45

1 2a04:e4c7:ffff::69 (United States) 1 redirects

ASN36692 (OPENDNS, US)

secure-web.cisco.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.86.85.56 (Washington, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 56.85.86.34.bc.googleusercontent.com

email.havan.meuacerto.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.214.171.162 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-171-162.compute-1.amazonaws.com

track.bmgresolve.meuacerto.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 191.233.28.251 (Campinas, Brazil)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

havan.meuacerto.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.150.111.4 (Campinas, Brazil)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

meuacertopublic.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.14.86.234 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-14-86-234.us-east-2.compute.amazonaws.com

us-pub.dengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:1::6813:844e (United States)

ASN13335 (CLOUDFLARENET, US)

a.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-63.fra2.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.230.88 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.88.230.201.138.clients.your-server.de

x.cnt.my	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::45 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.18.72.113 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c1b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-26.fra2.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.210.244 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.189.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-10.fra2.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.231.231.0 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.132.18.62 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-132-18-62.us-east-2.compute.amazonaws.com

us-event.dengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-push.dengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.75.32.255 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

b.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.51.111 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

meuacertohelp.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.21.20.217 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-20-217.deploy.static.akamaitechnologies.com

iosite.reclameaqui.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-95.fra2.r.cloudfront.net

pagestates-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.251.90.55 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-90-55.eu-west-1.compute.amazonaws.com

tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.138.6.193 (Strasbourg, France)

ASN20773 (GODADDY, DE)
PTR: astra4639.startdedicated.com

citydsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.25.203.29 (Strasbourg, France)

ASN8972 (GD-EMEA-DC-SXB1, DE)
PTR: static-ip-85-25-203-29.inaddr.ip-pool.com

retagro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.245.26.63 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

anilima.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	meuacerto.com.br 2 redirects email.havan.meuacerto.com.br track.bmgresolve.meuacerto.com.br havan.meuacerto.com.br	5 MB
11	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 1825 ekr.zdassets.com — Cisco Umbrella Rank: 2140	296 KB
9	youtube.com www.youtube.com — Cisco Umbrella Rank: 93	792 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com	183 KB
8	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36 jnn-pa.googleapis.com — Cisco Umbrella Rank: 258 ajax.googleapis.com — Cisco Umbrella Rank: 293	125 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1316 b.clarity.ms — Cisco Umbrella Rank: 9256 c.clarity.ms — Cisco Umbrella Rank: 1837	27 KB
7	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 1641 pagestates-tracking.crazyegg.com — Cisco Umbrella Rank: 3369 assets-tracking.crazyegg.com — Cisco Umbrella Rank: 3327 tracking.crazyegg.com — Cisco Umbrella Rank: 3305	35 KB
6	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 76 googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 static.doubleclick.net — Cisco Umbrella Rank: 317	3 KB
4	amazonaws.com s3.amazonaws.com	36 KB
4	google.com region1.analytics.google.com — Cisco Umbrella Rank: 5362 www.google.com — Cisco Umbrella Rank: 2	15 KB
4	cnt.my 1 redirects x.cnt.my — Cisco Umbrella Rank: 99156	4 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 378 c.bing.com — Cisco Umbrella Rank: 252	12 KB
4	dengage.com us-pub.dengage.com us-event.dengage.com us-push.dengage.com	34 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6364	628 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	20 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 616 script.hotjar.com — Cisco Umbrella Rank: 771 vars.hotjar.com — Cisco Umbrella Rank: 882	69 KB
2	zendesk.com meuacertohelp.zendesk.com	922 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 106	226 B
2	adnxs.com acdn.adnxs.com — Cisco Umbrella Rank: 595 ib.adnxs.com — Cisco Umbrella Rank: 210	4 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 145	112 KB
2	mgid.com a.mgid.com — Cisco Umbrella Rank: 19862	6 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 51	162 KB
1	anilima.com anilima.com — Cisco Umbrella Rank: 291173	294 B
1	retagro.com retagro.com — Cisco Umbrella Rank: 145028	294 B
1	citydsp.com citydsp.com — Cisco Umbrella Rank: 118290	693 B
1	reclameaqui.com.br iosite.reclameaqui.com.br — Cisco Umbrella Rank: 149151	3 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 109	12 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 224	2 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 131	15 KB
1	windows.net meuacertopublic.blob.core.windows.net	12 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 949	43 KB
1	cisco.com 1 redirects secure-web.cisco.com — Cisco Umbrella Rank: 13534	624 B
145	32

	Domain	Requested by
41	havan.meuacerto.com.br	havan.meuacerto.com.br
10	static.zdassets.com	www.googletagmanager.com static.zdassets.com
9	www.youtube.com	havan.meuacerto.com.br www.youtube.com
6	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
4	jnn-pa.googleapis.com	www.youtube.com
4	s3.amazonaws.com	havan.meuacerto.com.br s3.amazonaws.com
4	x.cnt.my	1 redirects havan.meuacerto.com.br x.cnt.my
4	script.crazyegg.com	www.googletagmanager.com script.crazyegg.com
3	b.clarity.ms	www.clarity.ms
3	www.google.com	havan.meuacerto.com.br www.youtube.com
3	googleads.g.doubleclick.net	1 redirects www.googleadservices.com www.youtube.com
3	www.google.de	havan.meuacerto.com.br
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com havan.meuacerto.com.br
3	fonts.googleapis.com	havan.meuacerto.com.br s3.amazonaws.com client
2	c.clarity.ms	1 redirects
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	meuacertohelp.zendesk.com	static.zdassets.com
2	us-event.dengage.com	us-pub.dengage.com
2	www.facebook.com	connect.facebook.net
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.clarity.ms	havan.meuacerto.com.br www.clarity.ms
2	connect.facebook.net	havan.meuacerto.com.br connect.facebook.net
2	a.mgid.com	www.googletagmanager.com havan.meuacerto.com.br
2	www.googletagmanager.com	havan.meuacerto.com.br www.googletagmanager.com
1	us-push.dengage.com	us-pub.dengage.com
1	anilima.com	citydsp.com
1	retagro.com	citydsp.com
1	citydsp.com	x.cnt.my
1	tracking.crazyegg.com	script.crazyegg.com
1	c.bing.com	1 redirects
1	ajax.googleapis.com	x.cnt.my
1	assets-tracking.crazyegg.com	script.crazyegg.com
1	pagestates-tracking.crazyegg.com	script.crazyegg.com
1	iosite.reclameaqui.com.br	s3.amazonaws.com
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	ekr.zdassets.com	static.zdassets.com
1	vars.hotjar.com	static.hotjar.com
1	ib.adnxs.com	havan.meuacerto.com.br
1	script.hotjar.com	static.hotjar.com
1	region1.analytics.google.com	www.googletagmanager.com
1	acdn.adnxs.com	havan.meuacerto.com.br
1	static.hotjar.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	us-pub.dengage.com	havan.meuacerto.com.br
1	meuacertopublic.blob.core.windows.net	havan.meuacerto.com.br
1	www.googleoptimize.com	havan.meuacerto.com.br
1	track.bmgresolve.meuacerto.com.br	1 redirects
1	email.havan.meuacerto.com.br	1 redirects
1	secure-web.cisco.com	1 redirects
145	52

This site contains links to these domains. Also see Links.

Domain
meuacerto.com.br
wl.meuacerto.com.br
www.reclameaqui.com.br
recoverynegociacao.meuacerto.com.br
bancointer.meuacerto.com.br
sky.meuacerto.com.br
bmg.meuacerto.com.br
original.meuacerto.com.br
c6bank.meuacerto.com.br
itapeva.meuacerto.com.br
carrefour.meuacerto.com.br
atacadao.meuacerto.com.br
midway.meuacerto.com.br
portoseguro.meuacerto.com.br
bancopan.meuacerto.com.br

Subject Issuer	Validity	Valid
meuacerto.com.br Sectigo RSA Organization Validation Secure Server CA	`2022-01-13` - `2023-01-13`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.blob.core.windows.net Microsoft RSA TLS CA 02	`2022-09-25` - `2023-09-25`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.dengage.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-15` - `2023-01-15`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-11`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-09-03` - `2023-03-03`	6 months	crt.sh
*.hotjar.com Amazon	`2022-10-25` - `2023-11-23`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-08-06` - `2022-11-04`	3 months	crt.sh
*.x.cnt.my R3	`2022-09-17` - `2022-12-16`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-12-10` - `2022-12-09`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
ssl1036557.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2022-06-08` - `2022-12-15`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
s3.amazonaws.com Amazon	`2022-04-01` - `2023-03-30`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh
meuacertohelp.zendesk.com Cloudflare Inc ECC CA-3	`2022-06-01` - `2023-05-31`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
www.reclameaqui.com.br R3	`2022-09-26` - `2022-12-25`	3 months	crt.sh
crazyegg.com Amazon	`2022-06-27` - `2023-07-26`	a year	crt.sh
citydsp.com R3	`2022-09-26` - `2022-12-25`	3 months	crt.sh
adprety.com R3	`2022-09-26` - `2022-12-25`	3 months	crt.sh
akimilo.com R3	`2022-10-17` - `2023-01-15`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022
Frame ID: 05B76155D9E9F982E8BD957BB3A6382F
Requests: 116 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-c1417f7b48595d0dbca01c86f95d6dbb.html
Frame ID: A1F0F332FF9756EE1703395B240E90BA
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/sl1uGvGq7_U
Frame ID: F3799C9119906DB5D35F23DB9CFEBB2F
Requests: 21 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/web-widget-framework-e02dceabb69d6ba4a66a.js
Frame ID: C4F99171E496A9502FA2EC67D1F85A1E
Requests: 11 HTTP requests in this frame

Frame: data://truncated
Frame ID: DBD0EA73DA39CFB3C050145BC97D0D5D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Havan: Negocie sua dívida com até 60% de desconto! | Acerto

Page URL History Show full URLs

https://secure-web.cisco.com/1-waVdHC4z1pJMvS_e6q99BIi3BZcqSaOx28SLIEHiyELN-s6LvW-kqUfFMlIxMEf-cm4w3Sbx6A... HTTP 302
https://email.havan.meuacerto.com.br/c/eJxlksuuozAQRL8mWSI_8GvB4t6Zm98YGWz8ANsYG0Py9ZPMdlol9aZULZ1qPUD6HkR7xu5qAF... HTTP 302
http://track.bmgresolve.meuacerto.com.br/?xtl=1zo27nkwg0n8w3snfnqocsv8f9jt6jwcpj9vmqxisgp136piiwtq1zsuzd7f93r1gwyeg4d... HTTP 302
https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term... Page URL

Detected technologies

YouTube (Video Players) Expand

Overall confidence: 100%
Detected patterns

<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

145
Requests

97 %
HTTPS

49 %
IPv6

32
Domains

52
Subdomains

45
IPs

7
Countries

7640 kB
Transfer

11554 kB
Size

37
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022

Search URL Search Domain Scan URL

URL: https://wl.meuacerto.com.br/login?tema=havan&utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022
Title: Entrar

Search URL Search Domain Scan URL

URL: https://wl.meuacerto.com.br/login
Title: Quero negociar

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/empresa/meu-acerto/?utm_source=referral&utm_medium=embbed&utm_campaign=reputacao&utm_term=horizontal
Title: Ótimo

Search URL Search Domain Scan URL

URL: https://recoverynegociacao.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022

Search URL Search Domain Scan URL

URL: https://bancointer.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022

Search URL Search Domain Scan URL

URL: https://sky.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022

Search URL Search Domain Scan URL

URL: https://bmg.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022

Search URL Search Domain Scan URL

URL: https://original.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022

Search URL Search Domain Scan URL

URL: https://c6bank.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022

Search URL Search Domain Scan URL

URL: https://itapeva.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022

Search URL Search Domain Scan URL

URL: https://carrefour.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022

Search URL Search Domain Scan URL

URL: https://atacadao.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022

Search URL Search Domain Scan URL

URL: https://midway.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022

Search URL Search Domain Scan URL

URL: https://portoseguro.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022

Search URL Search Domain Scan URL

URL: https://bancopan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022

Search URL Search Domain Scan URL

URL: https://meuacerto.com.br/politica-de-privacidade.html
Title: Política de Privacidade e Cookies

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://secure-web.cisco.com/1-waVdHC4z1pJMvS_e6q99BIi3BZcqSaOx28SLIEHiyELN-s6LvW-kqUfFMlIxMEf-cm4w3Sbx6AXQSEZHyVQ2bYWtt73ytmJAAVowsNekZ_RBW92Vj-siqmvzNtSUY5ZlUv6IxuxXDsVL1MOyOiHGIGc60GhZfoa8Wm86T_UVoudqAE9QI4WRu0p7uxXUYGcVyzKEEwh0BpIsGk2TlVrT6kyBc4nKVuKnQ2aE16t1e9b81PBXpzCnzTp5GKtz-NDc061mxrXVh56TYQ47ccbkTHBwQOBCBrLRRCDf23XZBoJ17f7SddHVi9ZWhhct0xyJNjDWP6SjolkDK2POyxUXQ/https%3A%2F%2Femail.havan.meuacerto.com.br%2Fc%2FeJxlksuuozAQRL8mWSI_8GvB4t6Zm98YGWz8ANsYG0Py9ZPMdlol9aZULZ1qPUD6HkR7xu5qAFJTPN_dgABCEKAekp4R1sHu-8HgD__6-SUQA_Sb3XpgZZOxC_qQk95r6qYUunG_2wFxwDkSlKuZc40hnyTTRExCaMYI0fcwEIRAj4G4r4Otdbvhrxt6vFV3OS3dGMyuS1qb_i_-Y8OPq643_Bu-EmJxOQ2I_MQlzjGnqTQ-C1-pP6fNixby5YrZIKabc2fN8FWOl2KzwDs051ObXm0yJ7BCtZbt4OtyXGbMQe_emCTyDnvR4_OVMvCtiR1JWauHIbCpIIUm5S_pNsXcaBa9X8uo6yhDpRC_UpHIxoPhsag4e9KCqmuzmfZxlnRv1FuaARzt6FEk1LhLbzX4Cy41uomwdGYO7TYaXkl-xUzQPGur0bnK1Juq5myprEfieRzDczXp1Mp-eBBFwGT5isEb8tl665aj8D5gq6IxT5J4qSrxJ0BXXk61RHrcENXOvpniBKMuUWsvyrFFpIlq09navvY2HLqV2Qhw3wdX5KjXP-h94_MKqQbp1k9H9zpc3b5wNYHuXXDf7RDD7P4tTDqbvKpLxwRtz05hQGkHlXd_ASvW2U4 HTTP 302
https://email.havan.meuacerto.com.br/c/eJxlksuuozAQRL8mWSI_8GvB4t6Zm98YGWz8ANsYG0Py9ZPMdlol9aZULZ1qPUD6HkR7xu5qAFJTPN_dgABCEKAekp4R1sHu-8HgD__6-SUQA_Sb3XpgZZOxC_qQk95r6qYUunG_2wFxwDkSlKuZc40hnyTTRExCaMYI0fcwEIRAj4G4r4Otdbvhrxt6vFV3OS3dGMyuS1qb_i_-Y8OPq643_Bu-EmJxOQ2I_MQlzjGnqTQ-C1-pP6fNixby5YrZIKabc2fN8FWOl2KzwDs051ObXm0yJ7BCtZbt4OtyXGbMQe_emCTyDnvR4_OVMvCtiR1JWauHIbCpIIUm5S_pNsXcaBa9X8uo6yhDpRC_UpHIxoPhsag4e9KCqmuzmfZxlnRv1FuaARzt6FEk1LhLbzX4Cy41uomwdGYO7TYaXkl-xUzQPGur0bnK1Juq5myprEfieRzDczXp1Mp-eBBFwGT5isEb8tl665aj8D5gq6IxT5J4qSrxJ0BXXk61RHrcENXOvpniBKMuUWsvyrFFpIlq09navvY2HLqV2Qhw3wdX5KjXP-h94_MKqQbp1k9H9zpc3b5wNYHuXXDf7RDD7P4tTDqbvKpLxwRtz05hQGkHlXd_ASvW2U4 HTTP 302
http://track.bmgresolve.meuacerto.com.br/?xtl=1zo27nkwg0n8w3snfnqocsv8f9jt6jwcpj9vmqxisgp136piiwtq1zsuzd7f93r1gwyeg4dpaqo0l1dlspu8lkuxgbqmerjggo9qr14943wzoq0jvv9r2aattj1mm7cs2d2cdjxaipd7ibgkerxkbetbamt613zosa2hnu73bsdnfj5vmdtlvhq64nfa6rv6jh6q01bhbj2n56gixeptmjx1ktnic57owq81hpbg8t5qznq52ffehe2wlao4gtdfqh6atuo8qbbmylgowedh7nkw5d50ch8l30204wv4hikus84m3hdnggy5o8stdo8y02xqkwdkn6u&eih=3o1nesneej9supn2e5dvcwvvrl4hmuevsfg90 HTTP 302
https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://x.cnt.my/px/?r=0.9029004076818816&dom=havan.meuacerto.com.br&tz=0&sw=1600&sh=1200&ow=1600&oh=1200&iw=1600&ih=1200&scd=24&url=https%3A%2F%2Fhavan.meuacerto.com.br%2F%3Futm_source%3Dcrm%26utm_medium%3Demail_mailgun%26utm_campaign%3Dhavan_informe%26utm_term%3Dcamp-cap_null%26utm_content%3Dnull_null_24102022 HTTP 301
https://x.cnt.my/px/?r=0.9029004076818816&dom=havan.meuacerto.com.br&tz=0&sw=1600&sh=1200&ow=1600&oh=1200&iw=1600&ih=1200&scd=24&url=https%3A%2F%2Fhavan.meuacerto.com.br%2F%3Futm_source%3Dcrm%26utm_medium%3Demail_mailgun%26utm_campaign%3Dhavan_informe%26utm_term%3Dcamp-cap_null%26utm_content%3Dnull_null_24102022&rand=0.30401824185804127&xtmp=1

Request Chain 98

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 122

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=9594C18AD661438E8AE765EEBF635436&RedC=c.clarity.ms&MXFR=2A90169361256194246304D865256FDA HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=9594C18AD661438E8AE765EEBF635436&MUID=030AD592A74867213081C7D9A6396658

145 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
havan.meuacerto.com.br/
Redirect Chain

https://secure-web.cisco.com/1-waVdHC4z1pJMvS_e6q99BIi3BZcqSaOx28SLIEHiyELN-s6LvW-kqUfFMlIxMEf-cm4w3Sbx6AXQSEZHyVQ2bYWtt73ytmJAAVowsNekZ_RBW92Vj-siqmvzNtSUY5ZlUv6IxuxXDsVL1MOyOiHGIGc60GhZfoa8Wm86T_...
https://email.havan.meuacerto.com.br/c/eJxlksuuozAQRL8mWSI_8GvB4t6Zm98YGWz8ANsYG0Py9ZPMdlol9aZULZ1qPUD6HkR7xu5qAFJTPN_dgABCEKAekp4R1sHu-8HgD__6-SUQA_Sb3XpgZZOxC_qQk95r6qYUunG_2wFxwDkSlKuZc40hnyTTRE...
http://track.bmgresolve.meuacerto.com.br/?xtl=1zo27nkwg0n8w3snfnqocsv8f9jt6jwcpj9vmqxisgp136piiwtq1zsuzd7f93r1gwyeg4dpaqo0l1dlspu8lkuxgbqmerjggo9qr14943wzoq0jvv9r2aattj1mm7cs2d2cdjxaipd7ibgkerxkbet...
https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022

3 KB
3 KB

664ms
205ms

Document
text/html

191.233.28.251
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

191.233.28.251 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

259bb417185e43073c5d68e79e3f6b5d1842af614d4568bd10c393c2946741c1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
Strict-Transport-Security	max-age=15724800
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-length: 2700
content-security-policy: frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
content-type: text/html
date: Fri, 28 Oct 2022 13:00:45 GMT
etag: "6356d675-a8c"
last-modified: Mon, 24 Oct 2022 18:16:21 GMT
strict-transport-security: max-age=15724800
x-frame-options: SAMEORIGIN

Redirect headers

Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Fri, 28 Oct 2022 13:00:45 GMT
Location: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022
Server: nginx
Strict-Transport-Security: max-age=86400
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: None
X-Powered-By: PHP/5.6.40
X-XSS-Protection: 1; mode=block;

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 109 KB
43 KB 71ms
29ms Script
application/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-P6Z8XTL

Requested by

Host: havan.meuacerto.com.br
URL: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

80f6df2245c4c871c4d58025e158b40500475bd7f4285f1660edc1a387d4819a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:00:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43897
x-xss-protection: 0
last-modified: Fri, 28 Oct 2022 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 Oct 2022 13:00:46 GMT

GET
H/1.1 200
OK bundle.js Show response
meuacertopublic.blob.core.windows.net/packages/ 11 KB
12 KB 865ms
212ms Script
application/javascript 20.150.111.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://meuacertopublic.blob.core.windows.net/packages/bundle.js
Requested by: Host: havan.meuacerto.com.br
URL: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.150.111.4 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4199fcc0b31daeab7eddb3bfab52d9bfd096a1eb8d560a6b0f185fc3ec9d0cd9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 28 Oct 2022 13:00:46 GMT
Last-Modified: Mon, 10 Oct 2022 20:10:04 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: vaeGhmaoVc4RcW3GkWkoaw==
ETag: 0x8DAAAFB6B7C3EFA
Content-Type: application/javascript
x-ms-request-id: 5cb172cb-001e-003d-4acd-ea0f98000000
x-ms-version: 2009-09-19
Content-Length: 11605

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1 KB 66ms
24ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700&display=swap

Requested by

Host: havan.meuacerto.com.br
URL: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

45e78216d62e7ef2a2c7d0bda526ddfb789444fb8a986b024d059373acb27c16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Oct 2022 13:00:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 28 Oct 2022 11:46:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Oct 2022 13:00:46 GMT

GET
H2 200 app.0350a4dc.css
havan.meuacerto.com.br/css/ 6 KB
6 KB 206ms
205ms Stylesheet
text/css 191.233.28.251
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://havan.meuacerto.com.br/css/app.0350a4dc.css

Requested by

Host: havan.meuacerto.com.br
URL: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

191.233.28.251 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

05f42a5425dc057422960724431b78c79892413b9d71b4650d900eeace87ba4b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
Strict-Transport-Security	max-age=15724800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:00:46 GMT
strict-transport-security: max-age=15724800
content-security-policy: frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
last-modified: Mon, 24 Oct 2022 18:16:21 GMT
etag: "6356d675-18ed"
content-type: text/css
accept-ranges: bytes
content-length: 6381

GET
H2 200 app.8cbd77c8.js Show response
havan.meuacerto.com.br/js/ 28 KB
28 KB 206ms
206ms Script
application/x-javascript 191.233.28.251
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://havan.meuacerto.com.br/js/app.8cbd77c8.js

Requested by

Host: havan.meuacerto.com.br
URL: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

191.233.28.251 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

56d9493ef61c745e799292b89d8f707afd686c40485bca95ce9a985789b61a17

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
Strict-Transport-Security	max-age=15724800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:00:46 GMT
strict-transport-security: max-age=15724800
content-security-policy: frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
last-modified: Mon, 24 Oct 2022 18:16:21 GMT
etag: "6356d675-6fa3"
content-type: application/x-javascript
accept-ranges: bytes
content-length: 28579

GET
H2 200 chunk-vendors.db037b20.js Show response
havan.meuacerto.com.br/js/ 224 KB
224 KB 411ms
410ms Script
application/x-javascript 191.233.28.251
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://havan.meuacerto.com.br/js/chunk-vendors.db037b20.js

Requested by

Host: havan.meuacerto.com.br
URL: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

191.233.28.251 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3517e031babceb80254009e12cc5944d12204db8dc8da253d3e567fd807ca5ee

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
Strict-Transport-Security	max-age=15724800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:00:46 GMT
strict-transport-security: max-age=15724800
content-security-policy: frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
last-modified: Mon, 24 Oct 2022 18:16:21 GMT
etag: "6356d675-37ec7"
content-type: application/x-javascript
accept-ranges: bytes
content-length: 229063

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 284 KB
93 KB 78ms
38ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WVH65DK

Requested by

Host: havan.meuacerto.com.br
URL: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

01dd3f3054c45ef6493c064ac5f02e98738161f0fbbf05b1c709297097c7b290

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:00:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95069
x-xss-protection: 0
last-modified: Fri, 28 Oct 2022 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 Oct 2022 13:00:46 GMT

GET
H2 200 dengage_sdk.js Show response
us-pub.dengage.com/p/push/8/65a625a7-02e7-3794-4de9-725d110bd36c/ 106 KB
34 KB 509ms
233ms Script
text/javascript 52.14.86.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://us-pub.dengage.com/p/push/8/65a625a7-02e7-3794-4de9-725d110bd36c/dengage_sdk.js

Requested by

Host: havan.meuacerto.com.br
URL: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.14.86.234 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-14-86-234.us-east-2.compute.amazonaws.com

Software

openresty/1.21.4.1 /

Resource Hash

379a03b4db6bc573442cc1c9fbbc386825ec9ce7cc610fed9436a82125471703

Security Headers

Name	Value
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:00:47 GMT
content-encoding: gzip
mid: 183
last-modified: Tue, 14 Jun 2022 12:41:14 GMT
server: openresty/1.21.4.1
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/javascript
cache-control: public, max-age=3600
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:870c3367-6ca6-498d-aa04-0caafcaf1c66

GET
H2 200 chunk-5968e315.f85e36e1.css
havan.meuacerto.com.br/css/ 0
30 KB 206ms
205ms Other
text/css 191.233.28.251
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://havan.meuacerto.com.br/css/chunk-5968e315.f85e36e1.css

Requested by

Host: havan.meuacerto.com.br
URL: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

191.233.28.251 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
Strict-Transport-Security	max-age=15724800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:00:46 GMT
strict-transport-security: max-age=15724800
content-security-policy: frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
last-modified: Mon, 24 Oct 2022 18:16:21 GMT
etag: "6356d675-78a2"
content-type: text/css
accept-ranges: bytes
content-length: 30882

GET
H2 200 chunk-5968e315.7019ef0a.js
havan.meuacerto.com.br/js/ 0
98 KB 206ms
206ms Other
application/x-javascript 191.233.28.251
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://havan.meuacerto.com.br/js/chunk-5968e315.7019ef0a.js

Requested by

Host: havan.meuacerto.com.br
URL: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

191.233.28.251 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
Strict-Transport-Security	max-age=15724800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:00:46 GMT
strict-transport-security: max-age=15724800
content-security-policy: frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
last-modified: Mon, 24 Oct 2022 18:16:21 GMT
etag: "6356d675-186f1"
content-type: application/x-javascript
accept-ranges: bytes
content-length: 100081

GET
H2 200 chunk-5968e315.f85e36e1.css
havan.meuacerto.com.br/css/ 30 KB
30 KB 206ms
205ms Stylesheet
text/css 191.233.28.251
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://havan.meuacerto.com.br/css/chunk-5968e315.f85e36e1.css

Requested by

Host: havan.meuacerto.com.br
URL: https://havan.meuacerto.com.br/js/app.8cbd77c8.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

191.233.28.251 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

cdc98f6117b7427742534352c75ba14f8bb5741d52ac7ab733d95b4e51de0d60

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
Strict-Transport-Security	max-age=15724800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:00:46 GMT
strict-transport-security: max-age=15724800
content-security-policy: frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
last-modified: Mon, 24 Oct 2022 18:16:21 GMT
etag: "6356d675-78a2"
content-type: text/css
accept-ranges: bytes
content-length: 30882

GET
H2 200 chunk-5968e315.7019ef0a.js Show response
havan.meuacerto.com.br/js/ 98 KB
98 KB 379ms
379ms Script
application/x-javascript 191.233.28.251
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://havan.meuacerto.com.br/js/chunk-5968e315.7019ef0a.js

Requested by

Host: havan.meuacerto.com.br
URL: https://havan.meuacerto.com.br/js/app.8cbd77c8.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

191.233.28.251 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

25556ebc8f3927af4af7df70f9f79ef04e0c8d28d8bb5a81d251534be39f15f3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
Strict-Transport-Security	max-age=15724800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:00:46 GMT
strict-transport-security: max-age=15724800
content-security-policy: frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
last-modified: Mon, 24 Oct 2022 18:16:21 GMT
etag: "6356d675-186f1"
content-type: application/x-javascript
accept-ranges: bytes
content-length: 100081

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
15 KB 97ms
43ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVH65DK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e07332c72aa495bd9d3116164fe3ef3a9d7d3599d99f5ec612e43955b9e2de96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:00:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15175
x-xss-protection: 0
server: cafe
etag: 2727272090050510172
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 13:00:47 GMT

GET
H2 200 mgsensor.js Show response
a.mgid.com/ 15 KB
5 KB 184ms
137ms Script
application/javascript 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.mgid.com/mgsensor.js?d=1666962046957&source=gtm
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVH65DK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f7599ba1e84432f7f3319c7ed71b84ed24ffbb9741bea6b3ec61ec370707541

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:00:47 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 40e59045-4268-4c7f-b772-e5aa67ba39a9
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 7613db39d9129b39-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 4133.js Show response
script.crazyegg.com/pages/scripts/0107/ 6 KB
2 KB 755ms
698ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0107/4133.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVH65DK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 328b990a3d3ba3b690fae6fdbe96e9de93e57e22276744a0466f618ead609602

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:00:47 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Fri, 28 Oct 2022 13:00:47 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
ce-version: 11.4.32
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7613db39edf891d7-FRA
content-length: 2045

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 98ms
42ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVH65DK

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Fri, 28 Oct 2022 13:00:46 GMT
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3131A5F00376468BA848CEF3637BB398 Ref B: FRAEDGE1113 Ref C: 2022-10-28T13:00:47Z
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11367

GET
H2 200 hotjar-3073352.js Show response
static.hotjar.com/c/ 4 KB
3 KB 133ms
48ms Script
application/javascript 13.225.78.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3073352.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVH65DK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-63.fra2.r.cloudfront.net

Software

Resource Hash

a0f606f832db3afe5ca4daccd63d0ac0b08f2f70926b063b7ca33383d2ed9f6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:00:47 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
etag: W/539f9d59a1f46f49c54a0988197b7bfb
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: 3oivRw9PNs3GVYMeKQD0u6rk5FWS_GSjmNnOMoijV-9fjhOqvzKkrA==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 56ms
16ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVH65DK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 28 Oct 2022 11:15:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 6293
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 28 Oct 2022 13:15:54 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 102 KB
27 KB 52ms
18ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: havan.meuacerto.com.br
URL: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

18a899ae93d683c1e44173b7ba70e1025532cfeef1417889ae22aa78a11ee3be

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 28 Oct 2022 13:00:47 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27076
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 6c01AJ9/JMF/c/6WfLMXK9ktZp3hNC03TfBrxWKJsp7wOOasbTcPs3EEmSimCOftTBP1Nbq26EY42CiFE6FKOQ==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
x.cnt.my/async/track/ 3 KB
1 KB 123ms
28ms Script
application/javascript 138.201.230.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://x.cnt.my/async/track/?r=0.11866321684672476
Requested by: Host: havan.meuacerto.com.br
URL: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.230.88 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.230.201.138.clients.your-server.de
Software: nginx /
Resource Hash: ad2973457e9e9573b2f3de433093041633f2d74ee37657cdc2f1af51a8a383b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type: application/javascript
date: Fri, 28 Oct 2022 13:00:47 GMT
content-encoding: gzip
last-modified: Mon, 18 Jul 2022 14:03:34 GMT
server: nginx
etag: W/"62d56836-a11"
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK pixie.js Show response
acdn.adnxs.com/dmp/up/ 9 KB
4 KB 135ms
31ms Script
application/javascript 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/up/pixie.js
Requested by: Host: havan.meuacerto.com.br
URL: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Unused62: 8096267
Date: Fri, 28 Oct 2022 13:00:47 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Jun 2021 15:04:00 GMT
Server: nginx/1.13.10
ETag: "60b79de0-23b3"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Length: 3340
Expires: Sat, 29 Oct 2022 13:00:49 GMT

GET
H2 200 cji4qqe27s Show response
www.clarity.ms/tag/ 2 KB
2 KB 206ms
123ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/cji4qqe27s?ref=gtm2
Requested by: Host: havan.meuacerto.com.br
URL: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 1fb496804197251fc1a4f0b72fb4004c2d01484b04f225601278e48e203e73e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
date: Fri, 28 Oct 2022 13:00:46 GMT
x-azure-ref: 0f9JbYwAAAAAjGsZJvJGwSLlSTEHrX5mXQlJVMzBFREdFMDcxOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
content-length: 1924
expires: -1

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 23 KB
6 KB 119ms
51ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=aff97b86-f9a5-4987-8439-18d2471bffc6

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVH65DK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c71a7bdc6e1f2f8875556b690007a65be9e5ae1fb285f76d85180c89a3fa52d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:00:47 GMT
x-amz-version-id: TCAqq4sghBBBAAXd3MLZ8Fy8XIds..vO
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-request-id: VFX123BQF1EAG10T
age: 15
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: cVcpkQxw79KS0+NZdNhlseADnO1R/39Ez6R3y23tXfXK6SPhRwhTUzYXPStBUgMge4cQsGxbLr4=
last-modified: Thu, 28 Jul 2022 23:44:02 GMT
server: cloudflare
etag: W/"5cae6ce528dce0c327b2bcbaad459fdb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
cf-ray: 7613db3a6f3e99ee-CDG

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 192 KB
69 KB 32ms
32ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-BW4GX3DX9K&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVH65DK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7d5b709a3a9e0c0c3c55a33dd22eccd04f40b8d344772ce117e311b959b7e280

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:00:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 70584
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 28 Oct 2022 13:00:46 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
343 B 77ms
24ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-BW4GX3DX9K&gtm=2oeaq0&_p=2101579715&_gaz=1&cid=1822164998.1666962047&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1666962047&sct=1&seg=0&dl=https%3A%2F%2Fhavan.meuacerto.com.br%2F%3Futm_source%3Dcrm%26utm_medium%3Demail_mailgun%26utm_campaign%3Dhavan_informe%26utm_term%3Dcamp-cap_null%26utm_content%3Dnull_null_24102022&dt=Havan%3A%20Negocie%20sua%20d%C3%ADvida%20com%20at%C3%A9%2060%25%20de%20desconto!%20%7C%20Acerto&en=page_view&_fv=1&_nsi=1&_ss=1&ep.URL_UTM=https%3A%2F%2Fhavan.meuacerto.com.br%2F%3Futm_source%3Dcrm%26utm_medium%3Demail_mailgun%26utm_campaign%3Dhavan_informe%26utm_term%3Dcamp-cap_null%26utm_content%3Dnull_null_24102022
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BW4GX3DX9K&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 13:00:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://havan.meuacerto.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 271ms
89ms Ping
text/plain 2a00:1450:400c:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-BW4GX3DX9K&cid=1822164998.1666962047&gtm=2oeaq0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BW4GX3DX9K&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 13:00:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://havan.meuacerto.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 93ms
40ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-BW4GX3DX9K&cid=1822164998.1666962047&gtm=2oeaq0&aip=1&z=1116990118

Requested by

Host: havan.meuacerto.com.br
URL: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 13:00:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 727895664035823 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 113ms
93ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/727895664035823?v=2.9.88&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

358da850fb05ead32451592dbb6f9a184e72f31b44cd361f2b7cdcc9dddd832c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 28 Oct 2022 13:00:47 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: rtAA76K2r2SAJt1EMh5I+/DwseqdnKOdMhMrlp/AF2Q0qP61iC40OeVUIrL0lPl2uYbyWNiebtCvCSfsdAZQdQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 64ms
25ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=2101579715&t=pageview&_s=1&dl=https%3A%2F%2Fhavan.meuacerto.com.br%2F%3Futm_source%3Dcrm%26utm_medium%3Demail_mailgun%26utm_campaign%3Dhavan_informe%26utm_term%3Dcamp-cap_null%26utm_content%3Dnull_null_24102022&ul=en-us&de=UTF-8&dt=Havan%3A%20Negocie%20sua%20d%C3%ADvida%20com%20at%C3%A9%2060%25%20de%20desconto!%20%7C%20Acerto&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACAAI~&jid=574174890&gjid=814780113&cid=1822164998.1666962047&tid=UA-83444256-4&_gid=1919299686.1666962047&_r=1&gtm=2wgaq0WVH65DK&z=962230501

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://havan.meuacerto.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 13:00:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://havan.meuacerto.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/706809920/ 3 KB
2 KB 69ms
30ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/706809920/?random=1666962047058&cv=9&fst=1666962047058&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgaq0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fhavan.meuacerto.com.br%2F%3Futm_source%3Dcrm%26utm_medium%3Demail_mailgun%26utm_campaign%3Dhavan_informe%26utm_term%3Dcamp-cap_null%26utm_content%3Dnull_null_24102022&tiba=Havan%3A%20Negocie%20sua%20d%C3%ADvida%20com%20at%C3%A9%2060%25%20de%20desconto!%20%7C%20Acerto&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42e6a27b7c5a1a205259456681e54fd548321528eaa446555616d23ebfda11a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 13:00:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1131
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 137033313.js Show response
bat.bing.com/p/action/ 0
117 B 126ms
125ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/137033313.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Fri, 28 Oct 2022 13:00:46 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 870633F206474A47B598958FA323E535 Ref B: FRAEDGE1113 Ref C: 2022-10-28T13:00:47Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
174 B 43ms
43ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=137033313&tm=gtm002&Ver=2&mid=030faa20-4867-4ac5-9f08-74ffc49e598e&sid=8a32ddb056c011edbd21d93c9d411109&vid=8a33072056c011ed9debf947ef79bf92&vids=1&msclkid=N&gtm_tag_source=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Havan%3A%20Negocie%20sua%20d%C3%ADvida%20com%20at%C3%A9%2060%25%20de%20desconto!%20%7C%20Acerto&kw=negocia%C3%A7%C3%A3o%20digital,%20negocia%C3%A7%C3%A3o%20de%20d%C3%ADvida,%20quitar%20d%C3%ADvida,%20acerto&p=https%3A%2F%2Fhavan.meuacerto.com.br%2F%3Futm_source%3Dcrm%26utm_medium%3Demail_mailgun%26utm_campaign%3Dhavan_informe%26utm_term%3Dcamp-cap_null%26utm_content%3Dnull_null_24102022&r=&lt=2392&evt=pageLoad&sv=1&rn=695352

Requested by

Host: havan.meuacerto.com.br
URL: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 28 Oct 2022 13:00:46 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 60F10817FFEA4884AD45B52B21067C75 Ref B: FRAEDGE1113 Ref C: 2022-10-28T13:00:47Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 havan.meuacerto.com.br.js Show response
x.cnt.my/async/parser/ 6 KB
2 KB 28ms
28ms Script
application/javascript 138.201.230.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://x.cnt.my/async/parser/havan.meuacerto.com.br.js?r=4.03&dom=havan.meuacerto.com.br
Requested by: Host: x.cnt.my
URL: https://x.cnt.my/async/track/?r=0.11866321684672476
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.230.88 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.230.201.138.clients.your-server.de
Software: nginx /
Resource Hash: 7e1b00ed8c3e91750333114ea6e76047bbca0410b8ee0b783d62c07166c2f352

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type: application/javascript
date: Fri, 28 Oct 2022 13:00:47 GMT
content-encoding: gzip
last-modified: Fri, 10 Dec 2021 12:39:21 GMT
server: nginx
etag: W/"61b34a79-1769"
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

/
x.cnt.my/px/
Redirect Chain

https://x.cnt.my/px/?r=0.9029004076818816&dom=havan.meuacerto.com.br&tz=0&sw=1600&sh=1200&ow=1600&oh=1200&iw=1600&ih=1200&scd=24&url=https%3A%2F%2Fhavan.meuacerto.com.br%2F%3Futm_source%3Dcrm%26utm...
https://x.cnt.my/px/?r=0.9029004076818816&dom=havan.meuacerto.com.br&tz=0&sw=1600&sh=1200&ow=1600&oh=1200&iw=1600&ih=1200&scd=24&url=https%3A%2F%2Fhavan.meuacerto.com.br%2F%3Futm_source%3Dcrm%26utm...

35 B
559 B

29ms
29ms

Image
image/gif

138.201.230.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.cnt.my/px/?r=0.9029004076818816&dom=havan.meuacerto.com.br&tz=0&sw=1600&sh=1200&ow=1600&oh=1200&iw=1600&ih=1200&scd=24&url=https%3A%2F%2Fhavan.meuacerto.com.br%2F%3Futm_source%3Dcrm%26utm_medium%3Demail_mailgun%26utm_campaign%3Dhavan_informe%26utm_term%3Dcamp-cap_null%26utm_content%3Dnull_null_24102022&rand=0.30401824185804127&xtmp=1
Requested by: Host: havan.meuacerto.com.br
URL: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022
Protocol: H2
Server: 138.201.230.88 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.230.201.138.clients.your-server.de
Software: nginx /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 13:00:47 GMT
server: nginx
content-type: image/gif; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache,max-age=0,must-revalidate, no-cache
content-length: 35
expires: 0

Redirect headers

date: Fri, 28 Oct 2022 13:00:47 GMT
server: nginx
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
location: /px/?r=0.9029004076818816&dom=havan.meuacerto.com.br&tz=0&sw=1600&sh=1200&ow=1600&oh=1200&iw=1600&ih=1200&scd=24&url=https%3A%2F%2Fhavan.meuacerto.com.br%2F%3Futm_source%3Dcrm%26utm_medium%3Demail_mailgun%26utm_campaign%3Dhavan_informe%26utm_term%3Dcamp-cap_null%26utm_content%3Dnull_null_24102022&rand=0.30401824185804127&xtmp=1
content-type: text/plain; charset=utf-8
cache-control: no-cache
content-length: 329
expires: 0

GET
H2 200 modules.5a17f10e21dd3fd3b841.js Show response
script.hotjar.com/ 254 KB
65 KB 81ms
18ms Script
application/javascript 13.224.189.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.5a17f10e21dd3fd3b841.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3073352.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-26.fra2.r.cloudfront.net

Software

Resource Hash

6ff8873c5c7e5ddfdd65675936d186a8822ec5a7f51401eed3c06723166b43bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 11:38:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 177761
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 66091
last-modified: Wed, 26 Oct 2022 11:37:54 GMT
etag: "f784e2f70f455f7e613fcb9f757607c4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: fNmbSlUgn1C3ZFaaoTF9mDrhmCTNNdsGiYxdySnIFJfqIFC19X0K-g==

GET
H/1.1 200
OK pixie
ib.adnxs.com/ 42 B
347 B 108ms
33ms Image
image/gif 185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/pixie?e=PageView&pi=db4605c5-8cfe-4d6a-8b51-9c66cd6ffd8e&it=1666962047102&v=0.0.20&u=https%3A%2F%2Fhavan.meuacerto.com.br%2F%3Futm_source%3Dcrm%26utm_medium%3Demail_mailgun%26utm_campaign%3Dhavan_informe%26utm_term%3Dcamp-cap_null%26utm_content%3Dnull_null_24102022&st=1666962047101&et=1666962047102&if=0
Requested by: Host: havan.meuacerto.com.br
URL: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software: nginx/1.21.3 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Fri, 28 Oct 2022 13:00:47 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx/1.21.3
Connection: keep-alive
X-Proxy-Origin: 146.70.117.69; 146.70.117.69; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 42
Content-Type: image/gif

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
447 B 249ms
89ms XHR
text/plain 2a00:1450:400c:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-83444256-4&cid=1822164998.1666962047&jid=574174890&gjid=814780113&_gid=1919299686.1666962047&_u=YCDACEAABAAAACAAI~&z=877016909

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://havan.meuacerto.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 28 Oct 2022 13:00:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://havan.meuacerto.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-c1417f7b48595d0dbca01c86f95d6dbb.html Show response
vars.hotjar.com/ Frame A1F0 2 KB
1 KB 80ms
16ms Document
text/html 13.224.189.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-c1417f7b48595d0dbca01c86f95d6dbb.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3073352.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-10.fra2.r.cloudfront.net

Software

Resource Hash

c0a4830af55fb7faabcbe34e804d186959aac83e6832495817e0e62122d2748f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://havan.meuacerto.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 877721
cache-control: max-age=31536000
content-encoding: br
content-length: 1035
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 09:12:06 GMT
etag: "d2c298a660a1ee92f094a3d504e3e2e6"
last-modified: Tue, 18 Oct 2022 09:11:19 GMT
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
via: 1.1 f046bfa1468bb4385e357c8c9128cf50.cloudfront.net (CloudFront)
x-amz-cf-id: tcYaJOQKXbFB6z4PDAJlCDT2OonkNA-lTUdkxscTwQFE_d97d-tp4g==
x-amz-cf-pop: FRA2-C1
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 aff97b86-f9a5-4987-8439-18d2471bffc6 Show response
ekr.zdassets.com/compose/ 323 B
780 B 261ms
219ms XHR
application/json 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/aff97b86-f9a5-4987-8439-18d2471bffc6

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=aff97b86-f9a5-4987-8439-18d2471bffc6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ceb0a1bb5ce3474b65eac60d02bda2f0e1dc8868072b9128cc934ba82d1d23fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:00:47 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
x-permitted-cross-domain-policies: none
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 7613db3b0f019963-SEA, 7613db3b0f019963-SEA
x-runtime: 0.004108
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"ceb0a1bb5ce3474b65eac60d02bda2f0"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
vary: Origin, Accept-Encoding
cf-ray: 7613db3b0f019963-FRA

GET
H3 200 1x1.gif
a.mgid.com/ 43 B
207 B 176ms
156ms Image
image/gif 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.mgid.com/1x1.gif?id=651919&type=c&tg=&r=https%3A%2F%2Fhavan.meuacerto.com.br%2F%3Futm_source%3Dcrm%26utm_medium%3Demail_mailgun%26utm_campaign%3Dhavan_informe%26utm_term%3Dcamp-cap_null%26utm_content%3Dnull_null_24102022&utmc=null&utmt=null&nv=1&utms=crm&utmcp=havan_informe&utmm=email_mailgun&clid=&clidv=0&cmgid=0&cmtid=0&cmtuid=0&d=1666962047152
Requested by: Host: havan.meuacerto.com.br
URL: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:00:47 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7613db3aef875c1a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
content-type: image/gif

GET
H2 200 /
www.google.com/pagead/1p-user-list/706809920/ 42 B
548 B 69ms
29ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/706809920/?random=1666962047058&cv=9&fst=1666962000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgaq0&sendb=1&frm=0&url=https%3A%2F%2Fhavan.meuacerto.com.br%2F%3Futm_source%3Dcrm%26utm_medium%3Demail_mailgun%26utm_campaign%3Dhavan_informe%26utm_term%3Dcamp-cap_null%26utm_content%3Dnull_null_24102022&tiba=Havan%3A%20Negocie%20sua%20d%C3%ADvida%20com%20at%C3%A9%2060%25%20de%20desconto!%20%7C%20Acerto&async=1&fmt=3&is_vtc=1&random=339090203&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: havan.meuacerto.com.br
URL: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 13:00:47 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/706809920/ 42 B
64 B 61ms
28ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/706809920/?random=1666962047058&cv=9&fst=1666962000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgaq0&sendb=1&frm=0&url=https%3A%2F%2Fhavan.meuacerto.com.br%2F%3Futm_source%3Dcrm%26utm_medium%3Demail_mailgun%26utm_campaign%3Dhavan_informe%26utm_term%3Dcamp-cap_null%26utm_content%3Dnull_null_24102022&tiba=Havan%3A%20Negocie%20sua%20d%C3%ADvida%20com%20at%C3%A9%2060%25%20de%20desconto!%20%7C%20Acerto&async=1&fmt=3&is_vtc=1&random=339090203&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: havan.meuacerto.com.br
URL: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 13:00:47 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.facebook.com/tr/ 0
208 B 55ms
18ms XHR
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/?id=727895664035823&ev=PageView&dl=https%3A%2F%2Fhavan.meuacerto.com.br%2F%3Futm_source%3Dcrm%26utm_medium%3Demail_mailgun%26utm_campaign%3Dhavan_informe%26utm_term%3Dcamp-cap_null%26utm_content%3Dnull_null_24102022&rl=&if=false&ts=1666962047252&sw=1600&sh=1200&v=2.9.88&r=stable&ec=0&o=30&fbp=fb.2.1666962047251.697153336&it=1666962047040&coo=false&exp=b3&rqm=GET&cd[rex]=%7B%22retry%22%3A0%7D

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 28 Oct 2022 13:00:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin: https://havan.meuacerto.com.br
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 clarity.js Show response
www.clarity.ms/eus2/s/0.6.43/ 54 KB
23 KB 118ms
118ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2/s/0.6.43/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/cji4qqe27s?ref=gtm2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cc8a16ce849d72f106bd67187e4b60c20da3093375202bf0b53f23e8f40a8b11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:00:46 GMT
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
etag: "1d8e7ce34a5234c"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
x-azure-ref: 0f9JbYwAAAAATgifZ4K0tTYFEZlOr/6HTQlJVMzBFREdFMDcxOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H2 200 sl1uGvGq7_U Show response
www.youtube.com/embed/ Frame F379 68 KB
28 KB 114ms
74ms Document
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/sl1uGvGq7_U

Requested by

Host: havan.meuacerto.com.br
URL: https://havan.meuacerto.com.br/js/chunk-vendors.db037b20.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

af6c7e262e44ea2aa3289905be8568b38cfee929f22e1abc4a99566d6372ea5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://havan.meuacerto.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Fri, 28 Oct 2022 13:00:47 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
31 KB 55ms
16ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://havan.meuacerto.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:41:22 GMT
x-content-type-options: nosniff
age: 40765
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Oct 2023 01:41:22 GMT

GET
H2 200 icon-arrow-down.a6c67581.svg
havan.meuacerto.com.br/img/ 163 B
439 B 210ms
209ms Image
image/svg+xml 191.233.28.251
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://havan.meuacerto.com.br/img/icon-arrow-down.a6c67581.svg

Requested by

Host: havan.meuacerto.com.br
URL: https://havan.meuacerto.com.br/css/chunk-5968e315.f85e36e1.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

191.233.28.251 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

57492e2388373b50c31b0123a92eee7829cf572ab0d090419d807d9af716fd02

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
Strict-Transport-Security	max-age=15724800
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/css/chunk-5968e315.f85e36e1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:00:47 GMT
strict-transport-security: max-age=15724800
content-security-policy: frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
last-modified: Mon, 24 Oct 2022 18:16:21 GMT
etag: "6356d675-a3"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 163
x-xss-protection: 1; mode=block

GET
H2 200 button-top.bfc356b9.svg
havan.meuacerto.com.br/img/ 754 B
1 KB 211ms
210ms Image
image/svg+xml 191.233.28.251
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://havan.meuacerto.com.br/img/button-top.bfc356b9.svg

Requested by

Host: havan.meuacerto.com.br
URL: https://havan.meuacerto.com.br/css/chunk-5968e315.f85e36e1.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

191.233.28.251 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f407c8437006f5b1810f2db7d9acd7c925f39ce33d45ae8c5f92d00c47a15f1b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
Strict-Transport-Security	max-age=15724800
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/css/chunk-5968e315.f85e36e1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:00:47 GMT
strict-transport-security: max-age=15724800
content-security-policy: frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
last-modified: Mon, 24 Oct 2022 18:16:21 GMT
etag: "6356d675-2f2"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 754
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK bundle.js Show response
s3.amazonaws.com/raichu-beta/selos/ 5 KB
6 KB 355ms
123ms Script
application/javascript 54.231.231.0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/raichu-beta/selos/bundle.js
Requested by: Host: havan.meuacerto.com.br
URL: https://havan.meuacerto.com.br/js/chunk-5968e315.7019ef0a.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.231.0 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 17a8a6dff220cd3b357cb5261d61272bc1a91590c382416f21c14beaf9a4d440

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Fri, 28 Oct 2022 13:00:48 GMT
Last-Modified: Thu, 08 Aug 2019 22:02:40 GMT
Server: AmazonS3
x-amz-request-id: 4BM5CD5Y3DCWA4BH
ETag: "e497c22f0414dbd1c7be82940085c3f3"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 5505
x-amz-id-2: 9YdBooWQvwA1QMJ4WrXnFWOho9ESyoCOXd+SshuSdbAHLIg4XE1YBTyYeuZToCmjWI7dpYlLq8k=

GET
H2 200 havan-header.acda9ab8.svg
havan.meuacerto.com.br/img/ 10 KB
10 KB 214ms
209ms Image
image/svg+xml 191.233.28.251
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://havan.meuacerto.com.br/img/havan-header.acda9ab8.svg

Requested by

Host: havan.meuacerto.com.br
URL: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

191.233.28.251 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

48edae7e3fc479762c1a13bb958d3bbe6a771ef042d42df19114cdb07ec12b22

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
Strict-Transport-Security	max-age=15724800
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:00:47 GMT
strict-transport-security: max-age=15724800
content-security-policy: frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
last-modified: Mon, 24 Oct 2022 18:16:21 GMT
etag: "6356d675-279d"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 10141
x-xss-protection: 1; mode=block

GET
H2 200 right-arrow.f0e11a40.svg
havan.meuacerto.com.br/img/ 144 B
420 B 218ms
210ms Image
image/svg+xml 191.233.28.251
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://havan.meuacerto.com.br/img/right-arrow.f0e11a40.svg

Requested by

Host: havan.meuacerto.com.br
URL: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

191.233.28.251 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6fffae1e0fddd21e40064388a5bd75f2cb67116724e14a73c6151d413c2b4a47

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
Strict-Transport-Security	max-age=15724800
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:00:47 GMT
strict-transport-security: max-age=15724800
content-security-policy: frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
last-modified: Mon, 24 Oct 2022 18:16:21 GMT
etag: "6356d675-90"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 144
x-xss-protection: 1; mode=block

GET
H2 200 antifraude.c582210d.svg
havan.meuacerto.com.br/img/ 3 KB
3 KB 218ms
210ms Image
image/svg+xml 191.233.28.251
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://havan.meuacerto.com.br/img/antifraude.c582210d.svg

Requested by

Host: havan.meuacerto.com.br
URL: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

191.233.28.251 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c57393a84f8df48f30ae2f1c33f39bf8ece0cbab2ae9f214a1569f6a805d8372

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
Strict-Transport-Security	max-age=15724800
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:00:47 GMT
strict-transport-security: max-age=15724800
content-security-policy: frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
last-modified: Mon, 24 Oct 2022 18:16:21 GMT
etag: "6356d675-b34"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 2868
x-xss-protection: 1; mode=block

GET
H2 200 havan-banner.c155189d.webp
havan.meuacerto.com.br/img/ 29 KB
30 KB 219ms
211ms Image
image/webp 191.233.28.251
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://havan.meuacerto.com.br/img/havan-banner.c155189d.webp

Requested by

Host: havan.meuacerto.com.br
URL: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

191.233.28.251 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1bfdc0207283e5313706485411f44308771bd1334e63ec4670fc6da45a47f422

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
Strict-Transport-Security	max-age=15724800
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:00:47 GMT
strict-transport-security: max-age=15724800
content-security-policy: frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
last-modified: Mon, 24 Oct 2022 18:16:21 GMT
etag: "6356d675-75ea"
content-type: image/webp
accept-ranges: bytes
content-length: 30186
x-xss-protection: 1; mode=block

GET
H2 200 down-arrow.a6c67581.svg
havan.meuacerto.com.br/img/ 163 B
439 B 220ms
212ms Image
image/svg+xml 191.233.28.251
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://havan.meuacerto.com.br/img/down-arrow.a6c67581.svg

Requested by

Host: havan.meuacerto.com.br
URL: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

191.233.28.251 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

57492e2388373b50c31b0123a92eee7829cf572ab0d090419d807d9af716fd02

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
Strict-Transport-Security	max-age=15724800
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:00:47 GMT
strict-transport-security: max-age=15724800
content-security-policy: frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
last-modified: Mon, 24 Oct 2022 18:16:21 GMT
etag: "6356d675-a3"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 163
x-xss-protection: 1; mode=block

GET
H2 200 havan-parceria.5fd6ad70.svg
havan.meuacerto.com.br/img/ 18 KB
18 KB 221ms
213ms Image
image/svg+xml 191.233.28.251
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://havan.meuacerto.com.br/img/havan-parceria.5fd6ad70.svg

Requested by

Host: havan.meuacerto.com.br
URL: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

191.233.28.251 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9df5a0a799c69a4658d64bf5e9910ba98b9b8300e023e0e44738f249346cb12d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
Strict-Transport-Security	max-age=15724800
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:00:47 GMT
strict-transport-security: max-age=15724800
content-security-policy: frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
last-modified: Mon, 24 Oct 2022 18:16:21 GMT
etag: "6356d675-4803"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 18435
x-xss-protection: 1; mode=block

GET
H2 200 locker.006f7ff9.svg
havan.meuacerto.com.br/img/ 1 KB
1 KB 223ms
215ms Image
image/svg+xml 191.233.28.251
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://havan.meuacerto.com.br/img/locker.006f7ff9.svg

Requested by

Host: havan.meuacerto.com.br
URL: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

191.233.28.251 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

eade9c777fd1447bfe4cccc5f6911217dbb376357f9052604e204df83b306197

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
Strict-Transport-Security	max-age=15724800
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:00:47 GMT
strict-transport-security: max-age=15724800
content-security-policy: frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
last-modified: Mon, 24 Oct 2022 18:16:21 GMT
etag: "6356d675-458"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 1112
x-xss-protection: 1; mode=block

GET
H2 200 percent.a10b9889.svg
havan.meuacerto.com.br/img/ 3 KB
3 KB 223ms
216ms Image
image/svg+xml 191.233.28.251
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://havan.meuacerto.com.br/img/percent.a10b9889.svg

Requested by

Host: havan.meuacerto.com.br
URL: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

191.233.28.251 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6d9fa7bb538021fbcba50ef800a9dc86165982d9db266b77aa0c113026cd7f72

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
Strict-Transport-Security	max-age=15724800
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:00:47 GMT
strict-transport-security: max-age=15724800
content-security-policy: frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
last-modified: Mon, 24 Oct 2022 18:16:21 GMT
etag: "6356d675-b2e"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 2862
x-xss-protection: 1; mode=block

GET
H2 200 money.b78e09b1.svg
havan.meuacerto.com.br/img/ 3 KB
3 KB 396ms
389ms Image
image/svg+xml 191.233.28.251
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://havan.meuacerto.com.br/img/money.b78e09b1.svg

Requested by

Host: havan.meuacerto.com.br
URL: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

191.233.28.251 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

352b9c8d9c9197c25629af6c96ba7e1c2d84baa3d520328fc8e9b6b33e1035f5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
Strict-Transport-Security	max-age=15724800
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:00:47 GMT
strict-transport-security: max-age=15724800
content-security-policy: frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
last-modified: Mon, 24 Oct 2022 18:16:21 GMT
etag: "6356d675-a9f"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 2719
x-xss-protection: 1; mode=block

GET
H2 200 no-call.babe6055.svg
havan.meuacerto.com.br/img/ 1 KB
2 KB 397ms
390ms Image
image/svg+xml 191.233.28.251
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://havan.meuacerto.com.br/img/no-call.babe6055.svg

Requested by

Host: havan.meuacerto.com.br
URL: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

191.233.28.251 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f07e54dc96cb5836023bd8d2d55d449cbd1c4897caef1bdc98a880d99f9f6100

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
Strict-Transport-Security	max-age=15724800
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:00:47 GMT
strict-transport-security: max-age=15724800
content-security-policy: frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
last-modified: Mon, 24 Oct 2022 18:16:21 GMT
etag: "6356d675-5d2"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 1490
x-xss-protection: 1; mode=block

GET
H2 200 girl-computer.37e0f8a4.webp
havan.meuacerto.com.br/img/ 58 KB
58 KB 397ms
390ms Image
image/webp 191.233.28.251
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://havan.meuacerto.com.br/img/girl-computer.37e0f8a4.webp

Requested by

Host: havan.meuacerto.com.br
URL: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

191.233.28.251 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

384e88f94789801fd8e60ebf34794b5fbc8bc170a25f2d863941a5cdadbb2d0e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
Strict-Transport-Security	max-age=15724800
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:00:47 GMT
strict-transport-security: max-age=15724800
content-security-policy: frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
last-modified: Mon, 24 Oct 2022 18:16:21 GMT
etag: "6356d675-e706"
content-type: image/webp
accept-ranges: bytes
content-length: 59142
x-xss-protection: 1; mode=block

GET
H2 200 cellphone.f2c2f46d.gif
havan.meuacerto.com.br/img/ 4 MB
4 MB 398ms
391ms Image
image/gif 191.233.28.251
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://havan.meuacerto.com.br/img/cellphone.f2c2f46d.gif

Requested by

Host: havan.meuacerto.com.br
URL: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

191.233.28.251 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0bd190c9cc16383a5ab0415235675f65f4b726104b3ab6e66d7b444d82e3814a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
Strict-Transport-Security	max-age=15724800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: public
date: Fri, 28 Oct 2022 13:00:47 GMT
strict-transport-security: max-age=15724800
content-security-policy: frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
last-modified: Mon, 24 Oct 2022 18:16:21 GMT
etag: "6356d675-459be7"
content-type: image/gif
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 4561895
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 guy-phone.a478187f.webp
havan.meuacerto.com.br/img/ 23 KB
24 KB 397ms
391ms Image
image/webp 191.233.28.251
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://havan.meuacerto.com.br/img/guy-phone.a478187f.webp

Requested by

Host: havan.meuacerto.com.br
URL: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

191.233.28.251 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

80a14eccce937e86088e00bf7f3eff1e212f15ea9a8a9fc648220d0c8f0617fa

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
Strict-Transport-Security	max-age=15724800
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:00:47 GMT
strict-transport-security: max-age=15724800
content-security-policy: frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
last-modified: Mon, 24 Oct 2022 18:16:21 GMT
etag: "6356d675-5d40"
content-type: image/webp
accept-ranges: bytes
content-length: 23872
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 039b1016b76a9322bc1b7a042ee8ea39755159460f215acb5dcb106cf52c893e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 449c24a22293f2990e1ff1974597a0d37fca8306b4f483b35b9d11a6a8ac2531

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 five-stars.f33f5bea.svg
havan.meuacerto.com.br/img/ 659 B
936 B 402ms
396ms Image
image/svg+xml 191.233.28.251
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://havan.meuacerto.com.br/img/five-stars.f33f5bea.svg

Requested by

Host: havan.meuacerto.com.br
URL: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

191.233.28.251 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f8567cb5b12fb8fb1f86516e9c0570cfb4e3b5b07e882e3db69a7abe6a3b179c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
Strict-Transport-Security	max-age=15724800
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:00:47 GMT
strict-transport-security: max-age=15724800
content-security-policy: frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
last-modified: Mon, 24 Oct 2022 18:16:21 GMT
etag: "6356d675-293"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 659
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 576fb98150b983dfdfca26734174aa1986fbc4c0437a687efafd076783535a49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 10e332835f874c41938177aaf213f32c02b493987410551bccd9cb22082e2aaa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 logo-inter.ae98e0df.svg
havan.meuacerto.com.br/img/ 2 KB
2 KB 402ms
396ms Image
image/svg+xml 191.233.28.251
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://havan.meuacerto.com.br/img/logo-inter.ae98e0df.svg

Requested by

Host: havan.meuacerto.com.br
URL: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

191.233.28.251 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

02f8fd56fcf81f38469dbdc107767149056d65b1c31f7b7a600d7d1f0ee3188e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
Strict-Transport-Security	max-age=15724800
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:00:47 GMT
strict-transport-security: max-age=15724800
content-security-policy: frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
last-modified: Mon, 24 Oct 2022 18:16:21 GMT
etag: "6356d675-60a"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 1546
x-xss-protection: 1; mode=block

GET
H2 200 logo-sky.27e6e10b.svg
havan.meuacerto.com.br/img/ 2 KB
2 KB 403ms
397ms Image
image/svg+xml 191.233.28.251
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://havan.meuacerto.com.br/img/logo-sky.27e6e10b.svg

Requested by

Host: havan.meuacerto.com.br
URL: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

191.233.28.251 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ef5adf5228c4c12498cfba15ea66e70fd61699fc86669347d67007690a6a3cd6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
Strict-Transport-Security	max-age=15724800
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:00:47 GMT
strict-transport-security: max-age=15724800
content-security-policy: frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
last-modified: Mon, 24 Oct 2022 18:16:21 GMT
etag: "6356d675-69f"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 1695
x-xss-protection: 1; mode=block

GET
H2 200 logo-bmg.c654d31f.svg
havan.meuacerto.com.br/img/ 4 KB
5 KB 403ms
397ms Image
image/svg+xml 191.233.28.251
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://havan.meuacerto.com.br/img/logo-bmg.c654d31f.svg

Requested by

Host: havan.meuacerto.com.br
URL: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

191.233.28.251 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

88af7bf5aee21f4995e62b4da3f1ebcf204c0e156c922fbcbfe264ae9b6e762f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
Strict-Transport-Security	max-age=15724800
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:00:47 GMT
strict-transport-security: max-age=15724800
content-security-policy: frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
last-modified: Mon, 24 Oct 2022 18:16:21 GMT
etag: "6356d675-11a4"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 4516
x-xss-protection: 1; mode=block

GET
H2 200 logo-original.33d2c5c5.svg
havan.meuacerto.com.br/img/ 5 KB
5 KB 403ms
397ms Image
image/svg+xml 191.233.28.251
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://havan.meuacerto.com.br/img/logo-original.33d2c5c5.svg

Requested by

Host: havan.meuacerto.com.br
URL: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

191.233.28.251 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3606b18f6ed6b3ba969e83a9c95ed9532ff7e45b906e4b383f051f3f60735b48

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
Strict-Transport-Security	max-age=15724800
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:00:47 GMT
strict-transport-security: max-age=15724800
content-security-policy: frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
last-modified: Mon, 24 Oct 2022 18:16:21 GMT
etag: "6356d675-1376"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 4982
x-xss-protection: 1; mode=block

GET
H2 200 logo-c6bank.bdcf9960.svg
havan.meuacerto.com.br/img/ 3 KB
3 KB 416ms
410ms Image
image/svg+xml 191.233.28.251
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://havan.meuacerto.com.br/img/logo-c6bank.bdcf9960.svg

Requested by

Host: havan.meuacerto.com.br
URL: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

191.233.28.251 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7af30216d4fc94a4a6455489d50b22b15168bf957380df1754a8db5f097dcd8b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
Strict-Transport-Security	max-age=15724800
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:00:47 GMT
strict-transport-security: max-age=15724800
content-security-policy: frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
last-modified: Mon, 24 Oct 2022 18:16:21 GMT
etag: "6356d675-b5e"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 2910
x-xss-protection: 1; mode=block

GET
H2 200 logo-itapeva.573d0916.svg
havan.meuacerto.com.br/img/ 1 KB
2 KB 416ms
411ms Image
image/svg+xml 191.233.28.251
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://havan.meuacerto.com.br/img/logo-itapeva.573d0916.svg

Requested by

Host: havan.meuacerto.com.br
URL: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

191.233.28.251 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0087a1a1ef899cf5997d7859eb7a0b5a3521c828d738e4b2415583da1126cab4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
Strict-Transport-Security	max-age=15724800
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:00:47 GMT
strict-transport-security: max-age=15724800
content-security-policy: frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
last-modified: Mon, 24 Oct 2022 18:16:21 GMT
etag: "6356d675-5cf"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 1487
x-xss-protection: 1; mode=block

GET
H2 200 logo-carrefour.6a40e526.svg
havan.meuacerto.com.br/img/ 14 KB
14 KB 416ms
411ms Image
image/svg+xml 191.233.28.251
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://havan.meuacerto.com.br/img/logo-carrefour.6a40e526.svg

Requested by

Host: havan.meuacerto.com.br
URL: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

191.233.28.251 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a13efe75b0920d72745c3f98822b2e1cd3ea7b72f3b25dd357d20617a5f0623c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
Strict-Transport-Security	max-age=15724800
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:00:47 GMT
strict-transport-security: max-age=15724800
content-security-policy: frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
last-modified: Mon, 24 Oct 2022 18:16:21 GMT
etag: "6356d675-368a"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 13962
x-xss-protection: 1; mode=block

GET
H2 200 logo-atacadao.e0f0f3d8.svg
havan.meuacerto.com.br/img/ 9 KB
9 KB 417ms
411ms Image
image/svg+xml 191.233.28.251
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://havan.meuacerto.com.br/img/logo-atacadao.e0f0f3d8.svg

Requested by

Host: havan.meuacerto.com.br
URL: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

191.233.28.251 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0e4e5473bf9e447a52ec61f8b31fb061fdf1eff1644bf693c6698bc64347f66a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
Strict-Transport-Security	max-age=15724800
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:00:47 GMT
strict-transport-security: max-age=15724800
content-security-policy: frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
last-modified: Mon, 24 Oct 2022 18:16:21 GMT
etag: "6356d675-22ac"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 8876
x-xss-protection: 1; mode=block

GET
H2 200 logo-midway.9374d625.svg
havan.meuacerto.com.br/img/ 4 KB
5 KB 417ms
412ms Image
image/svg+xml 191.233.28.251
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://havan.meuacerto.com.br/img/logo-midway.9374d625.svg

Requested by

Host: havan.meuacerto.com.br
URL: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

191.233.28.251 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

63eb0ff8dc5498c5f404605de0919df0e53018ac8a56779c97fcee537be216cc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
Strict-Transport-Security	max-age=15724800
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:00:47 GMT
strict-transport-security: max-age=15724800
content-security-policy: frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
last-modified: Mon, 24 Oct 2022 18:16:21 GMT
etag: "6356d675-11f3"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 4595
x-xss-protection: 1; mode=block

GET
H2 200 logo-porto-seguro.e1ee23e5.svg
havan.meuacerto.com.br/img/ 4 KB
5 KB 426ms
421ms Image
image/svg+xml 191.233.28.251
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://havan.meuacerto.com.br/img/logo-porto-seguro.e1ee23e5.svg

Requested by

Host: havan.meuacerto.com.br
URL: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

191.233.28.251 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c1f93a56a0e3117b2c3e19188f6ab7fe798119adb460e4ce305f6ef8568ac7bd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
Strict-Transport-Security	max-age=15724800
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:00:47 GMT
strict-transport-security: max-age=15724800
content-security-policy: frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
last-modified: Mon, 24 Oct 2022 18:16:21 GMT
etag: "6356d675-11ac"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 4524
x-xss-protection: 1; mode=block

GET
H2 200 logo-havan.ecafd388.svg
havan.meuacerto.com.br/img/ 4 KB
4 KB 426ms
421ms Image
image/svg+xml 191.233.28.251
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://havan.meuacerto.com.br/img/logo-havan.ecafd388.svg

Requested by

Host: havan.meuacerto.com.br
URL: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

191.233.28.251 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7a478b13900ff3fcf310c9cc67d4fda1ebb48a56eb2f4975a0642389dc162ea8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
Strict-Transport-Security	max-age=15724800
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:00:47 GMT
strict-transport-security: max-age=15724800
content-security-policy: frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
last-modified: Mon, 24 Oct 2022 18:16:21 GMT
etag: "6356d675-ea4"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 3748
x-xss-protection: 1; mode=block

GET
H2 200 logo-banco-pan.83ebf368.svg
havan.meuacerto.com.br/img/ 2 KB
3 KB 427ms
422ms Image
image/svg+xml 191.233.28.251
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://havan.meuacerto.com.br/img/logo-banco-pan.83ebf368.svg

Requested by

Host: havan.meuacerto.com.br
URL: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

191.233.28.251 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

84641fc361b15c3b55a309cd8dbe6fb8385337b49d62f97f3939e94ff9edfe3d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
Strict-Transport-Security	max-age=15724800
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:00:47 GMT
strict-transport-security: max-age=15724800
content-security-policy: frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
last-modified: Mon, 24 Oct 2022 18:16:21 GMT
etag: "6356d675-8fe"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 2302
x-xss-protection: 1; mode=block

GET
H2 200 logo-recovery.4a7b5d93.svg
havan.meuacerto.com.br/img/ 3 KB
4 KB 428ms
423ms Image
image/svg+xml 191.233.28.251
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://havan.meuacerto.com.br/img/logo-recovery.4a7b5d93.svg

Requested by

Host: havan.meuacerto.com.br
URL: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

191.233.28.251 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c8e5812789aa8f9d13d3e9f3b122b1ad0891a90b4f6a7e1d675ddd800b45f033

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
Strict-Transport-Security	max-age=15724800
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:00:47 GMT
strict-transport-security: max-age=15724800
content-security-policy: frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
last-modified: Mon, 24 Oct 2022 18:16:21 GMT
etag: "6356d675-d98"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 3480
x-xss-protection: 1; mode=block

GET
H2 200 icon-arrow.a2b10c72.svg
havan.meuacerto.com.br/img/ 412 B
689 B 426ms
422ms Image
image/svg+xml 191.233.28.251
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://havan.meuacerto.com.br/img/icon-arrow.a2b10c72.svg

Requested by

Host: havan.meuacerto.com.br
URL: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

191.233.28.251 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

42cede489c704eb5500d05d936ab97bb6db1a2e331513841bd3ed6e19c9a5767

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
Strict-Transport-Security	max-age=15724800
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:00:47 GMT
strict-transport-security: max-age=15724800
content-security-policy: frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
last-modified: Mon, 24 Oct 2022 18:16:21 GMT
etag: "6356d675-19c"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 412
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 03b2e9a3047457f564e1eb0baddcb057988432cf28da5f359f7f73ffef095328

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 acerto-footer.a0039edf.svg
havan.meuacerto.com.br/img/ 6 KB
7 KB 427ms
422ms Image
image/svg+xml 191.233.28.251
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://havan.meuacerto.com.br/img/acerto-footer.a0039edf.svg

Requested by

Host: havan.meuacerto.com.br
URL: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

191.233.28.251 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9c6ecd2881e8ff642d522822bf47f07d908b3cd782b48664a347730df301bc8e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
Strict-Transport-Security	max-age=15724800
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:00:47 GMT
strict-transport-security: max-age=15724800
content-security-policy: frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
last-modified: Mon, 24 Oct 2022 18:16:21 GMT
etag: "6356d675-1996"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 6550
x-xss-protection: 1; mode=block

GET
H2 200 havan-footer.05e54560.svg
havan.meuacerto.com.br/img/ 4 KB
4 KB 427ms
423ms Image
image/svg+xml 191.233.28.251
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://havan.meuacerto.com.br/img/havan-footer.05e54560.svg

Requested by

Host: havan.meuacerto.com.br
URL: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

191.233.28.251 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0116fa65094bdc9bf67233376abfb6c9a6df2a7fa00c58b69c88c91a1d455596

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
Strict-Transport-Security	max-age=15724800
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:00:47 GMT
strict-transport-security: max-age=15724800
content-security-policy: frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
last-modified: Mon, 24 Oct 2022 18:16:21 GMT
etag: "6356d675-e16"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 3606
x-xss-protection: 1; mode=block

GET
H2 206 cellphone.d1f3e42d.mp4
havan.meuacerto.com.br/media/ 404 KB
405 KB 416ms
415ms Media
video/mp4 191.233.28.251
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://havan.meuacerto.com.br/media/cellphone.d1f3e42d.mp4

Requested by

Host: havan.meuacerto.com.br
URL: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

191.233.28.251 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b3d70006df8d1380229630cc6798e2701d0a11508aeba6092f1f58b2070a83df

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
Strict-Transport-Security	max-age=15724800
X-Xss-Protection	1; mode=block

Request headers

Referer: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 28 Oct 2022 13:00:47 GMT
strict-transport-security: max-age=15724800
content-security-policy: frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
last-modified: Mon, 24 Oct 2022 18:16:21 GMT
etag: "6356d675-65145"
content-type: video/mp4
Content-Range: bytes 0-414020/414021
Content-Length: 414021
x-xss-protection: 1; mode=block

POST
H2 200 event Show response
us-event.dengage.com/api/web/ 1 B
173 B 373ms
116ms Fetch
text/plain 3.132.18.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://us-event.dengage.com/api/web/event
Requested by: Host: us-pub.dengage.com
URL: https://us-pub.dengage.com/p/push/8/65a625a7-02e7-3794-4de9-725d110bd36c/dengage_sdk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.132.18.62 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-132-18-62.us-east-2.compute.amazonaws.com
Software: openresty/1.21.4.1 /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer: https://havan.meuacerto.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 28 Oct 2022 13:00:47 GMT
access-control-allow-credentials: true
server: openresty/1.21.4.1
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain

POST
H2 200 event Show response
us-event.dengage.com/api/web/ 1 B
174 B 373ms
116ms Fetch
text/plain 3.132.18.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://us-event.dengage.com/api/web/event
Requested by: Host: us-pub.dengage.com
URL: https://us-pub.dengage.com/p/push/8/65a625a7-02e7-3794-4de9-725d110bd36c/dengage_sdk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.132.18.62 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-132-18-62.us-east-2.compute.amazonaws.com
Software: openresty/1.21.4.1 /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer: https://havan.meuacerto.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 28 Oct 2022 13:00:47 GMT
access-control-allow-credentials: true
server: openresty/1.21.4.1
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 75ms
40ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-83444256-4&cid=1822164998.1666962047&jid=574174890&_u=YCDACEAABAAAACAAI~&z=539982154

Requested by

Host: havan.meuacerto.com.br
URL: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 13:00:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 39ms
39ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-83444256-4&cid=1822164998.1666962047&jid=574174890&_u=YCDACEAABAAAACAAI~&z=539982154

Requested by

Host: havan.meuacerto.com.br
URL: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 13:00:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 www-player.css
www.youtube.com/s/player/19fc75cf/ Frame F379 359 KB
49 KB 56ms
22ms Stylesheet
text/css 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/19fc75cf/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/sl1uGvGq7_U

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

edbcd66789533fa7b2997c4b5c03a4df3042683b35384b0199fef3ad78554d2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/sl1uGvGq7_U
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:52:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76100
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49792
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 00:15:50 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 27 Oct 2023 15:52:27 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/19fc75cf/www-embed-player.vflset/ Frame F379 306 KB
95 KB 54ms
21ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/19fc75cf/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/sl1uGvGq7_U

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de0e3e13ac455201d77e111b8c417ddae1ea4689e4406203baaa78d0ff9532bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/sl1uGvGq7_U
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:52:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76100
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97474
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 00:15:50 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 27 Oct 2023 15:52:27 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/19fc75cf/player_ias.vflset/de_DE/ Frame F379 2 MB
572 KB 78ms
45ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/19fc75cf/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/sl1uGvGq7_U

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f907e6f1bca25770d3ed520388aca640ae04c640a323f77e0e87c7c32cd3f024

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/sl1uGvGq7_U
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:52:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76100
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 586029
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 00:15:50 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 27 Oct 2023 15:52:27 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/19fc75cf/fetch-polyfill.vflset/ Frame F379 9 KB
3 KB 53ms
20ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/19fc75cf/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/sl1uGvGq7_U

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/sl1uGvGq7_U
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:52:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76100
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 00:15:50 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 27 Oct 2023 15:52:27 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F379 15 KB
15 KB 54ms
20ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/sl1uGvGq7_U

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 265362
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 25 Oct 2023 11:18:05 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F379 15 KB
15 KB 56ms
23ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/sl1uGvGq7_U

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 237659
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 25 Oct 2023 18:59:48 GMT

GET
H2 200 web-widget-framework-e02dceabb69d6ba4a66a.js Show response
static.zdassets.com/web_widget/latest/ Frame C4F9 151 KB
49 KB 70ms
69ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-framework-e02dceabb69d6ba4a66a.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=aff97b86-f9a5-4987-8439-18d2471bffc6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05e81951cb0bc3f592e60a131ac3805cbc7a000867817e1b74af8f47be1529ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:00:47 GMT
x-amz-version-id: vYvcsd9O9PmUzPEJ.wRavv6qOXpX1g4W
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-request-id: 58FAPS1KMM81PM55
age: 390516
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: V67x+etLICpzF9A4y55hTkz02++bWNp4CYQBR1KsYoSlt5qPNCYwB3WWVwXy/iEWgDE+0zA2Wx8=
last-modified: Fri, 21 Oct 2022 09:51:36 GMT
server: cloudflare
etag: W/"f99c9292ba9d845b89822045698023dd"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7613db3cbd2699ee-CDG
expires: Sat, 21 Oct 2023 09:51:35 GMT

POST
H2 204 collect Show response
b.clarity.ms/ 0
163 B 1184ms
856ms XHR
text/plain 20.75.32.255
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.43/clarity.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://havan.meuacerto.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin: https://havan.meuacerto.com.br
date: Fri, 28 Oct 2022 13:00:47 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H2 200 config Show response
meuacertohelp.zendesk.com/embeddable/ Frame C4F9 673 B
922 B 559ms
509ms Fetch
application/json 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://meuacertohelp.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-e02dceabb69d6ba4a66a.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48a6232b3ddf8479c9ce4f8332fd37568b2c64561441db5404396a82116a9459

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:00:48 GMT
content-encoding: br
cf-cache-status: MISS
x-zendesk-origin-server: embeddable-app-server-5f5cbbd8fb-m8znw
x-cached: MISS
x-request-id: 7613db3f2db59b92-SEA
x-runtime: 0.001916
last-modified: Fri, 28 Oct 2022 13:00:48 GMT
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary: Origin, Accept-Encoding
cf-ray: 7613db3f2db59b92-FRA

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame F379
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

26ms
25ms

XHR
application/json

2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/sl1uGvGq7_U

Protocol

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

48e433ae2d31719bb94f9bab6db09b0abd290be166efd87da317b6a1f8009cce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:00:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 28 Oct 2022 13:00:47 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame F379 29 B
588 B 57ms
16ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/19fc75cf/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:47:23 GMT
x-content-type-options: nosniff
age: 804
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 28 Oct 2022 13:02:23 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 63ms
24ms Preflight
text/html 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Fri, 28 Oct 2022 13:00:47 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame F379 66 KB
30 KB 65ms
33ms XHR
application/json+protobuf 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/19fc75cf/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2cfec7aac397dbf5807ed9f9c69aeb6a7e011893f909bd8ce5af2de14ca103d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 28 Oct 2022 13:00:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30986
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/19fc75cf/player_ias.vflset/de_DE/ Frame F379 118 KB
36 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/19fc75cf/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/19fc75cf/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

092adfd68fdc4159d986e270ee6caf32d50dea0db2a9fdfd0d400216b81d1b8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/sl1uGvGq7_U
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:55:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75946
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37165
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 00:15:50 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 27 Oct 2023 15:55:01 GMT

GET
H3 200 2jr0eHp02ItFWQ5x-XHzcF5Qh6GPPdrMF7WL5Xw4nSU.js Show response
www.google.com/js/th/ Frame F379 36 KB
14 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/2jr0eHp02ItFWQ5x-XHzcF5Qh6GPPdrMF7WL5Xw4nSU.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/19fc75cf/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da3af4787a74d88b45590e71f971f3705e5087a18f3ddacc17b58be57c389d25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 23:20:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49189
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14247
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 Oct 2023 23:20:58 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/19fc75cf/player_ias.vflset/de_DE/ Frame F379 26 KB
8 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/19fc75cf/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/19fc75cf/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa5ef17f578ea5d863bb5309a30b2804c11eb6a506086818d77e6168eedec3f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/sl1uGvGq7_U
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:52:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76100
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8262
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 00:15:50 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 27 Oct 2023 15:52:27 GMT

GET
DATA 200
OK truncated
/ Frame F379 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AMLnZu_Lc09bXTGDjH4-Q6WE7023RsRSqcdg2frEkNFpfQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame F379 2 KB
2 KB 55ms
16ms Image
image/jpeg 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AMLnZu_Lc09bXTGDjH4-Q6WE7023RsRSqcdg2frEkNFpfQ=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/sl1uGvGq7_U

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

80a460e8c840b71707f8788fb4557dc987e100083bcf3193f242ed9b66b133cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 09:06:49 GMT
x-content-type-options: nosniff
age: 14038
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1576
x-xss-protection: 0
server: fife
etag: "v5d4"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 25 Oct 2022 19:30:45 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/sl1uGvGq7_U/ Frame F379 11 KB
12 KB 70ms
30ms Image
image/webp 2a00:1450:4001:80e::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/sl1uGvGq7_U/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/sl1uGvGq7_U

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e60666c550e16ca30efa039661033d766d49f8b21ed55ad201864e85b3f08d0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:00:47 GMT
x-content-type-options: nosniff
server: sffe
etag: "1644590810"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11318
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 28 Oct 2022 15:00:47 GMT

GET
H/1.1 200
OK c3VhQ25yS2t1dDVJalFnczptZXUtYWNlcnRv Show response
iosite.reclameaqui.com.br/raichu-io-site-v1/company/embed/hash/ 70 B
3 KB 984ms
312ms XHR
application/json 2.21.20.217
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://iosite.reclameaqui.com.br/raichu-io-site-v1/company/embed/hash/c3VhQ25yS2t1dDVJalFnczptZXUtYWNlcnRv

Requested by

Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/raichu-beta/selos/bundle.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.21.20.217 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-21-20-217.deploy.static.akamaitechnologies.com

Software

Reclameaqui /

Resource Hash

ad5b97cc076361d64e2d5b7cf03d01651f3beb813300f110b2bcc74640ad5c3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains
Content-Encoding: gzip
x-content-type-options: nosniff
Date: Fri, 28 Oct 2022 13:00:48 GMT
x-envoy-upstream-service-time: 19
Connection: keep-alive
Content-Length: 84
x-xss-protection: 1; mode=block
Pragma: no-cache
Server: Reclameaqui
x-frame-options: DENY
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, DELETE
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Disposition
Access-Control-Max-Age: 3600
Access-Control-Allow-Credentials: true
Cache-Control: no-cache, no-store, must-revalidate
Vary: Accept-Encoding
Access-Control-Allow-Headers: X-Requested-With, Content-Type, Accept, Authorization, Content-Disposition, Widget-Origin, Cookie
Expires: Fri, 28 Oct 2022 13:00:48 GMT

GET
H2 200 havan.meuacerto.com.br.json Show response
script.crazyegg.com/pages/data-scripts/0107/4133/site/ 5 KB
2 KB 192ms
158ms XHR
application/json 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0107/4133/site/havan.meuacerto.com.br.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0107/4133.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c69eff2562e55225b2ca6f2d61593a926f2694ea86442d08e22af5a8caee6c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:00:47 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Fri, 28 Oct 2022 13:00:47 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
ce-version: 11.4.32
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7613db3efa4e910c-FRA
content-length: 1725

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame F379 4 KB
3 KB 61ms
23ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/19fc75cf/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:00:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Oct 2022 13:00:47 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame F379 0
10 B 15ms
15ms Image
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?rT-XXQ
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/sl1uGvGq7_U
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/sl1uGvGq7_U
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:00:47 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/107/ Frame F379 52 KB
15 KB 48ms
16ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/107/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 15:13:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78416
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15116
x-xss-protection: 0
last-modified: Mon, 05 Sep 2022 15:03:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 28 Oct 2022 15:13:51 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame F379 90 B
134 B 28ms
28ms XHR
application/json+protobuf 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/19fc75cf/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

abe911ce90df9483e6f6c54e86d873e98e5628203cd4dbde99e3b51a27d979d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 28 Oct 2022 13:00:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 24ms
24ms Preflight
text/html 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Fri, 28 Oct 2022 13:00:47 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 5f0d0a84b90f162bd1c96c9af00513e3.js Show response
script.crazyegg.com/pages/versioned/common-scripts/ 87 KB
29 KB 28ms
28ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/common-scripts/5f0d0a84b90f162bd1c96c9af00513e3.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0107/4133.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4ae520fbb13fee35e1fa3756a5347cbb9fc7d3bc931959b5984d9d9165ae902

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:00:48 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 20 Oct 2022 13:08:07 GMT
server: cloudflare
age: 1820
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7613db400ffa91d7-FRA
content-length: 29861

GET
H2 200 havan.meuacerto.com.br.json Show response
script.crazyegg.com/pages/data-scripts/0107/4133/sampling/ 165 B
260 B 178ms
178ms XHR
application/json 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0107/4133/sampling/havan.meuacerto.com.br.json?t=463045
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/5f0d0a84b90f162bd1c96c9af00513e3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf33631566e294b854b3485c9a478de05f7b25646b3fff518bd3beaabc53b38d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:00:48 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Fri, 28 Oct 2022 13:00:48 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
ce-version: 11.4.32
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7613db403c95910c-FRA
content-length: 151

GET
H2 200 web-widget-messenger-6addd0b.js Show response
static.zdassets.com/web_widget/latest/messenger/ Frame C4F9 14 KB
4 KB 47ms
47ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/messenger/web-widget-messenger-6addd0b.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-e02dceabb69d6ba4a66a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58ebae669e67ea8e80494b2c592e19c14b6ebc5146c2cabd1fe1bbbd873dcc51

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:00:48 GMT
x-amz-version-id: tmUhQQ90ceZl1V08BgS8Fz16TS7LPfb0
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-request-id: Q7WFYPSWJR54Y5T2
age: 390515
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: fUDtc88WsSGYu7ubfNOBlY0lu8O2IZxxahpa9kFXr0KKavZMJoz/RsIFb9RCSz2KNTgIs+pmK/E=
last-modified: Fri, 21 Oct 2022 09:52:03 GMT
server: cloudflare
etag: W/"be304f1126f6bcd0468b2a228423e435"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7613db40de1399ee-CDG
expires: Sat, 21 Oct 2023 09:52:02 GMT

GET
H2 200 healthcheck Show response
pagestates-tracking.crazyegg.com/ 19 B
458 B 251ms
19ms XHR
application/json 13.224.189.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pagestates-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/5f0d0a84b90f162bd1c96c9af00513e3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-95.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 06:23:23 GMT
via: 1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 9182246
x-cache: Hit from cloudfront
content-length: 19
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
server: AmazonS3
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
accept-ranges: bytes
x-amz-cf-id: ijhyreyIaPiT2mhphGagR25R1bsKqdX33Yk6dlTkH48XyIx9akY5Rg==

GET
H2 200 healthcheck Show response
assets-tracking.crazyegg.com/ 19 B
461 B 247ms
16ms XHR
application/json 13.224.189.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/5f0d0a84b90f162bd1c96c9af00513e3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-10.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 11:33:15 GMT
via: 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 5794053
x-cache: Hit from cloudfront
content-length: 19
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
server: AmazonS3
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
accept-ranges: bytes
x-amz-cf-id: wWZJSMg85yDqH49ek0UHMaxt7W-j43_8FFMCKP01f0xAorr2Z1FIqw==

GET
BLOB 200
OK 99b8cf55-9257-4bf3-847b-c72763590911
https://havan.meuacerto.com.br/ 45 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://havan.meuacerto.com.br/99b8cf55-9257-4bf3-847b-c72763590911
Requested by: Host: havan.meuacerto.com.br
URL: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e8f74416e7bc7051dbd2c0b2dec8cdb9a5ba4b36f88ba1b65c3e7dd7447b4090

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Length: 45
Content-Type: text/javascript

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.8.3/ 91 KB
92 KB 57ms
17ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js

Requested by

Host: x.cnt.my
URL: https://x.cnt.my/async/parser/havan.meuacerto.com.br.js?r=4.03&dom=havan.meuacerto.com.br

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 04:40:48 GMT
x-content-type-options: nosniff
age: 30000
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93636
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Oct 2023 04:40:48 GMT

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=9594C18AD661438E8AE765EEBF635436&RedC=c.clarity.ms&MXFR=2A90169361256194246304D865256FDA
https://c.clarity.ms/c.gif?CtsSyncId=9594C18AD661438E8AE765EEBF635436&MUID=030AD592A74867213081C7D9A6396658

42 B
368 B

36ms
36ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=9594C18AD661438E8AE765EEBF635436&MUID=030AD592A74867213081C7D9A6396658
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 13:00:48 GMT
last-modified: Thu, 13 Oct 2022 20:07:05 GMT
server: Microsoft-IIS/10.0
etag: "40db785d3fdfd81:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 28 Oct 2022 13:00:47 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 662C56D471AB49AD96EDA8A0D675F907 Ref B: FRAEDGE1113 Ref C: 2022-10-28T13:00:48Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=9594C18AD661438E8AE765EEBF635436&MUID=030AD592A74867213081C7D9A6396658
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 web-widget-447-6addd0b.js Show response
static.zdassets.com/web_widget/latest/messenger/ Frame C4F9 392 KB
124 KB 61ms
59ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/messenger/web-widget-447-6addd0b.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/messenger/web-widget-messenger-6addd0b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5886d0574ef4b74b22c1e28e43de05c4b3190e735abc011f54a50ab76fe591e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:00:48 GMT
x-amz-version-id: aXaLHUUrOQZLgr8m5bia7i1N.cNILHal
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-request-id: NE8BAVBK0TQC0SEQ
age: 390515
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: uK8KIXiYgYNl/EMfouOh98Oz+b5+Rytvi5n7LhiEHpZcHGRGkJzARuA+KNMowcqOqnIFZc/h0OQ=
last-modified: Fri, 21 Oct 2022 09:52:03 GMT
server: cloudflare
etag: W/"16c884d4969f1f0d496fb8796c125c2b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7613db431a7799ee-CDG
expires: Sat, 21 Oct 2023 09:52:02 GMT

GET
H2 200 web-widget-3245-6addd0b.js Show response
static.zdassets.com/web_widget/latest/messenger/ Frame C4F9 184 KB
43 KB 48ms
47ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/messenger/web-widget-3245-6addd0b.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/messenger/web-widget-messenger-6addd0b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74a4aac121b619602249aa70d58c0233ed13bbfc47adfdbf011545ac4099af3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:00:48 GMT
x-amz-version-id: ujBW2lBWUeZA8Oh7KT591ob.SL.a8Um6
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-request-id: NE8CKDFNK8Y81J25
age: 390515
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: Xponm4h1R6a5EdOMCEAcrWWlVgMAf5Y9NpWKPa1uwHVbKKOEqPuPth+Km/5ETZYyFmZboNSKTvg=
last-modified: Fri, 21 Oct 2022 09:52:03 GMT
server: cloudflare
etag: W/"c2b585205e7dde71004512387858febf"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7613db431a7899ee-CDG
expires: Sat, 21 Oct 2023 09:52:02 GMT

GET
H2 200 clock Show response
tracking.crazyegg.com/ 27 B
134 B 327ms
117ms XHR
text/plain 34.251.90.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.crazyegg.com/clock?t=1666962048487
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/5f0d0a84b90f162bd1c96c9af00513e3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.90.55 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-90-55.eu-west-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: b8669e7bd0fe254b93879c60ade7f967c3af7cd03239a8343a69b9bd0645e6d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 28 Oct 2022 13:00:48 GMT
cache-control: no-store
server: awselb/2.0
content-length: 27
content-type: text/plain

GET
H/1.1 200
OK dsp Show response
citydsp.com/ 540 B
693 B 115ms
22ms Script
text/javascript 62.138.6.193
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL: https://citydsp.com/dsp?h=havan.meuacerto.com.br&r=0.21124145914430592
Requested by: Host: x.cnt.my
URL: https://x.cnt.my/async/parser/havan.meuacerto.com.br.js?r=4.03&dom=havan.meuacerto.com.br
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.138.6.193 Strasbourg, France, ASN20773 (GODADDY, DE),
Reverse DNS: astra4639.startdedicated.com
Software: nginx /
Resource Hash: 292b1725c1aec3aefd3acd77f7cc34d6821ca4ce3af95ee422012cf2fc0fcb51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 13:00:48 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: no-store, no-cache, private
Connection: keep-alive

GET
H2 200 en-us-json-6addd0b.js Show response
static.zdassets.com/web_widget/latest/messenger/web-widget-locales/messenger/ Frame C4F9 10 KB
2 KB 56ms
56ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/messenger/web-widget-locales/messenger/en-us-json-6addd0b.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/messenger/web-widget-messenger-6addd0b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eae1624bc2b093db7aed7fdab996877d69bc2baa5996c819d604f7b8b016878e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:00:48 GMT
x-amz-version-id: uYgsWhTPv8LsUir96Udjc6854BorrEwL
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-request-id: XFW17CDHWEXWPXJD
age: 390503
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: bPGcvoHE8NxiFsf8REZsucpZ0xI3mmYOuRel4ossm31EaeE9R8bfo+PHjcu1tkNJljGRVTYDhrQ=
last-modified: Fri, 21 Oct 2022 09:52:04 GMT
server: cloudflare
etag: W/"5736729c4ee91e51558295ab68ab9c2b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7613db449cfe99ee-CDG
expires: Sat, 21 Oct 2023 09:52:03 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 16ms
15ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=2101579715&t=event&ni=1&_s=2&dl=https%3A%2F%2Fhavan.meuacerto.com.br%2F%3Futm_source%3Dcrm%26utm_medium%3Demail_mailgun%26utm_campaign%3Dhavan_informe%26utm_term%3Dcamp-cap_null%26utm_content%3Dnull_null_24102022&ul=en-us&de=UTF-8&dt=Havan%3A%20Negocie%20sua%20d%C3%ADvida%20com%20at%C3%A9%2060%25%20de%20desconto!%20%7C%20Acerto&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clarity&ea=mqkxfv&_u=aDDACEABBAAAACAAI~&jid=&gjid=&cid=1822164998.1666962047&tid=UA-83444256-4&_gid=1919299686.1666962047&gtm=2wgaq0WVH65DK&cd1=https%3A%2F%2Fclarity.microsoft.com%2Fga%2Fcji4qqe27s%2F1d64f6h%2Fmqkxfv&z=33696011

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 06:20:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 24006
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK init Show response
retagro.com/ 0
294 B 67ms
20ms Script
text/javascript 85.25.203.29
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL: https://retagro.com/init?r=0.8749568205929639
Requested by: Host: citydsp.com
URL: https://citydsp.com/dsp?h=havan.meuacerto.com.br&r=0.21124145914430592
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.25.203.29 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: static-ip-85-25-203-29.inaddr.ip-pool.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 13:00:48 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: no-store, no-cache, private
Connection: keep-alive

GET
H/1.1 200
OK start Show response
anilima.com/ 0
294 B 77ms
16ms Script
text/javascript 157.245.26.63
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://anilima.com/start?r=0.11271070043759956
Requested by: Host: citydsp.com
URL: https://citydsp.com/dsp?h=havan.meuacerto.com.br&r=0.21124145914430592
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.245.26.63 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 13:00:48 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: no-store, no-cache, private
Connection: keep-alive

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 64ms
28ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=727895664035823&ev=Microdata&dl=https%3A%2F%2Fhavan.meuacerto.com.br%2F%3Futm_source%3Dcrm%26utm_medium%3Demail_mailgun%26utm_campaign%3Dhavan_informe%26utm_term%3Dcamp-cap_null%26utm_content%3Dnull_null_24102022&rl=&if=false&ts=1666962048776&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Havan%3A%20Negocie%20sua%20d%C3%ADvida%20com%20at%C3%A9%2060%25%20de%20desconto!%20%7C%20Acerto%22%2C%22meta%3Akeywords%22%3A%22negocia%C3%A7%C3%A3o%20digital%2C%20negocia%C3%A7%C3%A3o%20de%20d%C3%ADvida%2C%20quitar%20d%C3%ADvida%2C%20acerto%22%2C%22meta%3Adescription%22%3A%22Negociar%20com%20a%20Havan%20%C3%A9%20muito%20simples!%20Acesse%20e%20verifique%20sua%20d%C3%ADvida%20com%20a%20Havan%20e%20confira%20as%20melhores%20ofertas.%20Negocie%20com%20a%20Acerto!%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.88&r=stable&ec=1&o=30&fbp=fb.2.1666962047251.697153336&it=1666962047040&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 28 Oct 2022 13:00:48 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H/1.1 200
OK styles.css
s3.amazonaws.com/raichu-beta/selos/ 7 KB
7 KB 122ms
121ms Stylesheet
text/css 54.231.231.0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/raichu-beta/selos/styles.css
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/raichu-beta/selos/bundle.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.231.0 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: c9e4a82fe456f6edd296ead29aecc7ed48d2d3a80174b915a0a44cc8492d3e73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Fri, 28 Oct 2022 13:00:49 GMT
Last-Modified: Thu, 08 Aug 2019 21:59:39 GMT
Server: AmazonS3
x-amz-request-id: EWN0BH3P74XG8EH8
ETag: "3a4208a1b5f494d0a14bad178062c4d8"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 6934
x-amz-id-2: EKHgRqK7vmtQmrpAFPei5WcDXj7vIYkXcW16gwoxEt5Sjq458YfQAsDN3TaMhZH4cs5nHBsOqN4=

GET
H/1.1 200
OK otimo.svg
s3.amazonaws.com/raichu-beta/selos/assets/images/ 11 KB
12 KB 257ms
135ms Image
image/svg+xml 54.231.231.0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/raichu-beta/selos/assets/images/otimo.svg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.231.0 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: c4b3c512870a5a03f5f942c49a5527cad060af6f7667e024ed2cfdbe9aaa8967

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Fri, 28 Oct 2022 13:00:49 GMT
Last-Modified: Thu, 08 Aug 2019 21:59:40 GMT
Server: AmazonS3
x-amz-request-id: EWNE5DA9CKYTFXH2
ETag: "a5ff08405f18684625e548ba608600e7"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 11653
x-amz-id-2: sogKZEFXXB50QV8mJ5pRAFOi+6NbcQrfYZ8FdHa+zsZaEpv3dgqTEDf5lVbJ0pvGT8jXg4Kostg=

GET
H/1.1 200
OK reclame-aqui-logo.svg
s3.amazonaws.com/raichu-beta/selos/assets/images/ 11 KB
11 KB 366ms
122ms Image
image/svg+xml 54.231.231.0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/raichu-beta/selos/assets/images/reclame-aqui-logo.svg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.231.0 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9f39bb6ed73de2843ac41448dc069e2f4abe48d200912fa6e92fcfc077aea951

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Fri, 28 Oct 2022 13:00:50 GMT
Last-Modified: Thu, 08 Aug 2019 21:59:40 GMT
Server: AmazonS3
x-amz-request-id: 0T7Q0TSXJH6G4WJJ
ETag: "559b7e931744fec0931429e9a18e62a4"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 10941
x-amz-id-2: 0Odu5IPA1SmdbE14UFcvxfrJlJ704D+NOzgm3licDgjxGfPSrSB0MqN0gWx9N5+X0A0NXCqBQfY=

GET
H2 200 web-widget-6965-6addd0b.js Show response
static.zdassets.com/web_widget/latest/messenger/ Frame C4F9 139 KB
46 KB 45ms
44ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/messenger/web-widget-6965-6addd0b.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/messenger/web-widget-messenger-6addd0b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2bdb33defe4c63e549037d3294462ae4c5913d793affd48ab60562d6b8062ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:00:48 GMT
x-amz-version-id: YevgWNhPd04oUX7eFB5Nh3QzIQPTH0Ag
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-request-id: NE8CDD4QNB22PG8V
age: 390515
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: IDiy0r/5adBI8QobBk11z9754NbGGLll3BWSLrVXeVfykXb19YZ+U9253RGbu6H2AiFQS8zeAQU=
last-modified: Fri, 21 Oct 2022 09:52:03 GMT
server: cloudflare
etag: W/"94893c94656a16938d2cfa70a87f063f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7613db450da899ee-CDG
expires: Sat, 21 Oct 2023 09:52:02 GMT

GET
H2 200 web-widget-9809-6addd0b.js Show response
static.zdassets.com/web_widget/latest/messenger/ Frame C4F9 28 KB
9 KB 43ms
41ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/messenger/web-widget-9809-6addd0b.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/messenger/web-widget-messenger-6addd0b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2510b807540118c7902fc2a55344cb5b8be791d830c6e37cecdb70f30125b034

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:00:48 GMT
x-amz-version-id: dE4mR5dPIA6yPnE2N5p8IizAXTcOQzmE
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-request-id: NE82R8W6MECXCQQ7
age: 390515
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: 3OXyc5tY7a2j+XCDK+kavGSJ3AnSN5rveI2X+L3U6a/XkB8ZnaeQoKxdo29juglzG8ZHskXslMc=
last-modified: Fri, 21 Oct 2022 09:52:03 GMT
server: cloudflare
etag: W/"7f90e3a97a3bcf5c1aab74f58af70fcf"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7613db450dab99ee-CDG
expires: Sat, 21 Oct 2023 09:52:02 GMT

GET
H2 200 web-widget-9865-6addd0b.js Show response
static.zdassets.com/web_widget/latest/messenger/ Frame C4F9 13 KB
3 KB 40ms
38ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/messenger/web-widget-9865-6addd0b.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/messenger/web-widget-messenger-6addd0b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

929e0a531f16371620c4a2396db4153999408702a012cb39001317f926095918

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:00:48 GMT
x-amz-version-id: R3uw9kYg4xtuXkagEUKuGR44uwnQ7gjD
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-request-id: NE80JHY48V2XEJ1Y
age: 390515
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: W9A6SLsu8DET0pJCdpmX1SpiHD2r45HBRG/ppWuWoqrVKptPFWu+akmb6LIuG3Njy1qPiqQjYc8=
last-modified: Fri, 21 Oct 2022 09:52:03 GMT
server: cloudflare
etag: W/"cf86837f58ab2fd498ae42b921447f01"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7613db450dad99ee-CDG
expires: Sat, 21 Oct 2023 09:52:02 GMT

GET
H2 200 web-widget-3323-6addd0b.js Show response
static.zdassets.com/web_widget/latest/messenger/ Frame C4F9 26 KB
7 KB 41ms
40ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/messenger/web-widget-3323-6addd0b.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/messenger/web-widget-messenger-6addd0b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41b1ae10b7b5faa4678f0efb67c7e5b9efdc2485949a8c2015e0f4459a2d5be3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:00:48 GMT
x-amz-version-id: hnY8hxCJbm.9qz.GowmmFERAJnHiWfXd
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-request-id: NE831W2B8NJ6RPEE
age: 390515
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: xQONXyFEBqcJrUlT5P20Dj50m2i57VYexCglrF04/vFACtKD1GE0uR2CQFLyp2lo+rNyw3Tm8mg=
last-modified: Fri, 21 Oct 2022 09:52:03 GMT
server: cloudflare
etag: W/"780eacc3ecef5fe104cde6028cd45222"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7613db450db099ee-CDG
expires: Sat, 21 Oct 2023 09:52:02 GMT

GET
H2 200 embeddable_blip
meuacertohelp.zendesk.com/ Frame C4F9 0
0 232ms
232ms Fetch 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://meuacertohelp.zendesk.com/embeddable_blip?type=pageView&data=eyJjaGFubmVsIjoid2ViX21lc3NlbmdlciIsInBhZ2VWaWV3Ijp7InRpbWUiOjg0LCJsb2FkVGltZSI6NzIuMTk5OTk5ODA5MjY1MTQsIm5hdmlnYXRvckxhbmd1YWdlIjoiZW4tVVMiLCJwYWdlVGl0bGUiOiJIYXZhbjogTmVnb2NpZSBzdWEgZMOtdmlkYSBjb20gYXTDqSA2MCUgZGUgZGVzY29udG8hIHwgQWNlcnRvIiwidXNlckFnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwNy4wLjUzMDQuODcgU2FmYXJpLzUzNy4zNiIsImlzTW9iaWxlIjpmYWxzZSwiaXNSZXNwb25zaXZlIjp0cnVlLCJ2aWV3cG9ydE1ldGEiOiJ3aWR0aD1kZXZpY2Utd2lkdGgsaW5pdGlhbC1zY2FsZT0xIiwiaGVscENlbnRlckRlZHVwIjpmYWxzZSwicmVmZXJyZXIiOiJodHRwczovL2hhdmFuLm1ldWFjZXJ0by5jb20uYnIvP3V0bV9zb3VyY2U9Y3JtJnV0bV9tZWRpdW09ZW1haWxfbWFpbGd1biZ1dG1fY2FtcGFpZ249aGF2YW5faW5mb3JtZSZ1dG1fdGVybT1jYW1wLWNhcF9udWxsJnV0bV9jb250ZW50PW51bGxfbnVsbF8yNDEwMjAyMiJ9LCJidWlkIjoiOGYzZWZlMTExOGJlNDA0Njg2YjM1ZjcyZjUxMDRiZGQiLCJzdWlkIjoiNDZlZTljYjI4NzcyNDgxZGFkYzEzMzNkMGFlMmE2N2IiLCJ2ZXJzaW9uIjoiNmFkZGQwYiIsInRpbWVzdGFtcCI6IjIwMjItMTAtMjhUMTM6MDA6NDguODA3WiIsInVybCI6Imh0dHBzOi8vaGF2YW4ubWV1YWNlcnRvLmNvbS5ici8/dXRtX3NvdXJjZT1jcm0mdXRtX21lZGl1bT1lbWFpbF9tYWlsZ3VuJnV0bV9jYW1wYWlnbj1oYXZhbl9pbmZvcm1lJnV0bV90ZXJtPWNhbXAtY2FwX251bGwmdXRtX2NvbnRlbnQ9bnVsbF9udWxsXzI0MTAyMDIyIn0=
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-e02dceabb69d6ba4a66a.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:00:49 GMT
cf-cache-status: MISS
last-modified: Fri, 28 Oct 2022 13:00:49 GMT
server: cloudflare
x-zendesk-zorg: yes
vary: Origin, Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 7613db451cbd9b92-FRA
content-length: 0
x-request-id: 7613db451cbd9b92-SEA

GET
DATA 200
OK truncated
/ Frame DBD0 370 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b58cf763adace244285a1f020956817d3d8ea8948056c63b783bdb1d4a258d1b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 204 collect Show response
b.clarity.ms/ 0
48 B 109ms
109ms XHR
text/plain 20.75.32.255
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.43/clarity.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://havan.meuacerto.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin: https://havan.meuacerto.com.br
date: Fri, 28 Oct 2022 13:00:48 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
BLOB 200
OK 4d875f9d-84b8-4f36-a5a8-671415315db4
https://havan.meuacerto.com.br/ 260 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://havan.meuacerto.com.br/4d875f9d-84b8-4f36-a5a8-671415315db4
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 745c433f4edc11539e499c349b803f4ae0f22509564b5b904663ef0a309e5045

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Length: 260
Content-Type: text/javascript

GET
H3 200 css
fonts.googleapis.com/ 8 KB
712 B 101ms
28ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600

Requested by

Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/raichu-beta/selos/styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cfdcbbbafe5f910c243c4e87bbbc98934f1531814fd140f2bdff38ea5ab62ac7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Oct 2022 13:00:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 28 Oct 2022 11:26:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Oct 2022 13:00:49 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 22ms
19ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://havan.meuacerto.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 18:50:34 GMT
x-content-type-options: nosniff
age: 324615
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 18:50:34 GMT

POST
H2 200 subscription Show response
us-push.dengage.com/api/web/ 21 B
217 B 142ms
117ms Fetch
text/plain 3.132.18.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://us-push.dengage.com/api/web/subscription
Requested by: Host: us-pub.dengage.com
URL: https://us-pub.dengage.com/p/push/8/65a625a7-02e7-3794-4de9-725d110bd36c/dengage_sdk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.132.18.62 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-132-18-62.us-east-2.compute.amazonaws.com
Software: openresty/1.21.4.1 /
Resource Hash: c1436f013d4e07095a5a4bb65ac418fb769a398e247f2224807b3ec41bae4fe0

Request headers

Referer: https://havan.meuacerto.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 28 Oct 2022 13:00:49 GMT
access-control-allow-credentials: true
server: openresty/1.21.4.1
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain

GET
H3 200 css2
fonts.googleapis.com/ 3 KB
562 B 32ms
31ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@400;700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

63e55165cb26efa3df20628f8c2dfc0b13e7d7e7629761fe9f43b34d5498ea46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://havan.meuacerto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Oct 2022 13:00:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 28 Oct 2022 12:03:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Oct 2022 13:00:49 GMT

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
30 KB 22ms
21ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://havan.meuacerto.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:41:22 GMT
x-content-type-options: nosniff
age: 40767
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Oct 2023 01:41:22 GMT

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
30 KB 26ms
25ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://havan.meuacerto.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:41:22 GMT
x-content-type-options: nosniff
age: 40767
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Oct 2023 01:41:22 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame F379 28 B
54 B 37ms
37ms XHR
application/json 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/19fc75cf/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
X-Goog-Request-Time: 1666962049979
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/sl1uGvGq7_U
X-YouTube-Client-Version: 1.20221026.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtTQUFfZHhITm9kNCj_pO-aBg%3D%3D
X-YouTube-Ad-Signals: dt=1666962047575&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C482%2C271&vis=1&wgl=true&ca_type=image

Response headers

date: Fri, 28 Oct 2022 13:00:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Fri, 28 Oct 2022 13:00:50 GMT

POST
H2 204 collect Show response
b.clarity.ms/ 0
48 B 105ms
105ms XHR
text/plain 20.75.32.255
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.43/clarity.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://havan.meuacerto.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin: https://havan.meuacerto.com.br
date: Fri, 28 Oct 2022 13:00:50 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

Verdicts & Comments Add Verdict or Comment

95 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

37 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.meuacerto.com.br/	1970-01-20 16:38:42	Name: _ga_BW4GX3DX9K Value: GS1.1.1666962047.1.0.1666962047.60.0.0
.meuacerto.com.br/	1970-01-20 16:38:42	Name: _ga Value: GA1.3.1822164998.1666962047
.meuacerto.com.br/	1970-01-20 07:04:08	Name: _gid Value: GA1.3.1919299686.1666962047
.meuacerto.com.br/	1970-01-20 07:02:42	Name: _gat_UA-83444256-4 Value: 1
.bing.com/	1970-01-20 16:24:18	Name: MUID Value: 030AD592A74867213081C7D9A6396658
.meuacerto.com.br/	1970-01-20 07:04:08	Name: _uetsid Value: 8a32ddb056c011edbd21d93c9d411109
.meuacerto.com.br/	1970-01-20 16:24:18	Name: _uetvid Value: 8a33072056c011ed9debf947ef79bf92
.mgid.com/	1970-01-20 07:02:43	Name: __cf_bm Value: 50Zjz6fuG1_LD3otf2QQ7zAxx04qhyI3X9hu_XL7aPg-1666962047-0-AXG+2lrrE2iiGZRvUdXzeZFlkSxyYVF8V4rRF+/4ug9icAMY/aq0ddfRgJrIX6QOzMiceLPU+v8HLcyxu8HlJlw=
.cnt.my/	1970-01-20 15:48:18	Name: xcntID Value: y2cd7251e1cb644b25
havan.meuacerto.com.br/	1970-01-20 09:12:18	Name: MgidSensorUtm Value: null_null_24102022_camp-cap_null
havan.meuacerto.com.br/	1970-01-20 09:12:18	Name: MgidSensorUtmMedium Value: email_mailgun
havan.meuacerto.com.br/	1970-01-20 09:12:18	Name: MgidSensorUtmCampaign Value: havan_informe
havan.meuacerto.com.br/	1970-01-20 09:12:18	Name: MgidSensorUtmSource Value: crm
havan.meuacerto.com.br/	1970-01-20 09:12:18	Name: MgidSensorClidV Value: 0
havan.meuacerto.com.br/	1970-01-20 09:12:18	Name: MgidSensorNVis Value: 1
havan.meuacerto.com.br/	1970-01-20 09:12:18	Name: MgidSensorHref Value: https://havan.meuacerto.com.br/?utm_source=crm&utm_medium=email_mailgun&utm_campaign=havan_informe&utm_term=camp-cap_null&utm_content=null_null_24102022
.doubleclick.net/	1970-01-20 07:02:42	Name: test_cookie Value: CheckForPermission
www.clarity.ms/	1970-01-20 15:48:18	Name: CLID Value: 2c8224ee57234eda89413be55752715a.20221028.20231028
.meuacerto.com.br/	1970-01-20 09:12:18	Name: _fbp Value: fb.2.1666962047251.697153336
.meuacerto.com.br/	1970-01-20 15:48:18	Name: _hjSessionUser_3073352 Value: eyJpZCI6ImY3NjRiODJhLTJmODItNWU2Yi1hZWM1LTkzYmNiNjVjZmUzOCIsImNyZWF0ZWQiOjE2NjY5NjIwNDcyMzEsImV4aXN0aW5nIjpmYWxzZX0=
.meuacerto.com.br/	1970-01-20 07:02:43	Name: _hjFirstSeen Value: 1
havan.meuacerto.com.br/	1970-01-20 07:02:42	Name: _hjIncludedInSessionSample Value: 0
.meuacerto.com.br/	1970-01-20 07:02:43	Name: _hjSession_3073352 Value: eyJpZCI6IjQ1YTg3NmU2LTFjNGQtNGEwNy04ZjIwLWJkZmYwZmY1NmIwMSIsImNyZWF0ZWQiOjE2NjY5NjIwNDczNDMsImluU2FtcGxlIjpmYWxzZX0=
.meuacerto.com.br/	1970-01-20 07:02:43	Name: _hjAbsoluteSessionInProgress Value: 0
.meuacerto.com.br/	1970-01-20 07:02:43	Name: _dn_sid Value: 014b3981-26bf-4b28-9465-18c3e5f3faa6
.meuacerto.com.br/	1970-01-20 15:48:18	Name: _clck Value: 1d64f6h\|1\|f63\|0
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: uFD9k8Fg66Y
.youtube.com/	1970-01-20 11:21:54	Name: VISITOR_INFO1_LIVE Value: SAA_dxHNod4
.meuacerto.com.br/	1969-12-31 23:59:59	Name: cebs Value: 1
.meuacerto.com.br/	1970-01-20 15:48:18	Name: _ce.s Value: v~dbee1a8b773558e7d4a93c971357f250ff17271b~vpv~0
citydsp.com/	1970-01-20 11:21:54	Name: userId Value: 8335576057
.meuacerto.com.br/	1970-01-20 07:04:08	Name: _clsk Value: mqkxfv\|1666962048739\|1\|1\|b.clarity.ms/collect
.c.bing.com/	1970-01-20 16:24:18	Name: SRM_B Value: 030AD592A74867213081C7D9A6396658
.meuacerto.com.br/	1969-12-31 23:59:59	Name: cebsp Value: 1
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 16:24:18	Name: MUID Value: 030AD592A74867213081C7D9A6396658
.c.clarity.ms/	1970-01-20 07:02:42	Name: ANONCHK Value: 0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' https://meuacerto.bancointer.com.br https://meuacerto.uatbi.com.br
Strict-Transport-Security	max-age=15724800
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.mgid.com
acdn.adnxs.com
ajax.googleapis.com
anilima.com
assets-tracking.crazyegg.com
b.clarity.ms
bat.bing.com
c.bing.com
c.clarity.ms
citydsp.com
connect.facebook.net
ekr.zdassets.com
email.havan.meuacerto.com.br
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
havan.meuacerto.com.br
i.ytimg.com
ib.adnxs.com
iosite.reclameaqui.com.br
jnn-pa.googleapis.com
meuacertohelp.zendesk.com
meuacertopublic.blob.core.windows.net
pagestates-tracking.crazyegg.com
region1.analytics.google.com
retagro.com
s3.amazonaws.com
script.crazyegg.com
script.hotjar.com
secure-web.cisco.com
static.doubleclick.net
static.hotjar.com
static.zdassets.com
stats.g.doubleclick.net
track.bmgresolve.meuacerto.com.br
tracking.crazyegg.com
us-event.dengage.com
us-pub.dengage.com
us-push.dengage.com
vars.hotjar.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
www.gstatic.com
www.youtube.com
x.cnt.my
yt3.ggpht.com
104.16.51.111
104.18.72.113
13.224.189.10
13.224.189.26
13.224.189.95
13.225.78.63
138.201.230.88
142.250.186.130
157.245.26.63
18.214.171.162
185.89.210.244
191.233.28.251
2.21.20.217
20.150.111.4
20.234.93.27
20.75.32.255
2001:4860:4802:32::36
23.35.236.188
2606:4700:1::6813:844e
2606:4700::6813:9408
2620:1ec:bdf::45
2620:1ec:c11::200
2a00:1450:4001:800::2001
2a00:1450:4001:806::2002
2a00:1450:4001:806::2004
2a00:1450:4001:809::200a
2a00:1450:4001:80e::2016
2a00:1450:4001:80f::2003
2a00:1450:4001:813::2003
2a00:1450:4001:827::200a
2a00:1450:4001:829::2006
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::2008
2a00:1450:4001:830::200e
2a00:1450:4001:831::200a
2a00:1450:4001:831::200e
2a00:1450:400c:c1b::9c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:e4c7:ffff::69
3.132.18.62
34.251.90.55
34.86.85.56
52.14.86.234
54.231.231.0
62.138.6.193
85.25.203.29
0087a1a1ef899cf5997d7859eb7a0b5a3521c828d738e4b2415583da1126cab4
0116fa65094bdc9bf67233376abfb6c9a6df2a7fa00c58b69c88c91a1d455596
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
01dd3f3054c45ef6493c064ac5f02e98738161f0fbbf05b1c709297097c7b290
02f8fd56fcf81f38469dbdc107767149056d65b1c31f7b7a600d7d1f0ee3188e
039b1016b76a9322bc1b7a042ee8ea39755159460f215acb5dcb106cf52c893e
03b2e9a3047457f564e1eb0baddcb057988432cf28da5f359f7f73ffef095328
05e81951cb0bc3f592e60a131ac3805cbc7a000867817e1b74af8f47be1529ba
05f42a5425dc057422960724431b78c79892413b9d71b4650d900eeace87ba4b
092adfd68fdc4159d986e270ee6caf32d50dea0db2a9fdfd0d400216b81d1b8c
0bd190c9cc16383a5ab0415235675f65f4b726104b3ab6e66d7b444d82e3814a
0c69eff2562e55225b2ca6f2d61593a926f2694ea86442d08e22af5a8caee6c3
0e4e5473bf9e447a52ec61f8b31fb061fdf1eff1644bf693c6698bc64347f66a
10e332835f874c41938177aaf213f32c02b493987410551bccd9cb22082e2aaa
17a8a6dff220cd3b357cb5261d61272bc1a91590c382416f21c14beaf9a4d440
18a899ae93d683c1e44173b7ba70e1025532cfeef1417889ae22aa78a11ee3be
1bfdc0207283e5313706485411f44308771bd1334e63ec4670fc6da45a47f422
1fb496804197251fc1a4f0b72fb4004c2d01484b04f225601278e48e203e73e6
2510b807540118c7902fc2a55344cb5b8be791d830c6e37cecdb70f30125b034
25556ebc8f3927af4af7df70f9f79ef04e0c8d28d8bb5a81d251534be39f15f3
259bb417185e43073c5d68e79e3f6b5d1842af614d4568bd10c393c2946741c1
292b1725c1aec3aefd3acd77f7cc34d6821ca4ce3af95ee422012cf2fc0fcb51
2f7599ba1e84432f7f3319c7ed71b84ed24ffbb9741bea6b3ec61ec370707541
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
328b990a3d3ba3b690fae6fdbe96e9de93e57e22276744a0466f618ead609602
3517e031babceb80254009e12cc5944d12204db8dc8da253d3e567fd807ca5ee
352b9c8d9c9197c25629af6c96ba7e1c2d84baa3d520328fc8e9b6b33e1035f5
358da850fb05ead32451592dbb6f9a184e72f31b44cd361f2b7cdcc9dddd832c
3606b18f6ed6b3ba969e83a9c95ed9532ff7e45b906e4b383f051f3f60735b48
379a03b4db6bc573442cc1c9fbbc386825ec9ce7cc610fed9436a82125471703
384e88f94789801fd8e60ebf34794b5fbc8bc170a25f2d863941a5cdadbb2d0e
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4199fcc0b31daeab7eddb3bfab52d9bfd096a1eb8d560a6b0f185fc3ec9d0cd9
41b1ae10b7b5faa4678f0efb67c7e5b9efdc2485949a8c2015e0f4459a2d5be3
42cede489c704eb5500d05d936ab97bb6db1a2e331513841bd3ed6e19c9a5767
42e6a27b7c5a1a205259456681e54fd548321528eaa446555616d23ebfda11a3
449c24a22293f2990e1ff1974597a0d37fca8306b4f483b35b9d11a6a8ac2531
45e78216d62e7ef2a2c7d0bda526ddfb789444fb8a986b024d059373acb27c16
48a6232b3ddf8479c9ce4f8332fd37568b2c64561441db5404396a82116a9459
48e433ae2d31719bb94f9bab6db09b0abd290be166efd87da317b6a1f8009cce
48edae7e3fc479762c1a13bb958d3bbe6a771ef042d42df19114cdb07ec12b22
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
56d9493ef61c745e799292b89d8f707afd686c40485bca95ce9a985789b61a17
57492e2388373b50c31b0123a92eee7829cf572ab0d090419d807d9af716fd02
576fb98150b983dfdfca26734174aa1986fbc4c0437a687efafd076783535a49
5886d0574ef4b74b22c1e28e43de05c4b3190e735abc011f54a50ab76fe591e6
58ebae669e67ea8e80494b2c592e19c14b6ebc5146c2cabd1fe1bbbd873dcc51
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
63e55165cb26efa3df20628f8c2dfc0b13e7d7e7629761fe9f43b34d5498ea46
63eb0ff8dc5498c5f404605de0919df0e53018ac8a56779c97fcee537be216cc
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6d9fa7bb538021fbcba50ef800a9dc86165982d9db266b77aa0c113026cd7f72
6ff8873c5c7e5ddfdd65675936d186a8822ec5a7f51401eed3c06723166b43bd
6fffae1e0fddd21e40064388a5bd75f2cb67116724e14a73c6151d413c2b4a47
745c433f4edc11539e499c349b803f4ae0f22509564b5b904663ef0a309e5045
74a4aac121b619602249aa70d58c0233ed13bbfc47adfdbf011545ac4099af3c
7a478b13900ff3fcf310c9cc67d4fda1ebb48a56eb2f4975a0642389dc162ea8
7af30216d4fc94a4a6455489d50b22b15168bf957380df1754a8db5f097dcd8b
7d5b709a3a9e0c0c3c55a33dd22eccd04f40b8d344772ce117e311b959b7e280
7e1b00ed8c3e91750333114ea6e76047bbca0410b8ee0b783d62c07166c2f352
80a14eccce937e86088e00bf7f3eff1e212f15ea9a8a9fc648220d0c8f0617fa
80a460e8c840b71707f8788fb4557dc987e100083bcf3193f242ed9b66b133cc
80f6df2245c4c871c4d58025e158b40500475bd7f4285f1660edc1a387d4819a
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84641fc361b15c3b55a309cd8dbe6fb8385337b49d62f97f3939e94ff9edfe3d
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
88af7bf5aee21f4995e62b4da3f1ebcf204c0e156c922fbcbfe264ae9b6e762f
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
929e0a531f16371620c4a2396db4153999408702a012cb39001317f926095918
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9c6ecd2881e8ff642d522822bf47f07d908b3cd782b48664a347730df301bc8e
9df5a0a799c69a4658d64bf5e9910ba98b9b8300e023e0e44738f249346cb12d
9f39bb6ed73de2843ac41448dc069e2f4abe48d200912fa6e92fcfc077aea951
a0f606f832db3afe5ca4daccd63d0ac0b08f2f70926b063b7ca33383d2ed9f6d
a13efe75b0920d72745c3f98822b2e1cd3ea7b72f3b25dd357d20617a5f0623c
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa5ef17f578ea5d863bb5309a30b2804c11eb6a506086818d77e6168eedec3f4
abe911ce90df9483e6f6c54e86d873e98e5628203cd4dbde99e3b51a27d979d4
ad2973457e9e9573b2f3de433093041633f2d74ee37657cdc2f1af51a8a383b6
ad5b97cc076361d64e2d5b7cf03d01651f3beb813300f110b2bcc74640ad5c3d
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
af6c7e262e44ea2aa3289905be8568b38cfee929f22e1abc4a99566d6372ea5c
b3d70006df8d1380229630cc6798e2701d0a11508aeba6092f1f58b2070a83df
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b58cf763adace244285a1f020956817d3d8ea8948056c63b783bdb1d4a258d1b
b8669e7bd0fe254b93879c60ade7f967c3af7cd03239a8343a69b9bd0645e6d6
bf33631566e294b854b3485c9a478de05f7b25646b3fff518bd3beaabc53b38d
c0a4830af55fb7faabcbe34e804d186959aac83e6832495817e0e62122d2748f
c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870
c1436f013d4e07095a5a4bb65ac418fb769a398e247f2224807b3ec41bae4fe0
c1f93a56a0e3117b2c3e19188f6ab7fe798119adb460e4ce305f6ef8568ac7bd
c2cfec7aac397dbf5807ed9f9c69aeb6a7e011893f909bd8ce5af2de14ca103d
c4b3c512870a5a03f5f942c49a5527cad060af6f7667e024ed2cfdbe9aaa8967
c57393a84f8df48f30ae2f1c33f39bf8ece0cbab2ae9f214a1569f6a805d8372
c71a7bdc6e1f2f8875556b690007a65be9e5ae1fb285f76d85180c89a3fa52d2
c8e5812789aa8f9d13d3e9f3b122b1ad0891a90b4f6a7e1d675ddd800b45f033
c9e4a82fe456f6edd296ead29aecc7ed48d2d3a80174b915a0a44cc8492d3e73
cc8a16ce849d72f106bd67187e4b60c20da3093375202bf0b53f23e8f40a8b11
cdc98f6117b7427742534352c75ba14f8bb5741d52ac7ab733d95b4e51de0d60
ceb0a1bb5ce3474b65eac60d02bda2f0e1dc8868072b9128cc934ba82d1d23fb
cfdcbbbafe5f910c243c4e87bbbc98934f1531814fd140f2bdff38ea5ab62ac7
d4ae520fbb13fee35e1fa3756a5347cbb9fc7d3bc931959b5984d9d9165ae902
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
da3af4787a74d88b45590e71f971f3705e5087a18f3ddacc17b58be57c389d25
de0e3e13ac455201d77e111b8c417ddae1ea4689e4406203baaa78d0ff9532bf
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e07332c72aa495bd9d3116164fe3ef3a9d7d3599d99f5ec612e43955b9e2de96
e2bdb33defe4c63e549037d3294462ae4c5913d793affd48ab60562d6b8062ab
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e60666c550e16ca30efa039661033d766d49f8b21ed55ad201864e85b3f08d0f
e8f74416e7bc7051dbd2c0b2dec8cdb9a5ba4b36f88ba1b65c3e7dd7447b4090
eade9c777fd1447bfe4cccc5f6911217dbb376357f9052604e204df83b306197
eae1624bc2b093db7aed7fdab996877d69bc2baa5996c819d604f7b8b016878e
edbcd66789533fa7b2997c4b5c03a4df3042683b35384b0199fef3ad78554d2d
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef5adf5228c4c12498cfba15ea66e70fd61699fc86669347d67007690a6a3cd6
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e
f07e54dc96cb5836023bd8d2d55d449cbd1c4897caef1bdc98a880d99f9f6100
f407c8437006f5b1810f2db7d9acd7c925f39ce33d45ae8c5f92d00c47a15f1b
f8567cb5b12fb8fb1f86516e9c0570cfb4e3b5b07e882e3db69a7abe6a3b179c
f907e6f1bca25770d3ed520388aca640ae04c640a323f77e0e87c7c32cd3f024

havan.meuacerto.com.br Open in urlscan Pro 191.233.28.251 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

145 Requests

97 %HTTPS

49 %IPv6

32 Domains

52 Subdomains

45 IPs

7 Countries

7640 kBTransfer

11554 kBSize

37 Cookies

17 Outgoing links

Page URL History

Redirected requests

145 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

havan.meuacerto.com.br Open in urlscan Pro
191.233.28.251 Public Scan

Screenshot
Live screenshot

Full Image

145
Requests

97 %
HTTPS

49 %
IPv6

32
Domains

52
Subdomains

45
IPs

7
Countries

7640 kB
Transfer

11554 kB
Size

37
Cookies

145 HTTP transactions
7 data transactions