www.amigosecreto.com.br Open in urlscan Pro
66.232.27.51 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.amigosecreto.com.br/il/click.asp?esp=4579
Effective URL:
https://www.amigosecreto.com.br/?utm_source=amigosecreto&utm_medium=email-mkt&utm_campaign=as2023
Submission: On November 13 via api (November 13th 2023, 6:58:34 pm UTC) from US — Scanned from DE

Summary HTTP 185 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 33 IPs in 4 countries across 20 domains to perform 185 HTTP transactions. The main IP is 66.232.27.51, located in United States and belongs to WEBHOST-ASN1, US. The main domain is www.amigosecreto.com.br.
TLS certificate: Issued by R3 on September 6th 2023. Valid for: 3 months.

This is the only time www.amigosecreto.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 40	66.232.27.51 66.232.27.51	27229 (WEBHOST-ASN1) (WEBHOST-ASN1)
1	66.232.27.70 66.232.27.70	27229 (WEBHOST-ASN1) (WEBHOST-ASN1)
4	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
27	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	52.222.139.19 52.222.139.19	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
5	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1 3	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	13.32.27.21 13.32.27.21	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c03::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
4	52.58.73.75 52.58.73.75	16509 (AMAZON-02) (AMAZON-02)
1 2	52.10.170.101 52.10.170.101	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
3 4	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
2 4	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	37.252.171.21 37.252.171.21	29990 (ASN-APPNEX) (ASN-APPNEX)
1	142.250.181.230 142.250.181.230	15169 (GOOGLE) (GOOGLE)
23	2.19.126.92 2.19.126.92	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	35.156.29.222 35.156.29.222	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:223... 2600:9000:223f:5e00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2600:1f18:1ac... 2600:1f18:1aca:4282:640a:bb2c:d265:c552	14618 (AMAZON-AES) (AMAZON-AES)
185	33

40 66.232.27.51 (United States) 1 redirects

ASN27229 (WEBHOST-ASN1, US)
PTR: www.amigosecreto.com.br

www.amigosecreto.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.232.27.70 (United States)

ASN27229 (WEBHOST-ASN1, US)
PTR: images.curriculum.com.br

images.il.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

netdna.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.139.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-19.ams50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.27.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-21.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d308cf5aba4c350d52f6f982b50ad7bb.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c03::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.58.73.75 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-73-75.eu-central-1.compute.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.10.170.101 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-10-170-101.us-west-2.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.226 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.36.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.21 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2.19.126.92 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-126-92.deploy.static.akamaitechnologies.com

secure-ds.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.29.222 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-29-222.eu-central-1.compute.amazonaws.com

lm.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:223f:5e00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1f18:1aca:4282:640a:bb2c:d265:c552 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com d308cf5aba4c350d52f6f982b50ad7bb.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 149	606 KB
40	amigosecreto.com.br 1 redirects www.amigosecreto.com.br	2 MB
29	serving-sys.com bs.serving-sys.com — Cisco Umbrella Rank: 1584 secure-ds.serving-sys.com — Cisco Umbrella Rank: 2642 lm.serving-sys.com — Cisco Umbrella Rank: 2729	353 KB
17	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 cm.g.doubleclick.net — Cisco Umbrella Rank: 245 ad.doubleclick.net — Cisco Umbrella Rank: 154	331 KB
10	adsafeprotected.com 1 redirects pixel.adsafeprotected.com — Cisco Umbrella Rank: 736 static.adsafeprotected.com — Cisco Umbrella Rank: 587 dt.adsafeprotected.com — Cisco Umbrella Rank: 570	103 KB
8	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	513 KB
5	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3040 www.google.com — Cisco Umbrella Rank: 2	2 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2462	21 KB
5	gstatic.com fonts.gstatic.com	151 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625	2 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 727 script.hotjar.com — Cisco Umbrella Rank: 901	121 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	177 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	183 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 246	2 KB
3	facebook.com 1 redirects www.facebook.com — Cisco Umbrella Rank: 110	2 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	2 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6862	408 B
1	bootstrapcdn.com netdna.bootstrapcdn.com — Cisco Umbrella Rank: 3035	71 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 335	2 KB
1	il.com.br images.il.com.br	305 B
185	20

	Domain	Requested by
40	www.amigosecreto.com.br	1 redirects images.il.com.br www.amigosecreto.com.br
27	pagead2.googlesyndication.com	www.amigosecreto.com.br pagead2.googlesyndication.com securepubads.g.doubleclick.net 9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
23	secure-ds.serving-sys.com	bs.serving-sys.com secure-ds.serving-sys.com
16	tpc.googlesyndication.com	securepubads.g.doubleclick.net 9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net pagead2.googlesyndication.com www.amigosecreto.com.br
8	www.googletagmanager.com	www.amigosecreto.com.br www.googletagmanager.com
6	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net images.il.com.br
5	dt.adsafeprotected.com
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com 9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com
5	fonts.gstatic.com	fonts.googleapis.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	bs.serving-sys.com	9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com secure-ds.serving-sys.com
4	connect.facebook.net	www.amigosecreto.com.br connect.facebook.net
4	www.googletagservices.com	www.amigosecreto.com.br securepubads.g.doubleclick.net 9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com
3	static.adsafeprotected.com	pixel.adsafeprotected.com 9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.google.com	tpc.googlesyndication.com
3	www.facebook.com	1 redirects www.amigosecreto.com.br connect.facebook.net
3	region1.google-analytics.com	www.googletagmanager.com
3	fonts.googleapis.com	www.amigosecreto.com.br
2	lm.serving-sys.com	secure-ds.serving-sys.com
2	pixel.adsafeprotected.com	1 redirects 9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com
2	region1.analytics.google.com	www.googletagmanager.com
2	9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	script.hotjar.com	static.hotjar.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	static.hotjar.com	images.il.com.br
1	ad.doubleclick.net	9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com
1	d308cf5aba4c350d52f6f982b50ad7bb.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	www.google.de	www.amigosecreto.com.br
1	stats.g.doubleclick.net	www.googletagmanager.com
1	netdna.bootstrapcdn.com	www.amigosecreto.com.br
1	cdn.jsdelivr.net	www.amigosecreto.com.br
1	images.il.com.br
185	34

This site contains links to these domains. Also see Links.

Domain
www.instagram.com
www.facebook.com
www.tiktok.com
twitter.com
www.youtube.com
blog.amigosecreto.com.br
amigosecreto.zendesk.com

Subject Issuer	Validity	Valid
*.il.com.br R3	`2023-11-02` - `2024-01-31`	3 months	crt.sh
*.amigosecreto.com.br R3	`2023-09-06` - `2023-12-05`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-23` - `2023-11-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
bs.serving-sys.com Amazon RSA 2048 M02	`2023-03-11` - `2024-04-08`	a year	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M01	`2023-03-29` - `2024-04-27`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
secure-ds.serving-sys.com R3	`2023-09-19` - `2023-12-18`	3 months	crt.sh
lm.serving-sys.com Amazon RSA 2048 M01	`2023-02-14` - `2024-02-15`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M02	`2023-05-09` - `2024-06-07`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh

This page contains 24 frames:

Primary Page: https://www.amigosecreto.com.br/?utm_source=amigosecreto&utm_medium=email-mkt&utm_campaign=as2023
Frame ID: 301B1CB8181FA761B7D44A68CD0D68A6
Requests: 50 HTTP requests in this frame

Frame: https://www.amigosecreto.com.br/presentes/destaque/home-deslogada/
Frame ID: 405D8F768F8BC3BF21980DD293650257
Requests: 38 HTTP requests in this frame

Frame: https://www.amigosecreto.com.br/patrocinadores.asp
Frame ID: E98D71937ECE39843990F04521A9343D
Requests: 10 HTTP requests in this frame

Frame: https://www.amigosecreto.com.br/00_bco.asp
Frame ID: AAB6513985821DCF2F50EAF7EAE15964
Requests: 1 HTTP requests in this frame

Frame: https://www.amigosecreto.com.br/00_bco.asp
Frame ID: B7ED0D0503DDDEADB1CC20C1D0C74AB0
Requests: 1 HTTP requests in this frame

Frame: https://www.amigosecreto.com.br/00_bco.asp
Frame ID: 1EA9292BE4B865676A55B2CDA1F8D9FD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20190131/zrt_lookup_fy2021.html
Frame ID: 9E257BC3FEEBE8ACE3B9B59BCEEB6589
Requests: 1 HTTP requests in this frame

Frame: https://9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6FC528D1C186918A83DB63AFF97B49C3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6260959165761598&output=html&adk=1812271804&adf=3025194257&lmt=1699901906&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x810_l%7C500x810_r&format=0x0&url=https%3A%2F%2Fwww.amigosecreto.com.br%2F%3Futm_source%3Damigosecreto%26utm_medium%3Demail-mkt%26utm_campaign%3Das2023&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699901906230&bpp=3&bdt=1242&idt=378&shv=r20231108&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3669518102547&frm=20&pv=2&ga_vid=727135855.1699901906&ga_sid=1699901907&ga_hid=1016778901&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079516%2C44795922%2C44807464%2C31078297%2C31079382%2C44807763%2C44808148%2C44808285&oid=2&pvsid=1941516421622326&tmod=1434806844&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fimages.il.com.br%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=393
Frame ID: FE7CE9D2A5BCA8F085FDE02F138770E9
Requests: 1 HTTP requests in this frame

Frame: https://d308cf5aba4c350d52f6f982b50ad7bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 4D427AAE2CECC9B570BFC7CF105324C0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6260959165761598&output=html&adk=1812271804&adf=3279755397&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x810_l%7C500x810_r&format=0x0&url=https%3A%2F%2Fwww.amigosecreto.com.br%2F%3Futm_source%3Damigosecreto%26utm_medium%3Demail-mkt%26utm_campaign%3Das2023&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699901906564&bpp=3&bdt=393&idt=226&shv=r20231108&mjsv=m202311080101&ptt=9&saldr=aa&nras=1&correlator=3669518102547&frm=23&ife=1&pv=1&ga_vid=727135855.1699901906&ga_sid=1699901907&ga_hid=1456061020&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=1600&ish=300&ifk=1973036070&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44798934%2C44807461%2C31078297%2C31079587%2C44806141%2C44807763%2C44808148%2C44808285&oid=2&pvsid=2789026869479824&tmod=1716392366&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fimages.il.com.br%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C300&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.t48ljrdst73z&btvi=1&fsb=1&dtd=240
Frame ID: FC6DE561D8ADF2EE7B19386F1D146E18
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssAcbkKJ5fJOJYBg35GwTCXVA6MrTrTVNKnn3HydksnzVu1JXsHYHwK3ZR2zEgkl-xHsOEx6ND-lbzlDa8uRPmjBst6i-Ulgz5tmrS5JRuskGYaI7Xu-rvC0tWV9NGdKMDER_eaq1BHZJAOPUJr49QLslqW1vKjazKB5Gz9-Ms-tPkHcJQTIR0hwp4af2zZxTgebaL9abtbJgDVjMjRqREAFxgxt48oZj2KqJeyvdfxWsZVk17T4VGjIrKq-5o4hMlNctM8qlS8A8oCGfW0TwdpFtkz7Ylqif7ekvXvT9Wf1jcYSsQ1bIBPwKDH_n_hqVyLneXE59klKJG__JuXsGFptRWiNJyHQjE&sai=AMfl-YRCpAWdaPcczVI0-_53D3xzUXCtGFkCQknyo3nkoHMV1VVoa70eqBddd5fyUN82C5j0G4c5abRBwtU7e0ZxohBnp0FNXdHF4WoWj0sZ6qmE0iQ0a4_YGKzSICGFVF9M5jLa1KQXTXsObY7Ri9HgPyHO&sig=Cg0ArKJSzD3-0kq5Q7LcEAE&uach_m=[UACH]&adurl=
Frame ID: 46999EFD817E8CD51AF3E444A4F830C9
Requests: 7 HTTP requests in this frame

Frame: https://9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C572B0B4180E4D033D996E969748C00F
Requests: 33 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CID6ShCinKcBGJnX-vABMAE&v=APEucNVxx9HW1ZDAsJ-t50xrV8OJNElw8ZyItXVMrX307hW_hnRG-jn7J9MjE8owR4-sN_OgHHlYudIzeuZUh-VjZJ1XuijgxVfkAUzvy7DGzTTZLs0m7b4DaLF8Re8tOjz_RQK1_erN02hlqXFkqb9CNegvM0jQ0Q9SPFXELkGc2LeNftIADik
Frame ID: D0E72EBE53A94CB6DEA5C55B84F59233
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2C96116013FEC38554DFC24D929ADA13
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0DC3D65624EB43BC19D0712C1D41082E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 4647391FC1D20915E182B5D768AC9DAB
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2E345B4E112702C7E7F50B028B03207F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4211807B5312CC29BB35FFD85862A05C
Requests: 2 HTTP requests in this frame

Frame: https://secure-ds.serving-sys.com/resources/PROD/html5/6745/20230614/1077105354/80046008818511880/index.html?versionId=VbIHTQ4Kkmb0NH7GzvQGahdNOv3snFLT&v=_2_174_1_0&n=1&sHost=secure-ds.serving-sys.com
Frame ID: 1C27E23E0C737CF7C3066B383819A8AD
Requests: 19 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3f7a1f4a8a28d%2526domain%253Dwww.amigosecreto.com.br%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.amigosecreto.com.br%25252Ff2ea269856db2a%2526relation%253Dparent.parent%26container_width%3D350%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FAmigoSecreto.com.br%26locale%3Dpt_BR%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue%26width%3D290
Frame ID: 0354FC1B320B4B48B5B50B36CCDC48F9
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 66590CBB77897AF8D9D9198C24F7F0CC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C8B8714F8EC9D73740BBB6D16204F095
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F6F8C96E640E71228FDE1D9D77EB546C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

O site oficial do Amigo Secreto

Page URL History Show full URLs

https://www.amigosecreto.com.br/il/click.asp?esp=4579 HTTP 302
https://images.il.com.br/click.asp?esp=4579 Page URL
https://www.amigosecreto.com.br/?utm_source=amigosecreto&utm_medium=email-mkt&utm_campaign=as2023 Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css
owl\.carousel.*\.js

Sizmek (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

serving-sys\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

185
Requests

97 %
HTTPS

63 %
IPv6

20
Domains

34
Subdomains

33
IPs

4
Countries

4389 kB
Transfer

9125 kB
Size

24
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.instagram.com/amigosecretocombr

Search URL Search Domain Scan URL

URL: https://www.facebook.com/AmigoSecreto.com.br

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@amigosecretocombr

Search URL Search Domain Scan URL

URL: https://twitter.com/amigo_secreto

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/amigosecretocombr

Search URL Search Domain Scan URL

URL: http://blog.amigosecreto.com.br/
Title: Blog

Search URL Search Domain Scan URL

URL: http://amigosecreto.zendesk.com/hc
Title: Ajuda

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.amigosecreto.com.br/il/click.asp?esp=4579 HTTP 302
https://images.il.com.br/click.asp?esp=4579 Page URL
https://www.amigosecreto.com.br/?utm_source=amigosecreto&utm_medium=email-mkt&utm_campaign=as2023 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://www.amigosecreto.com.br/il/click.asp?esp=4579 HTTP 302
https://images.il.com.br/click.asp?esp=4579

Request Chain 116

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFJAPmfVbXEB9b2bbtW8rQ4&google_cver=1

Request Chain 117

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVJx0zF.UEgtA-3d-vLo4gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFJAPmfVbXEB9b2bbtW8rQ4&google_cver=1&google_hm=2

Request Chain 118

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEHQTdLkoFsC7c8L6kOvTMTs&google_cver=1

Request Chain 119

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjczNzM1OTc0MTI0MTgyOTM4

Request Chain 156

https://www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3f7a1f4a8a28d%26domain%3Dwww.amigosecreto.com.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.amigosecreto.com.br%252Ff2ea269856db2a%26relation%3Dparent.parent&container_width=350&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FAmigoSecreto.com.br&locale=pt_BR&sdk=joey&show_facepile=true&small_header=true&width=290 HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3f7a1f4a8a28d%2526domain%253Dwww.amigosecreto.com.br%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.amigosecreto.com.br%25252Ff2ea269856db2a%2526relation%253Dparent.parent%26container_width%3D350%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FAmigoSecreto.com.br%26locale%3Dpt_BR%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue%26width%3D290

Request Chain 159

https://pixel.adsafeprotected.com/rfw/st/1564033/72645939/skeleton.js?bundleId=&ias_dspID=3&ias_campId=1013287007&ias_pubId=pub-6260959165761598&ias_chanId=1&ias_placementId=20328774607&bidurl=https://www.amigosecreto.com.br/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jLpbyMHZ5owN67ii2whRdr&adsafe_url=https%3A%2F%2Fwww.amigosecreto.com.br&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.amigosecreto.com.br%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:22b2ec17-ee5b-7a66-ef70-d39cf45486ab,c:tSzO4g,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-55cb844bf6-6nc5p,rg:or,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,scm:dfhui1,mtim:260,mot:0,app:0,maw:0,fm:tVwbasy+111%7C112%7C113%7C114%7C121%7C122%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a*.1564033-72645939%7C1a1%7C1a2%7C1a3%7C1b,idMap:1a*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,tt:rjss,et:287,oid:a115264d-8256-11ee-a2f1-ea66f8c24ba4,v:19.8.459,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js?bundleId=

185 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

click.asp
images.il.com.br/
Redirect Chain

https://www.amigosecreto.com.br/il/click.asp?esp=4579
https://images.il.com.br/click.asp?esp=4579

137 B
305 B

829ms
201ms

Document
text/html

66.232.27.70
WEBHOST-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://images.il.com.br/click.asp?esp=4579
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.70 , United States, ASN27229 (WEBHOST-ASN1, US),
Reverse DNS: images.curriculum.com.br
Software: nginx/1.18.0 (Ubuntu) / ASP.NET
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private
content-encoding: gzip
content-type: text/html
date: Mon, 13 Nov 2023 18:58:24 GMT
server: nginx/1.18.0 (Ubuntu)
x-powered-by: ASP.NET

Redirect headers

cache-control: private
content-length: 164
content-type: text/html
date: Mon, 13 Nov 2023 18:58:23 GMT
expires: Mon, 13 Nov 2023 18:57:23 GMT
location: https://images.il.com.br/click.asp?esp=4579
server: nginx/1.18.0 (Ubuntu)
x-powered-by: ASP.NET

GET
H2 200 Primary Request / Show response
www.amigosecreto.com.br/ 31 KB
8 KB 178ms
177ms Document
text/html 66.232.27.51
WEBHOST-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amigosecreto.com.br/?utm_source=amigosecreto&utm_medium=email-mkt&utm_campaign=as2023
Requested by: Host: images.il.com.br
URL: https://images.il.com.br/click.asp?esp=4579
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN27229 (WEBHOST-ASN1, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) / ASP.NET
Resource Hash: 4f3fb001823a36c026ac3c56ceb242c0b6351d4616fa9c55075a501728386aef

Request headers

Referer: https://images.il.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private
content-encoding: gzip
content-type: text/html
date: Mon, 13 Nov 2023 18:58:24 GMT
expires: -1,Sun, 12 Nov 2023 18:58:24 GMT
pragma: no-cache
server: nginx/1.18.0 (Ubuntu)
x-powered-by: ASP.NET

GET
H2 200 owl.carousel.css
www.amigosecreto.com.br/js/plugins/owl-carousel/ 2 KB
2 KB 473ms
471ms Stylesheet
text/css 66.232.27.51
WEBHOST-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amigosecreto.com.br/js/plugins/owl-carousel/owl.carousel.css?var=202311122240
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/?utm_source=amigosecreto&utm_medium=email-mkt&utm_campaign=as2023
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN27229 (WEBHOST-ASN1, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) / ASP.NET
Resource Hash: 78674c24919c24b1047cfcb448907e28a91281d511eb2a9c75433680f5ab4cdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/?utm_source=amigosecreto&utm_medium=email-mkt&utm_campaign=as2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:25 GMT
last-modified: Thu, 14 Dec 2017 23:24:43 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "802f9db83275d31:0"
x-powered-by: ASP.NET
content-type: text/css
accept-ranges: bytes
content-length: 2062

GET
H2 200 owl.theme.css
www.amigosecreto.com.br/js/plugins/owl-carousel/ 2 KB
2 KB 162ms
160ms Stylesheet
text/css 66.232.27.51
WEBHOST-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amigosecreto.com.br/js/plugins/owl-carousel/owl.theme.css?var=202311122240
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/?utm_source=amigosecreto&utm_medium=email-mkt&utm_campaign=as2023
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN27229 (WEBHOST-ASN1, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) / ASP.NET
Resource Hash: a72843979d55dc4d5d9bcac65c18b3b75d753258c9fece915f49e9ad52a290b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/?utm_source=amigosecreto&utm_medium=email-mkt&utm_campaign=as2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:25 GMT
last-modified: Wed, 06 Sep 2017 19:24:56 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "0f465d24527d31:0"
x-powered-by: ASP.NET
content-type: text/css
accept-ranges: bytes
content-length: 1743

GET
H2 200 main.css
www.amigosecreto.com.br/css/themes/amigosecreto/ 441 KB
442 KB 319ms
317ms Stylesheet
text/css 66.232.27.51
WEBHOST-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amigosecreto.com.br/css/themes/amigosecreto/main.css?var=202311122240
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/?utm_source=amigosecreto&utm_medium=email-mkt&utm_campaign=as2023
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN27229 (WEBHOST-ASN1, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) / ASP.NET
Resource Hash: ae23784b80b3af05f1330516409f816a15d794e38a9ae9a9458f5b0918c3be20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/?utm_source=amigosecreto&utm_medium=email-mkt&utm_campaign=as2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:25 GMT
last-modified: Mon, 13 Nov 2023 01:32:38 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "07f1f49d115da1:0"
x-powered-by: ASP.NET
content-type: text/css
accept-ranges: bytes
content-length: 451767

GET
H2 200 blackfriend.css
www.amigosecreto.com.br/css/themes/amigosecreto/ 735 B
898 B 162ms
161ms Stylesheet
text/css 66.232.27.51
WEBHOST-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amigosecreto.com.br/css/themes/amigosecreto/blackfriend.css?var=202311122240
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/?utm_source=amigosecreto&utm_medium=email-mkt&utm_campaign=as2023
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN27229 (WEBHOST-ASN1, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) / ASP.NET
Resource Hash: 252001d3ee62be0c78acc972d8815a95db0f0e71590cc94178b9922b4b707e6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/?utm_source=amigosecreto&utm_medium=email-mkt&utm_campaign=as2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:25 GMT
last-modified: Mon, 13 Nov 2023 01:36:30 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "0e367d3d115da1:0"
x-powered-by: ASP.NET
content-type: text/css
accept-ranges: bytes
content-length: 735

GET
H2 200 jquery-3.1.1.min.js Show response
www.amigosecreto.com.br/js/jquery/ 85 KB
85 KB 318ms
316ms Script
application/javascript 66.232.27.51
WEBHOST-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amigosecreto.com.br/js/jquery/jquery-3.1.1.min.js
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/?utm_source=amigosecreto&utm_medium=email-mkt&utm_campaign=as2023
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN27229 (WEBHOST-ASN1, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) / ASP.NET
Resource Hash: 1cf30e59d21d4ae560af7143f5913efcc8222bcaa4fcc7508eb802b5faa9e94e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/?utm_source=amigosecreto&utm_medium=email-mkt&utm_campaign=as2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:25 GMT
last-modified: Tue, 28 Nov 2017 21:47:16 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "0caeb749268d31:0"
x-powered-by: ASP.NET
content-type: application/javascript
accept-ranges: bytes
content-length: 86713

GET
H2 200 owl.carousel.js Show response
www.amigosecreto.com.br/js/plugins/owl-carousel/ 87 KB
87 KB 318ms
316ms Script
application/javascript 66.232.27.51
WEBHOST-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amigosecreto.com.br/js/plugins/owl-carousel/owl.carousel.js
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/?utm_source=amigosecreto&utm_medium=email-mkt&utm_campaign=as2023
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN27229 (WEBHOST-ASN1, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) / ASP.NET
Resource Hash: 5b7bda0af3dd9f5712d7b58867ae96898863dfa09ed16b1997ab6bba59a1f315

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/?utm_source=amigosecreto&utm_medium=email-mkt&utm_campaign=as2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:25 GMT
last-modified: Wed, 25 Nov 2020 03:08:50 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "08d214cd8c2d61:0"
x-powered-by: ASP.NET
content-type: application/javascript
accept-ranges: bytes
content-length: 88639

GET
H2 200 tether.min.js Show response
www.amigosecreto.com.br/css/bootstrap/dist/js/ 27 KB
27 KB 317ms
315ms Script
application/javascript 66.232.27.51
WEBHOST-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amigosecreto.com.br/css/bootstrap/dist/js/tether.min.js
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/?utm_source=amigosecreto&utm_medium=email-mkt&utm_campaign=as2023
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN27229 (WEBHOST-ASN1, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) / ASP.NET
Resource Hash: 862f5e7bf96f53112e8d4b35edfe9aad7f88181ecc776db926bfe3e4a515f7aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/?utm_source=amigosecreto&utm_medium=email-mkt&utm_campaign=as2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:25 GMT
last-modified: Tue, 17 Oct 2017 16:35:14 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "0cd63e86547d31:0"
x-powered-by: ASP.NET
content-type: application/javascript
accept-ranges: bytes
content-length: 27498

GET
H2 200 bootstrap.min.js Show response
www.amigosecreto.com.br/css/bootstrap/dist/js/ 44 KB
44 KB 317ms
316ms Script
application/javascript 66.232.27.51
WEBHOST-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amigosecreto.com.br/css/bootstrap/dist/js/bootstrap.min.js
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/?utm_source=amigosecreto&utm_medium=email-mkt&utm_campaign=as2023
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN27229 (WEBHOST-ASN1, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) / ASP.NET
Resource Hash: 8fe5ebbe44388c9f7d1e3d2924a3ebea4d110a0c430d24ecdcf06a2eb5f610c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/?utm_source=amigosecreto&utm_medium=email-mkt&utm_campaign=as2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:25 GMT
last-modified: Tue, 17 Oct 2017 16:35:14 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "0cd63e86547d31:0"
x-powered-by: ASP.NET
content-type: application/javascript
accept-ranges: bytes
content-length: 44735

GET
H2 200 scripts.js Show response
www.amigosecreto.com.br/js/ 34 KB
34 KB 317ms
316ms Script
application/javascript 66.232.27.51
WEBHOST-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amigosecreto.com.br/js/scripts.js?var=202311122240
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/?utm_source=amigosecreto&utm_medium=email-mkt&utm_campaign=as2023
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN27229 (WEBHOST-ASN1, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) / ASP.NET
Resource Hash: e28ad55da00153b0123915f629dd34cb5e9f1de065c33f7c096e84d5f33d0b7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/?utm_source=amigosecreto&utm_medium=email-mkt&utm_campaign=as2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:25 GMT
last-modified: Tue, 18 Oct 2022 20:33:02 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "0137dd130e3d81:0"
x-powered-by: ASP.NET
content-type: application/javascript
accept-ranges: bytes
content-length: 34594

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 101 KB
31 KB 173ms
85ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/?utm_source=amigosecreto&utm_medium=email-mkt&utm_campaign=as2023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58e76c492eae94b396915e82e7414080a3781447920b3e04b4dc19f89758da56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31463
x-xss-protection: 0
server: cafe
etag: 239 / 19674 / m202311080101 / config-hash: 9505626324632000139
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 13 Nov 2023 18:58:26 GMT

GET
H2 200 logo-blackfriend.png
www.amigosecreto.com.br/images/themes/amigosecreto/ 14 KB
14 KB 161ms
160ms Image
image/png 66.232.27.51
WEBHOST-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.amigosecreto.com.br/images/themes/amigosecreto/logo-blackfriend.png
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/?utm_source=amigosecreto&utm_medium=email-mkt&utm_campaign=as2023
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN27229 (WEBHOST-ASN1, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) / ASP.NET
Resource Hash: 1314782a6823d4d4cf17adf55e1985ee8d5d447ce28457e75f84493efbde641d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/?utm_source=amigosecreto&utm_medium=email-mkt&utm_campaign=as2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:25 GMT
last-modified: Wed, 08 Nov 2023 19:21:45 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "802aa6cf7812da1:0"
x-powered-by: ASP.NET
content-type: image/png
accept-ranges: bytes
content-length: 14007

GET
H2 200 logo-amigo-secreto.png
www.amigosecreto.com.br/images/themes/amigosecreto/ 21 KB
21 KB 629ms
628ms Image
image/png 66.232.27.51
WEBHOST-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.amigosecreto.com.br/images/themes/amigosecreto/logo-amigo-secreto.png
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/?utm_source=amigosecreto&utm_medium=email-mkt&utm_campaign=as2023
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN27229 (WEBHOST-ASN1, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) / ASP.NET
Resource Hash: 4fa1fbb70e211f5034e5e72297a70b26290c8b6851d4d9253d304add87c5216c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/?utm_source=amigosecreto&utm_medium=email-mkt&utm_campaign=as2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:25 GMT
last-modified: Tue, 12 Sep 2023 16:33:04 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "06084cd96e5d91:0"
x-powered-by: ASP.NET
content-type: image/png
accept-ranges: bytes
content-length: 21159

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 151 KB
52 KB 183ms
94ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6260959165761598

Requested by

Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/?utm_source=amigosecreto&utm_medium=email-mkt&utm_campaign=as2023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec128873eaa636d64c032688f8078a183dc65e24272f3c3325143ee311e8bbf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.amigosecreto.com.br/
Origin: https://www.amigosecreto.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52814
x-xss-protection: 0
server: cafe
etag: 9761306161436562796
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 13 Nov 2023 18:58:26 GMT

GET
H2 200 jquery.cookie.js Show response
cdn.jsdelivr.net/jquery.cookie/1.1/ 2 KB
2 KB 132ms
49ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/jquery.cookie/1.1/jquery.cookie.js

Requested by

Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/?utm_source=amigosecreto&utm_medium=email-mkt&utm_campaign=as2023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1440f1a09f9b2c13c4459191aa9e390b5efa998db377d60e5f88b4a1f6886805

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 474611
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230038-FRA
server: cloudflare
etag: W/"733-GTysKzh+kGKSffuPyT9NLnUvh6E"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8zYGDPmkzy6gPh7QhRMseBelUahC9AdGpmn9vNVeJ85ZorNK1%2FzvWaV5knxRIOwHRCiA4RqFBb2L4NEZkBrhDumAyaF18ChA2SeV%2BF76OHYAZ2odfVmUAF1rzPgItMBayxdDT%2BvcS6X2kxNDA58%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 82593efcccd84dcd-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 132 KB
51 KB 141ms
54ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-5699012-5

Requested by

Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/?utm_source=amigosecreto&utm_medium=email-mkt&utm_campaign=as2023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e68de99a451c0ddc94f691c9351c9a1c5d97d00c47ae8f51d27639885f5130bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 51418
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 13 Nov 2023 18:58:26 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 115 KB
44 KB 150ms
63ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NJXLM59

Requested by

Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/?utm_source=amigosecreto&utm_medium=email-mkt&utm_campaign=as2023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3f37bddd375cf2646702677b6c607c0d8c365899ac52d9e87fb9861e9583a40e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45323
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 13 Nov 2023 18:58:26 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 144ms
49ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu:300,400,700

Requested by

Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/css/themes/amigosecreto/main.css?var=202311122240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2ff03a27b1279e642a25b88582f99925f26ac69149a1e828ad3cc862a455b3bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 13 Nov 2023 18:58:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 18:39:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Nov 2023 18:58:25 GMT

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
587 B 144ms
50ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Maven+Pro:wght@400;500;600&display=swap

Requested by

Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/css/themes/amigosecreto/main.css?var=202311122240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

69471d73fdd7c16540c41a040ee1d68b7ea09d9bc3ab236392c4e1d728d13a20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 13 Nov 2023 18:58:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 18:58:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Nov 2023 18:58:25 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/pt_BR/ 3 KB
2 KB 245ms
163ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/sdk.js

Requested by

Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/?utm_source=amigosecreto&utm_medium=email-mkt&utm_campaign=as2023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

05d5eb9a7560b5768cf322cc2da63c3c66f0d65101444e3708a295134df3952c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 13 Nov 2023 18:58:26 GMT
content-md5: 901Z9zUkfPsRW4la3kDOvg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1689
reporting-endpoints
x-fb-debug: Rs+JUEVpZkuReE0JFIhY7cjOr9BntnZUzjhLEdlRhOJm3le+bIV1Cle3u/D/BU39rL9d5DjhXoBOlCxKIZ3nBQ==
x-fb-content-md5: 1dac2e4222977fe34e17575beb6cfed4
cross-origin-opener-policy: same-origin-allow-popups
etag: "6fa68f7d8b633879ca8f6a2f4257159d"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Mon, 13 Nov 2023 19:10:18 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 121ms
40ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/?utm_source=amigosecreto&utm_medium=email-mkt&utm_campaign=as2023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 13 Nov 2023 18:58:26 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: ZT2aWGMFy/eTlccP/CsQ0OK3/V4FPaGcWsdjdGC8AAGrYvGpt/ymH1Ny8vul7Ugu0y12ZVr5TVGtAsvYYrx0XQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
www.amigosecreto.com.br/presentes/destaque/home-deslogada/ Frame 405D 64 KB
14 KB 200ms
199ms Document
text/html 66.232.27.51
WEBHOST-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amigosecreto.com.br/presentes/destaque/home-deslogada/
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/?utm_source=amigosecreto&utm_medium=email-mkt&utm_campaign=as2023
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN27229 (WEBHOST-ASN1, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f6ac8c2ed700717e60d76e8391f06562d2f65382acbd76e696ea65de9306a595

Request headers

Referer: https://www.amigosecreto.com.br/?utm_source=amigosecreto&utm_medium=email-mkt&utm_campaign=as2023
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=3600, public
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 13 Nov 2023 18:58:26 GMT
etag: "df6776c5d93be7e3e2684edea5b33acd"
last-modified: Mon, 13 Nov 2023 18:58:26 GMT
pragma: public
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding

GET
H2 200 patrocinadores.asp Show response
www.amigosecreto.com.br/ Frame E98D 6 KB
2 KB 163ms
162ms Document
text/html 66.232.27.51
WEBHOST-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amigosecreto.com.br/patrocinadores.asp
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/?utm_source=amigosecreto&utm_medium=email-mkt&utm_campaign=as2023
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN27229 (WEBHOST-ASN1, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) / ASP.NET
Resource Hash: 99a72945b2bc7c9b6e21f87854905b0760833e236e0891750c6cf01c8585922a

Request headers

Referer: https://www.amigosecreto.com.br/?utm_source=amigosecreto&utm_medium=email-mkt&utm_campaign=as2023
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-transform, no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0, max-age=0
content-encoding: gzip
content-type: text/html
date: Mon, 13 Nov 2023 18:58:26 GMT
expires: -1,Sun, 12 Nov 2023 18:58:26 GMT
pragma: no-cache
server: nginx/1.18.0 (Ubuntu)
x-powered-by: ASP.NET

GET
H2 200 00_bco.asp Show response
www.amigosecreto.com.br/ Frame AAB6 152 B
369 B 171ms
170ms Document
text/html 66.232.27.51
WEBHOST-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amigosecreto.com.br/00_bco.asp
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/?utm_source=amigosecreto&utm_medium=email-mkt&utm_campaign=as2023
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN27229 (WEBHOST-ASN1, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) / ASP.NET
Resource Hash: 95c30c0c79aab954ef04aac162402d7bd9efed9474788f4a2783cf4339a66b6e

Request headers

Referer: https://www.amigosecreto.com.br/?utm_source=amigosecreto&utm_medium=email-mkt&utm_campaign=as2023
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-transform, no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0, max-age=0
content-encoding: gzip
content-type: text/html
date: Mon, 13 Nov 2023 18:58:26 GMT
expires: -1,Sun, 12 Nov 2023 18:58:26 GMT
pragma: no-cache
server: nginx/1.18.0 (Ubuntu)
x-powered-by: ASP.NET

GET
H2 200 00_bco.asp Show response
www.amigosecreto.com.br/ Frame B7ED 152 B
369 B 170ms
170ms Document
text/html 66.232.27.51
WEBHOST-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amigosecreto.com.br/00_bco.asp
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/?utm_source=amigosecreto&utm_medium=email-mkt&utm_campaign=as2023
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN27229 (WEBHOST-ASN1, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) / ASP.NET
Resource Hash: 95c30c0c79aab954ef04aac162402d7bd9efed9474788f4a2783cf4339a66b6e

Request headers

Referer: https://www.amigosecreto.com.br/?utm_source=amigosecreto&utm_medium=email-mkt&utm_campaign=as2023
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-transform, no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0, max-age=0
content-encoding: gzip
content-type: text/html
date: Mon, 13 Nov 2023 18:58:26 GMT
expires: -1,Sun, 12 Nov 2023 18:58:26 GMT
pragma: no-cache
server: nginx/1.18.0 (Ubuntu)
x-powered-by: ASP.NET

GET
H2 200 home-bg-02.jpg
www.amigosecreto.com.br/images/themes/amigosecreto/ 154 KB
155 KB 158ms
157ms Image
image/jpeg 66.232.27.51
WEBHOST-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.amigosecreto.com.br/images/themes/amigosecreto/home-bg-02.jpg
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/?utm_source=amigosecreto&utm_medium=email-mkt&utm_campaign=as2023
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN27229 (WEBHOST-ASN1, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) / ASP.NET
Resource Hash: c1282be42b8d2163c8d5b170521ce2f167ebfaabecbf4cc34e63299ee61dc651

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/?utm_source=amigosecreto&utm_medium=email-mkt&utm_campaign=as2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:26 GMT
last-modified: Sat, 08 Oct 2022 15:48:58 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "091577a2ddbd81:0"
x-powered-by: ASP.NET
content-type: image/jpeg
accept-ranges: bytes
content-length: 158042

GET
H2 200 tiktok.png
www.amigosecreto.com.br/images/themes/amigosecreto/icons/ 2 KB
3 KB 164ms
164ms Image
image/png 66.232.27.51
WEBHOST-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.amigosecreto.com.br/images/themes/amigosecreto/icons/tiktok.png
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/css/themes/amigosecreto/main.css?var=202311122240
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN27229 (WEBHOST-ASN1, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) / ASP.NET
Resource Hash: 14c2c2d31549def425126ae4d7ab7ec66cc9f103770154c1f201bc99cc74a47f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/css/themes/amigosecreto/main.css?var=202311122240
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:26 GMT
last-modified: Sun, 13 Nov 2022 15:11:46 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "065d63e72f7d81:0"
x-powered-by: ASP.NET
content-type: image/png
accept-ranges: bytes
content-length: 2487

GET
H2 200 4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v20/ 34 KB
35 KB 133ms
40ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.amigosecreto.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:02:55 GMT
x-content-type-options: nosniff
age: 334531
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34852
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:31:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Nov 2024 22:02:55 GMT

GET
H2 200 fontawesome-webfont.woff2
netdna.bootstrapcdn.com/font-awesome/4.6.3/fonts/ 70 KB
71 KB 148ms
59ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/font-awesome/4.6.3/fonts/fontawesome-webfont.woff2?v=4.6.3

Requested by

Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/css/themes/amigosecreto/main.css?var=202311122240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.amigosecreto.com.br/
Origin: https://www.amigosecreto.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1076
age: 45178
cdn-cachedat: 10/31/2023 18:59:59
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 71896
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "e6cf7c6ec7c2d6f670ae9d762604cb0b"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 4d23fd71de7e08251016e5b8efb276f8
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 82593f0108594d32-FRA
cdn-requestpullsuccess: True

GET
H2 200 4iCv6KVjbNBYlgoCxCvjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ 29 KB
29 KB 203ms
111ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.amigosecreto.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 04:09:27 GMT
x-content-type-options: nosniff
age: 226139
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29752
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:05:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Nov 2024 04:09:27 GMT

GET
H2 200 4iCv6KVjbNBYlgoC1CzjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ 38 KB
38 KB 177ms
85ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoC1CzjsGyN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5515c53111bb4a4f45aff63d06df893ae9033dc85e82cc2ef27fc099a4d7609

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.amigosecreto.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 01:17:08 GMT
x-content-type-options: nosniff
age: 236478
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38752
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:04:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Nov 2024 01:17:08 GMT

GET
H2 200 00_bco.asp Show response
www.amigosecreto.com.br/ Frame 1EA9 152 B
369 B 163ms
162ms Document
text/html 66.232.27.51
WEBHOST-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amigosecreto.com.br/00_bco.asp
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/?utm_source=amigosecreto&utm_medium=email-mkt&utm_campaign=as2023
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN27229 (WEBHOST-ASN1, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) / ASP.NET
Resource Hash: 95c30c0c79aab954ef04aac162402d7bd9efed9474788f4a2783cf4339a66b6e

Request headers

Referer: https://www.amigosecreto.com.br/?utm_source=amigosecreto&utm_medium=email-mkt&utm_campaign=as2023
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-transform, no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0, max-age=0
content-encoding: gzip
content-type: text/html
date: Mon, 13 Nov 2023 18:58:26 GMT
expires: -1,Sun, 12 Nov 2023 18:58:26 GMT
pragma: no-cache
server: nginx/1.18.0 (Ubuntu)
x-powered-by: ASP.NET

GET
H2 200 jquery-1.4.2.min.js Show response
www.amigosecreto.com.br/js/ Frame E98D 71 KB
71 KB 162ms
161ms Script
application/javascript 66.232.27.51
WEBHOST-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amigosecreto.com.br/js/jquery-1.4.2.min.js
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/patrocinadores.asp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN27229 (WEBHOST-ASN1, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) / ASP.NET
Resource Hash: 6779927a414cbf0fe75402465415087eb51e26f9a5f466bd8c59ed2df157d9b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/patrocinadores.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:26 GMT
last-modified: Wed, 06 Sep 2017 19:24:56 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "0f465d24527d31:0"
x-powered-by: ASP.NET
content-type: application/javascript
accept-ranges: bytes
content-length: 72328

GET
H2 200 jquery.cycle.lite.1.0.min.js Show response
www.amigosecreto.com.br/js/plugins/ Frame E98D 4 KB
4 KB 160ms
159ms Script
application/javascript 66.232.27.51
WEBHOST-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amigosecreto.com.br/js/plugins/jquery.cycle.lite.1.0.min.js
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/patrocinadores.asp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN27229 (WEBHOST-ASN1, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) / ASP.NET
Resource Hash: 924590d6c568380e23b9397b8e4b7f23e4df43b6a98d9675e3eea5be3bc6834e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/patrocinadores.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:26 GMT
last-modified: Wed, 06 Sep 2017 19:24:56 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "0f465d24527d31:0"
x-powered-by: ASP.NET
content-type: application/javascript
accept-ranges: bytes
content-length: 3890

GET
H2 200 site.css
www.amigosecreto.com.br/css/ Frame E98D 131 KB
131 KB 160ms
159ms Stylesheet
text/css 66.232.27.51
WEBHOST-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amigosecreto.com.br/css/site.css
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/patrocinadores.asp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN27229 (WEBHOST-ASN1, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) / ASP.NET
Resource Hash: 699887e1045d576408e48e01b72e33e39657a673e209f463e7760518cdc2823a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/patrocinadores.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:26 GMT
last-modified: Wed, 06 Sep 2017 19:24:54 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "0c734d14527d31:0"
x-powered-by: ASP.NET
content-type: text/css
accept-ranges: bytes
content-length: 133754

GET
H2 200 op3-reboot.css
www.amigosecreto.com.br/presentes/wp-content/plugins/op-builder/public/assets/css/ Frame 405D 4 KB
4 KB 160ms
158ms Stylesheet
text/css 66.232.27.51
WEBHOST-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amigosecreto.com.br/presentes/wp-content/plugins/op-builder/public/assets/css/op3-reboot.css?ver=e810b2650538d00e443c9322af46fd08
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/presentes/destaque/home-deslogada/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN27229 (WEBHOST-ASN1, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 665273a9b548830b3ae7acda2d45d9dd61a2bbb5223ebeaf37e5cb12bb4ac7c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/presentes/destaque/home-deslogada/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:26 GMT
last-modified: Tue, 31 Oct 2023 19:52:31 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "65415aff-e65"
content-type: text/css
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 3685
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 page-138.css
www.amigosecreto.com.br/presentes/wp-content/plugins/op-builder/public/assets/cache/ Frame 405D 22 KB
22 KB 160ms
158ms Stylesheet
text/css 66.232.27.51
WEBHOST-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amigosecreto.com.br/presentes/wp-content/plugins/op-builder/public/assets/cache/page-138.css?ver=415e81acfa0cf3da985ca532d1c8565f
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/presentes/destaque/home-deslogada/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN27229 (WEBHOST-ASN1, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: df9087237b9804035dbf46d276cc601be56096174e605fe02cecfa1ba6f45b92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/presentes/destaque/home-deslogada/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:26 GMT
last-modified: Thu, 09 Nov 2023 05:30:17 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "654c6e69-581d"
content-type: text/css
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 22557
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 smartslider.min.css
www.amigosecreto.com.br/presentes/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/ Frame 405D 22 KB
22 KB 160ms
158ms Stylesheet
text/css 66.232.27.51
WEBHOST-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amigosecreto.com.br/presentes/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/smartslider.min.css?ver=4e06d1a7
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/presentes/destaque/home-deslogada/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN27229 (WEBHOST-ASN1, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 970a471f91ad8bc60848134b6630c76d5300caa1e88e6ebed454174022dec0af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/presentes/destaque/home-deslogada/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:26 GMT
last-modified: Thu, 07 Sep 2023 22:13:24 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "64fa4b04-5689"
content-type: text/css
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 22153
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 405D 8 KB
928 B 50ms
48ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?display=swap&family=Ubuntu%3A300%2C400%7CRoboto%3A300%2C400

Requested by

Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/presentes/destaque/home-deslogada/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4dac4307464c58c79b17882847cd4166894288e7184c50afff68a19c6c3a7273

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 13 Nov 2023 18:58:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 18:58:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Nov 2023 18:58:26 GMT

GET
H2 200 jquery.min.js Show response
www.amigosecreto.com.br/presentes/wp-includes/js/jquery/ Frame 405D 86 KB
86 KB 159ms
157ms Script
application/javascript 66.232.27.51
WEBHOST-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amigosecreto.com.br/presentes/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/presentes/destaque/home-deslogada/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN27229 (WEBHOST-ASN1, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/presentes/destaque/home-deslogada/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:26 GMT
last-modified: Tue, 07 Nov 2023 20:04:04 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "654a9834-15601"
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 87553
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tracking.js Show response
www.amigosecreto.com.br/presentes/wp-content/plugins/op-dashboard/public/assets/js/ Frame 405D 746 B
963 B 160ms
159ms Script
application/javascript 66.232.27.51
WEBHOST-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amigosecreto.com.br/presentes/wp-content/plugins/op-dashboard/public/assets/js/tracking.js?ver=1.0.96
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/presentes/destaque/home-deslogada/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN27229 (WEBHOST-ASN1, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 820104d2635b6142cd4ad4bfc096f7bd1aa757a8150380730fde125cc1bc9e43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/presentes/destaque/home-deslogada/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:26 GMT
last-modified: Tue, 31 Oct 2023 19:52:50 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "65415b12-2ea"
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 746
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 405D 132 KB
50 KB 49ms
49ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-5699012-5

Requested by

Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/presentes/destaque/home-deslogada/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ef432b2d6a204dd907361abf001ceec4d8d9c81f79cd7e1023a3d4be9202fc15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 51418
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 13 Nov 2023 18:58:26 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 405D 152 KB
52 KB 93ms
92ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6260959165761598&host=ca-host-pub-2644536267352236

Requested by

Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/presentes/destaque/home-deslogada/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0998cafe4fb72f635108eecba3ce34132f05d3efafa09f7730566c6ddb664cb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.amigosecreto.com.br/
Origin: https://www.amigosecreto.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53150
x-xss-protection: 0
server: cafe
etag: 16182664037693882469
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 13 Nov 2023 18:58:26 GMT

GET
H2 200 n2.min.js Show response
www.amigosecreto.com.br/presentes/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/ Frame 405D 40 KB
41 KB 163ms
162ms Script
application/javascript 66.232.27.51
WEBHOST-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amigosecreto.com.br/presentes/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/n2.min.js?ver=4e06d1a7
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/presentes/destaque/home-deslogada/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN27229 (WEBHOST-ASN1, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: ec4eb1d43feb1ff5d46ff8fceb2ff6a7447a604bdbbe0e2c0e3fce9545954736

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/presentes/destaque/home-deslogada/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:26 GMT
last-modified: Thu, 07 Sep 2023 22:13:24 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "64fa4b04-a1d3"
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 41427
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 smartslider-frontend.min.js Show response
www.amigosecreto.com.br/presentes/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/ Frame 405D 111 KB
111 KB 162ms
161ms Script
application/javascript 66.232.27.51
WEBHOST-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amigosecreto.com.br/presentes/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/smartslider-frontend.min.js?ver=4e06d1a7
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/presentes/destaque/home-deslogada/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN27229 (WEBHOST-ASN1, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 866ce0557c25a351783f1f5287f6cee1332efafe406194195fb9c98234b8e162

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/presentes/destaque/home-deslogada/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:26 GMT
last-modified: Thu, 07 Sep 2023 22:13:24 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "64fa4b04-1bc65"
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 113765
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ss-simple.min.js Show response
www.amigosecreto.com.br/presentes/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Slider/SliderType/Simple/Assets/dist/ Frame 405D 13 KB
13 KB 164ms
163ms Script
application/javascript 66.232.27.51
WEBHOST-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amigosecreto.com.br/presentes/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Slider/SliderType/Simple/Assets/dist/ss-simple.min.js?ver=4e06d1a7
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/presentes/destaque/home-deslogada/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN27229 (WEBHOST-ASN1, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: ca6ef142765010507ac8c344ee29295e28bf2b93a06c536f14fdd91deff6a697

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/presentes/destaque/home-deslogada/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:26 GMT
last-modified: Thu, 07 Sep 2023 22:13:24 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "64fa4b04-3472"
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 13426
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 w-arrow-image.min.js Show response
www.amigosecreto.com.br/presentes/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Widget/Arrow/ArrowImage/Assets/dist/ Frame 405D 1 KB
2 KB 164ms
163ms Script
application/javascript 66.232.27.51
WEBHOST-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amigosecreto.com.br/presentes/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Widget/Arrow/ArrowImage/Assets/dist/w-arrow-image.min.js?ver=4e06d1a7
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/presentes/destaque/home-deslogada/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN27229 (WEBHOST-ASN1, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 11f4b1c5b48fa0100ba180a2e7ffc3296a59ecd4b210351bb452130979c8582c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/presentes/destaque/home-deslogada/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:26 GMT
last-modified: Thu, 07 Sep 2023 22:13:24 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "64fa4b04-5ae"
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 1454
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 w-bullet.min.js Show response
www.amigosecreto.com.br/presentes/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Widget/Bullet/Assets/dist/ Frame 405D 5 KB
6 KB 164ms
164ms Script
application/javascript 66.232.27.51
WEBHOST-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amigosecreto.com.br/presentes/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Widget/Bullet/Assets/dist/w-bullet.min.js?ver=4e06d1a7
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/presentes/destaque/home-deslogada/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN27229 (WEBHOST-ASN1, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: d6f3358743b370d0292e2c8db3820b32eb5ea5f8f4cac004b3d3a34c6557ee7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/presentes/destaque/home-deslogada/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:26 GMT
last-modified: Thu, 07 Sep 2023 22:13:24 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "64fa4b04-15f5"
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 5621
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 thumb-video-carrossel.jpg
www.amigosecreto.com.br/presentes/wp-content/uploads/2022/10/ Frame 405D 44 KB
44 KB 160ms
159ms Image
image/jpeg 66.232.27.51
WEBHOST-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.amigosecreto.com.br/presentes/wp-content/uploads/2022/10/thumb-video-carrossel.jpg
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/presentes/destaque/home-deslogada/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN27229 (WEBHOST-ASN1, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 665bcb6ed770ac2912650669bab9a192745b8bde1492e4eae4c9de962930552a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/presentes/destaque/home-deslogada/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:26 GMT
last-modified: Sun, 09 Oct 2022 01:43:53 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "63422759-af79"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 44921
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 page-138.nodelay.js Show response
www.amigosecreto.com.br/presentes/wp-content/plugins/op-builder/public/assets/cache/ Frame 405D 11 KB
11 KB 159ms
158ms Script
application/javascript 66.232.27.51
WEBHOST-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amigosecreto.com.br/presentes/wp-content/plugins/op-builder/public/assets/cache/page-138.nodelay.js?ver=415e81acfa0cf3da985ca532d1c8565f
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/presentes/destaque/home-deslogada/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN27229 (WEBHOST-ASN1, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 83e15bac592379d6321bb5bd62f6a378a2229cc902f064c148f2032feb5bde86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/presentes/destaque/home-deslogada/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:26 GMT
last-modified: Thu, 09 Nov 2023 05:30:17 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "654c6e69-2c14"
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 11284
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311080101/ 428 KB
135 KB 136ms
39ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311080101/pubads_impl.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b9b20c45fa7937a540df46f96c90d6a36a0f3c2cc4be9f500e89168b0ea330a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 11:57:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25261
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137198
x-xss-protection: 0
server: cafe
etag: 1612709275544178178
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 12 Nov 2024 11:57:25 GMT

GET
BLOB 200
OK 00b0aed6-b079-470a-a885-f6ed32fb909d
https://www.amigosecreto.com.br/ Frame 405D 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.amigosecreto.com.br/00b0aed6-b079-470a-a885-f6ed32fb909d
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/presentes/destaque/home-deslogada/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/ 400 KB
135 KB 185ms
105ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6260959165761598&plah=www.amigosecreto.com.br

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6260959165761598

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e9799d6889333c95e582dd5e8988699b207bda2cee6898e0bf9b0580233fd04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138480
x-xss-protection: 0
server: cafe
etag: 298916962827105882
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 13 Nov 2023 18:58:26 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231108/r20190131/ Frame 9E25 9 KB
4 KB 127ms
39ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231108/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6260959165761598

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.amigosecreto.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 12418
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 13 Nov 2023 15:31:28 GMT
etag: 16674218716276178799
expires: Mon, 27 Nov 2023 15:31:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 hotjar-2766609.js Show response
static.hotjar.com/c/ 9 KB
4 KB 156ms
49ms Script
application/javascript 52.222.139.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2766609.js?sv=6

Requested by

Host: images.il.com.br
URL: https://images.il.com.br/click.asp?esp=4579

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.139.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-139-19.ams50.r.cloudfront.net

Software

Resource Hash

af2781a535d6ebb9937eb6c109e1cca91d43a0584252d561f7331a118ef80a3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Mon, 13 Nov 2023 18:58:26 GMT
via: 1.1 ff991951152c9edc076607bc5a471612.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS50-C1
age: 55
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/609794e922fbeab58d099435dad9b2c5
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: RetzrK8kdm9IcUVakCOqJYfzIJh-VY8saEj38wY2eM6vNfqkyOummA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 186 KB
67 KB 54ms
54ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-5699012-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJXLM59

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c2a1f50a60bde2976b5f3488cc773fe2d73cc9c8e741c6700c9bf5c852cec0dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68750
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 13 Nov 2023 18:58:26 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 240 KB
83 KB 62ms
62ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MH0ZFXE61K&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-5699012-5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bcd19a9d5a816d9a38f85e9c6467e2b6d4f45dd054d6447cb93212e56af477ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85360
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 13 Nov 2023 18:58:26 GMT

GET
H2 200 788304701281929 Show response
connect.facebook.net/signals/config/ 139 KB
36 KB 99ms
98ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/788304701281929?v=2.9.138&r=stable&domain=www.amigosecreto.com.br

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

076336fdd4c5acfa3555badec27bf1d55f370ead418e5500427179c5c782c0e4

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 13 Nov 2023 18:58:26 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: M/1fWwUaT7z9fQGsJeeYcL8ABNapKgSEjSfS+e4AgyfFFEqrUiRFnFvoIYr3/gMEtAGg0B4LFnn48SIYhgYP/Q==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/pt_BR/ 297 KB
85 KB 85ms
41ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/sdk.js?hash=132377958eee9a902922764736f395e6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c9c6dbca6551abc94328d2de87ab016d69fa9035811709272161f76091a52068

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.amigosecreto.com.br/
Origin: https://www.amigosecreto.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 13 Nov 2023 18:58:26 GMT
content-md5: BJH0asja8ci1QZqr5ZZTsw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86929
reporting-endpoints
x-fb-debug: m0jgWlKSwqK+CM9iFkrtw7k0cUjBFCa8PJF++Yv03b/GrstmQIx2ATW/unUmJu3qwjvWWycsuL9ROWORBy6Pmg==
x-fb-content-md5: d8dce1528087e15883bd0da26ec08383
cross-origin-opener-policy: same-origin-allow-popups
etag: "8a10df06885043d7dc6d75af103f7aec"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Tue, 12 Nov 2024 17:36:16 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame E98D 101 KB
31 KB 100ms
99ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/patrocinadores.asp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09f067898cd4c8bd05a3e0528266f39c7d5bff6b09c46f436b77226ef5416658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31462
x-xss-protection: 0
server: cafe
etag: 893 / 19674 / 31079592 / config-hash: 9505626324632000139
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 13 Nov 2023 18:58:26 GMT

GET
DATA 200
OK truncated
/ Frame 405D 34 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/webp

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 405D 115 KB
44 KB 52ms
52ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NJXLM59

Requested by

Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/presentes/destaque/home-deslogada/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1c0b40607413fb72210d2fae45f70bf47dd69ee16abfd54584cc6b4f1304707b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45324
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 13 Nov 2023 18:58:26 GMT

GET
DATA 200
OK truncated
/ Frame 405D 374 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f68361193d90603a25d438f72f3497c2a4c3deaf087df0e8ecac48b8a58aaf55

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v20/ Frame 405D 34 KB
34 KB 40ms
39ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?display=swap&family=Ubuntu%3A300%2C400%7CRoboto%3A300%2C400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.amigosecreto.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:02:55 GMT
x-content-type-options: nosniff
age: 334531
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34852
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:31:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Nov 2024 22:02:55 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 405D 15 KB
15 KB 48ms
48ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?display=swap&family=Ubuntu%3A300%2C400%7CRoboto%3A300%2C400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.amigosecreto.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:06:52 GMT
x-content-type-options: nosniff
age: 312694
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Nov 2024 04:06:52 GMT

GET
DATA 200
OK truncated
/ Frame 405D 382 B
382 B Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7485684ab40601d4a059a0553f57645611c29e78e77c140b21327af71106c15

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 wp-emoji-release.min.js Show response
www.amigosecreto.com.br/presentes/wp-includes/js/ Frame 405D 18 KB
18 KB 157ms
157ms Script
application/javascript 66.232.27.51
WEBHOST-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amigosecreto.com.br/presentes/wp-includes/js/wp-emoji-release.min.js?ver=e810b2650538d00e443c9322af46fd08
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/presentes/destaque/home-deslogada/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN27229 (WEBHOST-ASN1, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/presentes/destaque/home-deslogada/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:26 GMT
last-modified: Thu, 07 Sep 2023 22:10:33 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "64fa4a59-4904"
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 18692
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 265 KB
89 KB 58ms
58ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-J2TS8EPKY3&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-5699012-1&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

22e056d59c62c03f657756cdd1b0cdb9d9afadcbdb9528ef3645fd958660964d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91374
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 13 Nov 2023 18:58:26 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 126ms
39ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-5699012-1&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 13 Nov 2023 17:51:30 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4016
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 13 Nov 2023 19:51:30 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
259 B 132ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-MH0ZFXE61K&gtm=45je3b81v887988591&_p=1699901905002&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=727135855.1699901906&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1699901906&sct=1&seg=0&dl=https%3A%2F%2Fwww.amigosecreto.com.br%2F%3Futm_source%3Damigosecreto%26utm_medium%3Demail-mkt%26utm_campaign%3Das2023&dr=https%3A%2F%2Fimages.il.com.br%2F&dt=O%20site%20oficial%20do%20Amigo%20Secreto&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1627
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MH0ZFXE61K&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Nov 2023 18:58:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.amigosecreto.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 122ms
40ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=788304701281929&ev=PageView&dl=https%3A%2F%2Fwww.amigosecreto.com.br%2F%3Futm_source%3Damigosecreto%26utm_medium%3Demail-mkt%26utm_campaign%3Das2023&rl=https%3A%2F%2Fimages.il.com.br%2F&if=false&ts=1699901906470&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.2.1699901906468.1502808416&cs_est=true&ler=other&it=1699901906284&coo=false&rqm=GET

Requested by

Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/?utm_source=amigosecreto&utm_medium=email-mkt&utm_campaign=as2023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 13 Nov 2023 18:58:26 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 modules.4fff30a11f83c70bc2a1.js Show response
script.hotjar.com/ 225 KB
56 KB 160ms
44ms Script
application/javascript 13.32.27.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.4fff30a11f83c70bc2a1.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2766609.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-21.fra56.r.cloudfront.net

Software

Resource Hash

a603b2b20c78990ff3b6b9e99a5d303b936d8885950ced8135df87c23eff4f20

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 12:03:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 2e4a0520ad8fe16707823b20e9441e08.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 370520
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 57093
last-modified: Thu, 09 Nov 2023 12:03:05 GMT
etag: "90fe477ee0715709dc5b1153c76d0f7a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: Wkj69L6c1Can2cXHuEZ2_IJKVx9KMVZHFjDaWcd738ZmmSx5IVGUmA==

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
12 KB 412ms
411ms Fetch
text/plain 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1941516421622326&correlator=1007606278621213&eid=31079233%2C31079527&output=ldjh&gdfp_req=1&vrg=202311080101&ptt=17&impl=fifs&iu_parts=18364646%2CAmigoSecreto_300x250_Footer%2CAmigoSecreto_320x50_Header&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=300x250%2C320x50&ifi=2&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1699901906499&lmt=1699901906&adxs=1030%2C-9&adys=1604%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C-1&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.amigosecreto.com.br%2F%3Futm_source%3Damigosecreto%26utm_medium%3Demail-mkt%26utm_campaign%3Das2023&ref=https%3A%2F%2Fimages.il.com.br%2F&vis=1&psz=350x250%7C0x-1&msz=300x-1%7C0x-1&fws=0%2C2&ohw=0%2C0&ga_vid=727135855.1699901906&ga_sid=1699901907&ga_hid=1016778901&ga_fc=true&dlt=1699901904987&idt=1488&adks=805912551%2C3879938239&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311080101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3b51898ccc6ab28456816157537b6152ac448e74c10f7e586ecabddacd417dae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:26 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11582
x-xss-protection: 0
google-lineitem-id: -1,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.amigosecreto.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6FC5 6 KB
3 KB 149ms
47ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311080101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.amigosecreto.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 13 Nov 2023 18:58:26 GMT
expires: Tue, 12 Nov 2024 18:58:26 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ Frame E98D 429 KB
134 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079592

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 17:48:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4184
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137535
x-xss-protection: 0
server: cafe
etag: 18342593356503948095
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 12 Nov 2024 17:48:42 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 405D 240 KB
83 KB 57ms
57ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MH0ZFXE61K&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-5699012-5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f62e61bd234a5c42f5eaa21d80979ae5e1c3e70116e819ea2d67b1169199edca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85357
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 13 Nov 2023 18:58:26 GMT

GET
H2 200 hotjar-2766609.js Show response
static.hotjar.com/c/ Frame 405D 9 KB
4 KB 40ms
40ms Script
application/javascript 52.222.139.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2766609.js?sv=6

Requested by

Host: images.il.com.br
URL: https://images.il.com.br/click.asp?esp=4579

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.139.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-139-19.ams50.r.cloudfront.net

Software

Resource Hash

af2781a535d6ebb9937eb6c109e1cca91d43a0584252d561f7331a118ef80a3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Mon, 13 Nov 2023 18:58:26 GMT
via: 1.1 ff991951152c9edc076607bc5a471612.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS50-C1
age: 55
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/609794e922fbeab58d099435dad9b2c5
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: XRFMk19hVnJl9yx-aokVbnBAk5zmXP_AG4WynxFwytjF4z_5YQcsuw==

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311080101/ Frame 405D 400 KB
135 KB 107ms
107ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6260959165761598&plah=www.amigosecreto.com.br&bust=31079587

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6260959165761598&host=ca-host-pub-2644536267352236

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23fb092c9dc3addc12ca0d7d6f92427b65c5f47dc4a38ccaabb24bb3ea7e1fb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138410
x-xss-protection: 0
server: cafe
etag: 15747382465196193155
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 13 Nov 2023 18:58:26 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 48ms
47ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-J2TS8EPKY3&gtm=45je3b81v878338784&_p=1699901905002&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=727135855.1699901906&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1699901906&sct=1&seg=0&dl=https%3A%2F%2Fwww.amigosecreto.com.br%2F%3Futm_source%3Damigosecreto%26utm_medium%3Demail-mkt%26utm_campaign%3Das2023&dr=https%3A%2F%2Fimages.il.com.br%2F&dt=O%20site%20oficial%20do%20Amigo%20Secreto&en=page_view&_fv=1&_ss=1&tfd=1793
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J2TS8EPKY3&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Nov 2023 18:58:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.amigosecreto.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
259 B 144ms
47ms Ping
text/plain 2a00:1450:400c:c03::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-J2TS8EPKY3&cid=727135855.1699901906&gtm=45je3b81v878338784&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J2TS8EPKY3&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c03::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Nov 2023 18:58:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.amigosecreto.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 164ms
77ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-J2TS8EPKY3&cid=727135855.1699901906&gtm=45je3b81v878338784&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=365220257

Requested by

Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/?utm_source=amigosecreto&utm_medium=email-mkt&utm_campaign=as2023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Nov 2023 18:58:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FE7C 5 KB
1 KB 365ms
364ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6260959165761598&output=html&adk=1812271804&adf=3025194257&lmt=1699901906&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x810_l%7C500x810_r&format=0x0&url=https%3A%2F%2Fwww.amigosecreto.com.br%2F%3Futm_source%3Damigosecreto%26utm_medium%3Demail-mkt%26utm_campaign%3Das2023&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699901906230&bpp=3&bdt=1242&idt=378&shv=r20231108&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3669518102547&frm=20&pv=2&ga_vid=727135855.1699901906&ga_sid=1699901907&ga_hid=1016778901&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079516%2C44795922%2C44807464%2C31078297%2C31079382%2C44807763%2C44808148%2C44808285&oid=2&pvsid=1941516421622326&tmod=1434806844&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fimages.il.com.br%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=393

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6260959165761598&plah=www.amigosecreto.com.br

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0b43d60aca8a76914d20830e4bb05e4a4758a4194108fb916b6942c4ca127163

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.amigosecreto.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 889
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 13 Nov 2023 18:58:26 GMT
expires: Mon, 13 Nov 2023 18:58:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
211 B 51ms
50ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1016778901&t=pageview&_s=1&dl=https%3A%2F%2Fwww.amigosecreto.com.br%2F%3Futm_source%3Damigosecreto%26utm_medium%3Demail-mkt%26utm_campaign%3Das2023&dr=https%3A%2F%2Fimages.il.com.br%2F&ul=en-us&de=windows-1252&dt=O%20site%20oficial%20do%20Amigo%20Secreto&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1864582835&gjid=1632459367&cid=727135855.1699901906&tid=UA-5699012-1&_gid=927822237.1699901907&_r=1&gtm=457e3b81&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=1132456579

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.amigosecreto.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 13 Nov 2023 18:58:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.amigosecreto.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame E98D 62 KB
22 KB 87ms
87ms Fetch
text/plain 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1132910495721874&correlator=330768018218396&eid=31079379%2C31079592%2C31079527&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&iu_parts=18364646%2CAmigoSecreto_Patrocinio3%2CAmigoSecreto_Patrocinio1&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=180x180%2C180x180&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&cdm=www.amigosecreto.com.br&abxe=1&dt=1699901906676&lmt=1699901906&adxs=710%2C-12245933&adys=1731%2C-12245933&biw=1600&bih=1200&isw=180&ish=180&scr_x=0&scr_y=0&btvi=1%7C-1&ucis=1oxgi76ism1l%7C6ady05tc463g&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fwww.amigosecreto.com.br%2Fpatrocinadores.asp&ref=https%3A%2F%2Fwww.amigosecreto.com.br%2F%3Futm_source%3Damigosecreto%26utm_medium%3Demail-mkt%26utm_campaign%3Das2023&top=https%3A%2F%2Fwww.amigosecreto.com.br%2F%3Futm_source%3Damigosecreto%26utm_medium%3Demail-mkt%26utm_campaign%3Das2023&vis=1&psz=180x-1%7C180x-1&msz=180x-1%7C0x-1&fws=256%2C384&ohw=0%2C0&ea=0&ga_vid=727135855.1699901906&ga_sid=1699901907&ga_hid=1923259948&ga_fc=true&dlt=1699901906132&idt=521&adks=2641534900%2C155391808&frm=23

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079592

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e5c38f91141b372594bad8cc8da91282fbd59952f7d9d1b8b3d59ae76e562b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22474
x-xss-protection: 0
google-lineitem-id: -2,75031606
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,67698098686
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.amigosecreto.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
d308cf5aba4c350d52f6f982b50ad7bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4D42 6 KB
0 89ms
47ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d308cf5aba4c350d52f6f982b50ad7bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079592

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.amigosecreto.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 13 Nov 2023 18:58:26 GMT
expires: Tue, 12 Nov 2024 18:58:26 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 modules.4fff30a11f83c70bc2a1.js Show response
script.hotjar.com/ Frame 405D 225 KB
56 KB 44ms
44ms Script
application/javascript 13.32.27.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.4fff30a11f83c70bc2a1.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2766609.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-21.fra56.r.cloudfront.net

Software

Resource Hash

a603b2b20c78990ff3b6b9e99a5d303b936d8885950ced8135df87c23eff4f20

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 12:03:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 2e4a0520ad8fe16707823b20e9441e08.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 370520
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 57093
last-modified: Thu, 09 Nov 2023 12:03:05 GMT
etag: "90fe477ee0715709dc5b1153c76d0f7a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: h6XFdhW_mi76n55TNbx9KKBeCfRl3oVPQa0Tq7m-egZI2HyTdv75AA==

POST
H2 204 collect
region1.google-analytics.com/g/ Frame 405D 0
54 B 49ms
48ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-MH0ZFXE61K&gtm=45je3b81v887988591&_p=1699901906350&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=727135855.1699901906&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1699901906&sct=1&seg=1&dl=https%3A%2F%2Fwww.amigosecreto.com.br%2Fpresentes%2Fdestaque%2Fhome-deslogada%2F&dr=https%3A%2F%2Fwww.amigosecreto.com.br%2F%3Futm_source%3Damigosecreto%26utm_medium%3Demail-mkt%26utm_campaign%3Das2023&dt=DESTAQUE%20%E2%80%93%20Home%20Deslogada%20-%20AmigoSecreto.com.br&en=page_view&tfd=804
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MH0ZFXE61K&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Nov 2023 18:58:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.amigosecreto.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FC6D 5 KB
913 B 360ms
360ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6260959165761598&output=html&adk=1812271804&adf=3279755397&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x810_l%7C500x810_r&format=0x0&url=https%3A%2F%2Fwww.amigosecreto.com.br%2F%3Futm_source%3Damigosecreto%26utm_medium%3Demail-mkt%26utm_campaign%3Das2023&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699901906564&bpp=3&bdt=393&idt=226&shv=r20231108&mjsv=m202311080101&ptt=9&saldr=aa&nras=1&correlator=3669518102547&frm=23&ife=1&pv=1&ga_vid=727135855.1699901906&ga_sid=1699901907&ga_hid=1456061020&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=1600&ish=300&ifk=1973036070&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44798934%2C44807461%2C31078297%2C31079587%2C44806141%2C44807763%2C44808148%2C44808285&oid=2&pvsid=2789026869479824&tmod=1716392366&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fimages.il.com.br%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C300&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.t48ljrdst73z&btvi=1&fsb=1&dtd=240

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6260959165761598&plah=www.amigosecreto.com.br&bust=31079587

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0b43d60aca8a76914d20830e4bb05e4a4758a4194108fb916b6942c4ca127163

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.amigosecreto.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 889
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 13 Nov 2023 18:58:27 GMT
expires: Mon, 13 Nov 2023 18:58:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame E98D 16 KB
12 KB 87ms
87ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311090101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079592

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d3327061052227a35fd1df1cf0fc9338047374b84640665fd6750c7a91343791

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12228
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4699 0
0 78ms
77ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssAcbkKJ5fJOJYBg35GwTCXVA6MrTrTVNKnn3HydksnzVu1JXsHYHwK3ZR2zEgkl-xHsOEx6ND-lbzlDa8uRPmjBst6i-Ulgz5tmrS5JRuskGYaI7Xu-rvC0tWV9NGdKMDER_eaq1BHZJAOPUJr49QLslqW1vKjazKB5Gz9-Ms-tPkHcJQTIR0hwp4af2zZxTgebaL9abtbJgDVjMjRqREAFxgxt48oZj2KqJeyvdfxWsZVk17T4VGjIrKq-5o4hMlNctM8qlS8A8oCGfW0TwdpFtkz7Ylqif7ekvXvT9Wf1jcYSsQ1bIBPwKDH_n_hqVyLneXE59klKJG__JuXsGFptRWiNJyHQjE&sai=AMfl-YRCpAWdaPcczVI0-_53D3xzUXCtGFkCQknyo3nkoHMV1VVoa70eqBddd5fyUN82C5j0G4c5abRBwtU7e0ZxohBnp0FNXdHF4WoWj0sZ6qmE0iQ0a4_YGKzSICGFVF9M5jLa1KQXTXsObY7Ri9HgPyHO&sig=Cg0ArKJSzD3-0kq5Q7LcEAE&uach_m=[UACH]&adurl=

Requested by

Host: images.il.com.br
URL: https://images.il.com.br/click.asp?esp=4579

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 13 Nov 2023 18:58:26 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231108/r20110914/ Frame 4699 23 KB
9 KB 264ms
42ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231108/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079592

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:19:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2343
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9286
x-xss-protection: 0
server: cafe
etag: 5170786266788330719
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Nov 2023 18:19:24 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/ Frame 4699 3 KB
2 KB 261ms
39ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079592

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 17:48:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4182
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Nov 2023 17:48:45 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4699 192 KB
60 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079592

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

679387c2f15182819b17e9f3aec3cb611bbf474b3797f72a96a4f9bb439508ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61843
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699570296391874"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 13 Nov 2023 18:58:26 GMT

GET
H2 200 7783409155183645356
tpc.googlesyndication.com/simgad/ Frame 4699 6 KB
6 KB 270ms
49ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7783409155183645356

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079592

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e947a34e3241a8fa04ba18016cd7f89c56130e69e3724f6cc242ceceb825d557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 08:24:10 GMT
x-content-type-options: nosniff
age: 297257
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6169
x-xss-protection: 0
last-modified: Thu, 22 Oct 2020 22:46:32 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 09 Nov 2024 08:24:10 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame E98D 17 KB
7 KB 220ms
76ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079592

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 13 Nov 2023 18:58:27 GMT

GET
H2 200 container.html Show response
9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C572 6 KB
3 KB 44ms
40ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311080101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.amigosecreto.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 13 Nov 2023 18:58:26 GMT
expires: Tue, 12 Nov 2024 18:58:26 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 tradicional-g.png
www.amigosecreto.com.br/presentes/wp-content/uploads/2023/10/ Frame 405D 35 KB
35 KB 160ms
158ms Image
image/png 66.232.27.51
WEBHOST-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.amigosecreto.com.br/presentes/wp-content/uploads/2023/10/tradicional-g.png
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/presentes/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/n2.min.js?ver=4e06d1a7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN27229 (WEBHOST-ASN1, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: cca7903166ac60c3620645ba4202de339127c89206ac39bf657f74f679bb73a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/presentes/destaque/home-deslogada/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:27 GMT
last-modified: Wed, 25 Oct 2023 01:15:25 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "65386c2d-8b26"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 35622
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 amigoladrao-g.png
www.amigosecreto.com.br/presentes/wp-content/uploads/2023/10/ Frame 405D 65 KB
65 KB 160ms
158ms Image
image/png 66.232.27.51
WEBHOST-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.amigosecreto.com.br/presentes/wp-content/uploads/2023/10/amigoladrao-g.png
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/presentes/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/n2.min.js?ver=4e06d1a7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN27229 (WEBHOST-ASN1, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 4ce16f8c793c6a2f3be0831b5785e11b906bcbc507df8b2ba7bc23841d5103ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/presentes/destaque/home-deslogada/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:27 GMT
last-modified: Wed, 25 Oct 2023 01:14:28 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "65386bf4-10432"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 66610
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 amigodaonca-g.png
www.amigosecreto.com.br/presentes/wp-content/uploads/2023/10/ Frame 405D 34 KB
35 KB 160ms
159ms Image
image/png 66.232.27.51
WEBHOST-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.amigosecreto.com.br/presentes/wp-content/uploads/2023/10/amigodaonca-g.png
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/presentes/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/n2.min.js?ver=4e06d1a7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN27229 (WEBHOST-ASN1, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 24cba174dc0edbadb1e7b656d2769dfe165512b48575741c2a4c19826eae505d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/presentes/destaque/home-deslogada/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:27 GMT
last-modified: Wed, 25 Oct 2023 01:14:31 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "65386bf7-89c8"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 35272
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 thumb2.jpg
www.amigosecreto.com.br/presentes/wp-content/uploads/2023/10/ Frame 405D 87 KB
88 KB 160ms
159ms Image
image/jpeg 66.232.27.51
WEBHOST-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.amigosecreto.com.br/presentes/wp-content/uploads/2023/10/thumb2.jpg
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/presentes/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/n2.min.js?ver=4e06d1a7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN27229 (WEBHOST-ASN1, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 9ae2bcf835711475d796fdfecce7fba774084969544c37d2eea4d7ef0de34f03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/presentes/destaque/home-deslogada/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:27 GMT
last-modified: Fri, 27 Oct 2023 00:06:12 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "653afef4-15db9"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 89529
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 75ms
75ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pfeu&evt=place&vh=1200&eid=44759875%2C44759926%2C31079516%2C44795922%2C44807464%2C31078297%2C31079382%2C44807763%2C44808148%2C44808285&hl=pt&pvc=1941516421622326

Requested by

Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/?utm_source=amigosecreto&utm_medium=email-mkt&utm_campaign=as2023

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Nov 2023 18:58:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D0E7 624 B
245 B 83ms
81ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CID6ShCinKcBGJnX-vABMAE&v=APEucNVxx9HW1ZDAsJ-t50xrV8OJNElw8ZyItXVMrX307hW_hnRG-jn7J9MjE8owR4-sN_OgHHlYudIzeuZUh-VjZJ1XuijgxVfkAUzvy7DGzTTZLs0m7b4DaLF8Re8tOjz_RQK1_erN02hlqXFkqb9CNegvM0jQ0Q9SPFXELkGc2LeNftIADik

Requested by

Host: 9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com
URL: https://9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 13 Nov 2023 18:58:27 GMT
expires: Mon, 13 Nov 2023 18:58:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame C572 89 KB
31 KB 83ms
82ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com
URL: https://9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 13 Nov 2023 18:58:27 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C572 42 B
63 B 74ms
72ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A6SS5dxnKiG37y0-rbhFkkb3yfG41vf57D_2xTg0aA6IXArdCmCkALK9deU_R--zg8sAjAm8FSPGK3eFbGexGXUmMrlOABE5rpe_4KE5W83MJ6Eh8

Requested by

Host: 9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com
URL: https://9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Nov 2023 18:58:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C572 0
20 B 76ms
74ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=7137276407181626807&x=1&ct=77

Requested by

Host: 9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com
URL: https://9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Nov 2023 18:58:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adServer.bs Show response
bs.serving-sys.com/Serving/ Frame C572 16 KB
7 KB 209ms
44ms Script
text/html 52.58.73.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving/adServer.bs?c=28&cn=display&pli=1079438849&gdpr=&gdpr_consent=&w=300&h=250&ncu=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCz8YM0nFSZY-dIs6G1PIPgMuZ2AHs3772csP3mvLaEWQQASDa-7QMYJWK_IGUB6AB1dKR_gLIAQmpAhMI2sG46LE-qAMByAObBKoEiwJP0AFQ1iuygKV7Jp2FN3Z3Dtz3JKplH31dxlHUtPXakLQo8m33yXoS6qUCXIxUmTPkwDzMg3vsCGWD_Lmw5asoF21StmmuiWkJ3XUqmB_kurjkyaJI4A4cLxEeJi9AY-LU9E80YwoTG2h0ex_VegiSsWEUquhVdv3hmzexjrAKcPhGo8yiyrSrxt4H7DkgsZB9fjn-F-ZS4_Lenpl4uLZvE7ao_zchCXrTHscQ97b-Qlsd_0p7BQbCgj5hLYHvwIp-gh6G_znoaAMXLeNOIBduD53P57Bs9THQYOwJmFJHPE6hdXIRvCHlUWHcrLKsmswLkHThFRpOXXjJif6ykue503XjaaUiPexuwMvABLzWi4fFBOAEA4gFz_fB3UuQBgGgBk2AB5Ot7oEBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgGYCwHICwGADAGiDBQqEgoQ5LSxAu61sQLktLEC7rWxAqoNAkRF4g0TCLjVq4rUwYIDFU4DVQgdgGUGG7ATtumfFNATANgTDYgUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNm4q7nBfyGOpSYOt7otgLqb5vPruaykjPW5YNC8tN05JgKBWlJajBMYIcZKs4IkxzIOrGBDOBQEPkHWtKDJkUD9lpgPcWktGbahgB%26sig%3DAOD64_25EuVLAGimPO3I3mdRIXIy0u1imw%26client%3Dca-pub-6260959165761598%26dbm_c%3DAKAmf-AyrE2gIL3iux27bjMZ-fg_cl4qG_UlSXpBS0lIZfrfBtFFBxjYmLRN2l3xLfH3aP2ZjIT6miB0xiWNRRvhRa2pIznRxLFkIH51hOxwFDDLmh-sRfVNg4th3AVyBwSRUS3IV_e41Y_eG9fT93jnMla1DnVQoHxPhKIhFH1_AHVvPoi3Sow%26cry%3D1%26dbm_d%3DAKAmf-COx3M5KwhMmOfhAkeitSgxnzT0EiCDRAsKaxXGUhHVAFjOa-VAc-zr26fTs-PMEGbayvXwQPEX9ARTfL3kZZdmHjpgrS02JL8IPD3FSZxPGfbkoX4ZEu0oLmKDdIjXzFZzsJKQ8PgHxQCkZvI6nAj8R8xxAVfs_sYJfnuGc76M22mgjfYKX2IZRcGjxKalUqMLlryQOLFgViwXGsojhQNRoeprlxvsYEgXGrMkOCBBCDATbRjHeWbKnVHTgpMGbksfABAGWFAYNMGsKG_TdwzWKgoGosvEOMVvmva1jkmqRG70sk8QeyYUL8yPRUkcTghYcbEGZiWtnNXOQPwhXJ6YU8fmodNh3x6MzK1shgu4HCQspBh-3yr5hyiNyxLjCpShjX4rV_jX5jhXBrR094nAsANZESgIeaCbcz2JypSLinz8296uc3lQEF-yRe7QDQEr4wL2toAp2AGqiOriWc3yse2h3wYlFmrL3cOueLFJLnlwan9o4n8dAhJ0bAp88tkDIu6DwHN-JLRDhhWBrTE8voDXsyq_GwI76s3aiWgm9BRg0YiDyGWkE84A3YwsyJbBejHXZ77VsBOkk3rx0veOAKgx2LVJfzcAxH_HXgUEqsPKRBg1W6bBmbhp-ksfEHtASMCV0LSDzXwQcHq8vJhKPpjXpg%26adurl%3D&e=0&ord=1699901906560783&z=0
Requested by: Host: 9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com
URL: https://9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.73.75 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-73-75.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: bc88754dc07d3db18ae64a5feccf516afa3c824f6727085ee26170fd4cfe35a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Nov 2023 18:58:27 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: CP="NOI DEVa OUR BUS UNI"
cache-control: no-cache, no-store
content-length: 6940
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/rjss/st/1564033/72645939/ Frame C572 47 KB
13 KB 635ms
201ms Script
application/javascript 52.10.170.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/rjss/st/1564033/72645939/skeleton.js?bundleId=&ias_dspID=3&ias_campId=1013287007&ias_pubId=pub-6260959165761598&ias_chanId=1&ias_placementId=20328774607&bidurl=https://www.amigosecreto.com.br/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jLpbyMHZ5owN67ii2whRdr
Requested by: Host: 9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com
URL: https://9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.10.170.101 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-10-170-101.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 3b84cdee97a0dba26a5eacfca74f8da8c573a84aa3c40f51ff7c0edb41c9bb04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Nov 2023 18:58:27 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/ Frame C572 3 KB
1 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/window_focus_fy2021.js

Requested by

Host: 9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com
URL: https://9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 17:48:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4182
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Nov 2023 17:48:45 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/ Frame C572 20 KB
8 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com
URL: https://9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:27:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1832
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8543
x-xss-protection: 0
server: cafe
etag: 18034338113832500900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Nov 2023 18:27:55 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C572 192 KB
60 KB 73ms
73ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com
URL: https://9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

679387c2f15182819b17e9f3aec3cb611bbf474b3797f72a96a4f9bb439508ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61843
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699570296391874"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 13 Nov 2023 18:58:27 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4699 0
0 158ms
77ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsto0i2vePiw4JQIQpFJ9ZX521ecPRrKEV1nfoAjKOesUDEJQ2Y5kXfTFTgfBu8GwRnWjuvmV9T5S79i2LfHGsw32GZM-6wsEnGlSxNTJoLpz3--Wk1Vf5hrzT9AuyF0FZ2q6yy2HZdnrd4PO1xuH2Eun-DS0_eVzxfy1JIoXkTwzzi1HCzcgxageRIL9b5UgSw1gvXpQWgSJZLcJQ6CxzrxO8RP54PTz1pP41INt8_1e_io-mldgWO4ExsY1Fv-MV5KWcsl-cF3TTbJTOQmd-uEYvkEfdJetyKrAncXjTVWLKCzq8tzGRtcaaxHcXDxA6fl2reFVRCgtYeu46y0EyYebDuKu4B25OZh1A&sai=AMfl-YQEPD5rdcjb_s05J-yKQns0aEEfaDU-ikd9zm2gOgWsL5PHPLriQTN3_WB840dgqIQR4-nn3X3i-cCyyi6MLIZ3ypzOBnwDXTvgVKbxGesEVy0Qp7kjXx_vU2IHFHIBf9X7QI1ByGwY2ftaqtk0L-Nx&sig=Cg0ArKJSzDqRe2SLLHF9EAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 13 Nov 2023 18:58:27 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2C96 13 KB
5 KB 52ms
41ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.amigosecreto.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2305
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 13 Nov 2023 18:20:02 GMT
expires: Tue, 12 Nov 2024 18:20:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0DC3 829 B
1 KB 143ms
51ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

904dec00a15aa6e85bb26e5050a1c8bfd8059dba531d6b3430d737d2958d1080

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kHerZbd0FNksb57gCy6PTg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.amigosecreto.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-kHerZbd0FNksb57gCy6PTg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 13 Nov 2023 18:58:27 GMT
expires: Mon, 13 Nov 2023 18:58:27 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C572 0
20 B 75ms
74ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7638076050558&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Nov 2023 18:58:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C572 0
20 B 74ms
73ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7638076050558&version=m202309260101&ct=77&x=1&cor=7137276407181626000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Nov 2023 18:58:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C572 34 KB
20 KB 105ms
104ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D9VMmIlgVUGyW56A4cDnurg_ixasf24RQNmHjuX9JAntg_zJ9d6jH4TdIM_g8-19G84G6RHi5GKhg32TbCheOdkFTNO3UyKD3EitjHwwh3bdNF_YQ6Ed944nX8YtgYSh9d9Urd7RjGnXRsjO_Vkd5Col6HSfPi2n8NYChXTho0yVdWfX0&cry=1&dbm_d=AKAmf-A5Hs8dBmufHG5ykCNCKR6iHW492ukcoO7Pv5uzMVds9HdIhCAkG8aPBksrI72TPHWu4-mk90CzRcEnV9uSrdLlq26EAJFB_AKxCJETL2U28RTBuq2U_vjDsJW-Jk-751XiVEakkUQyTkMsweDhcdpMNdhmJDp7ht6-tZktkYI_7ofTa1I54aYxHCYrWaK14pC7LAGnTDzn5k49c5vMXlnFZr5MZEBUOz8MsngOYZVF3Dl0DV6eKqIkV-yozGWM3LsNro0dwO9Wn6uYHUcV8kX0_h2oG1Wf557uJr1ew6UpUECP_Q9uF0-fvpyoTzMX8T3OhjoZTVJ7PtSJ27b5Iqw_kTeLqW6uWLu5zGLH5RB2_IHldGGzL0aqS4vherwZcJaazH_ZHriD44tpsMaZ-fzAKQYFPDfi_yiedZiPHVWKReDlpdAbWL71nkeh_EPXsUPqkWJ2xTTO7mFvLP9E79DpHpiaYo2IeM_u4V_qEDNCFA8Xkk0omX1poC5y73De51SXhSj9zlBfJef7nRRV13-QytkKlX-TqutZ-vYKeOFnX2yXCsZsVBZREhnMHX8L0RqyFZfc_XGLKuz_dwiEIe-4fNpHa088B4F69KFuckOnopGOZPuy-DDy9JR6Fe79xg8XL-6dRfc7EAEv3kwbSEWNJPt8-haloQbvjtL0qkiGinaLWnhTAwTLCZdW3ROM3x8H8YbUOAngjxdYqzA_YEYnW3lU5Qpjanuvk7cyc0qItERLTRF40b6PAxp6eCNFNHbb5fcO_pe3GPDw7it0fZRwLsKVEgRpGhkFcgbdY7NmWaTe1wV7WMvdAaFiHGVDYRvnJjPFTdr5Xsfkw5ETF13SkMhwTZKD4z3YOtWRvrysmlQna9taaTRHa4ZRdw3LPz-ZbP3a-6r7x19b9fM1JjmkVDIJaGmjau1t5QE0Ni5YY2UN4RGXSGmaP26tJAQfmvjfF2VO_AKQVTJW_a246iRYpviXAbW1vcAzugCWc5--3pGFw0WFIHygq0I0_7h6Y-Z2wMlLqu8m-9d1oXxhgQRLHRkTxlKNa0cgkxMrIGvp5goLYjJZX1Vr1xvC_aYLdDHUOsDV75ImBBGuk6gFW1KFtTyMh2ZgraKOjVdbQw2mXSuugEBlzEeCrr1A9OkDlNP8rNc8urp4eXT-V2mlacbLR_keaa_cMOv3NHygI6gsr1ETUeiQ7qCx7yEU9EdnyWLGC1aNCe7OH7X0vyWL-wp5vNQ8SCgwLuMb0zaUcIufEO2A5D9qO9spmgkSxMYAiyFuejE3vbjZgoT7-n4ja5Y2wtQArrLNPt2gykZWCP-rzZBVSwi3HeOkhOx1jFMLNbP6snop7Asl6mNUtd3-GOCx1_Vp9bueUvOvQ4-x_QP3mybX_0q67-_OpvGghanaX4_UZSCjdRy4F82kIUvpY_ljOWMveEog7AaZFnEoXhc8koUTKdfzwpM4lsrzZ--UUG0pM5fVCEUdhWzYLU6G7ShOrlczox9q0oWpmXA6GQZsPNdQX22ciXrJhg_Dayo9ImuOq8TKldmQuTRtSxnCe5_JZUqaJGM0P8-X7eEPj9L9A-10urP_InpTJuFHMp_3lARHrCQWo1yNcb5SpPIOe-A6rdgudNNGdI0_Hh32cDibTurTry3cbdfdPY7Yd99ih0S-wRUARCQNVvfViNsen_YgrNLphdxbyyFpg57BcGw0Rmr6r96F4T3P2txORl-BkFQSsEK1uIopmZcZPoCS8F4rPLnFBvfzkZuDXK5xTsJuZVXE8eIp6fQ-TyKSWn_nBsM0kcdHHv5RduGi4jv_2v4FErJmilsED_2hBBN8z_X-rAQ58-L9t4UyEiI41vZ3sNj33gonf4MTzicNsjv4fOedOCspa4kJuwgVUNS2e72wWoBYfLVBDcVMPp_Wsz4sWi6XxN5fKc6jw23XmIvM7srhmIgLXZmqarJyS6-z1sY_GgdmyirBlqNF-ONNRoECZAeurYNocPSp1kbnN9U1Yuz0GpTAD8YymSTrQbfkmQ9Jx9clkCBZUiAGsN4y9r6ZEb-GaUzQ8sQSuuAWw-xIJRvrhm-q1e3EtSbzj45DhjM_TRo50y8rxtEmWHwKhXTqiXRxDyS97OgmcPPsnRlypOh4VPzz17xsGczNxtZvCsIqSQF0dQV-mN14TjPU3AgzCdJxlrjh--pepvNUdUdVT11quSfbg2shxLrWq_A3IMX27PNYmLi4dMSAtUaIvO-egPYf-_wAeHB6AXDkmUDoU8hFB0fiCjT6QMcrlH2f37bQmjXqupiQhGOXqzfRvJoMqpOHfAxe7ZFNdZ0y1FZ2tenPSiH7q3dCGR1AwIWUWeOndpqkf0-nGZ1nS-0bnK_1RL-gBk312QtlvGF-ow6WZunFRKGt7rsWhUaf12Y10lwcioRoB2Xkahw-cJ90L4Gyg3M0DX5E-D_dMPR7qyWu3i27GJkVOjYrOiPV0DoaBD18Sk7xBc51pxR3k3_ltGmiRMAFPjK5xz2J9VCoi2YoPnEHS9iHPFdH-USjU7hG0RmlM9LVfFPdbNdAYiN_S87XRNWp38HukylUBXrtiTfXNFGafhCFydgqTGuUFZshxP20eMwc0Z68Z1b768FifiHvt1Q1vetSXenaCpvIwiaMkAxKTVjHkPe35x__GBUPQsNGz50JoaK3C_J0BFDxBUVCppBo52zIII_hmyDRicEAfEfffb5-IG6MrXcK6JKCJJtFSWyGFh6Mq-CpdJRSsCjYrZZP3_-_4wEYHqY8ilVJI6x6uNbXt-uhgoJ30HBqYIpwG2Gvna5MNWf69mtR9YxNn3ZBOdFld-PtFClcWDonoH5FPg8o-3ByaD0acHd2T1nWqzhAwH4j7-EiH-UgcI6BTIt25B-2cEMlvHzvGFzBBAoHDip_SUqt6cMRLf5V0Um5HsI5fGtn-g2Q2FYoH2G4ULySzY0k9Jm5D7PNDrD9OhlW5ls4qkw97j0E72FFEPdtR28DQyKtLqIRNc2cjKQSBljA_3SPRjemKaWrAIoz4ZMJtIPr1zsusqlcpm8baN3m2aQeeP9u6eUFIuEG4S8sTvS_EPN8Vmt5mwg4XgJLDN5APmBGmRlyf25rQHA0EdSbwar__xLezT2_llhQXk45uV5rpx8eHdHYwyorlGTEyBbceEIBrKJPGDSLeLC6s1vD93XgWLkMH_UALF5McGWYHUl7AR1vrvUHibFFbMne2JtNe9zqh-RhWumYJjjUw2PqMglCL7Ny65duRjz2UvBCvo5g0k5tx1X9VB-Fi_fse6cy34GB9qZlzN0GuT5fe94Ucw6XUxhQNpmdB-Ew57XA_Ijs2ge2t2vh_5F3SFC5DNWl9UvTjp0u3SO2K7pH0pVqklHKVhIYI4bE8BJ_E5X3vFB5I7NuwdFO1uQxzMiL1rhfiEneQv-mUonvhkO7UkMld8_LvtMYZqCuEVaOsitlCQIjVTDK6A6vRZmQgCu5D1dg_hYzGDrs2t49FQnDcOOj7bFnsWO-IZxVL7MSz0QoHmeQA1L8DLTlVH-YT9QjXkIBtwaUwdkHLGiScaqHp5hnIQkpoB_bm76n3Wh3Z9gjKmXaXUuazfRwEMukRVBirWfjSOm-ZoN_bMROvIEbre1N0AVogcglE1Sq6RVh0pul76-Q1dx4fYJdbus27BVydnyXUoLkFTVidQFW49LgvbaUGHoeyNkbqqQqa3FNB4EjXkfbJ_hc24HbIsHBEva3tTiioJ3MUw6yR0soIwQyMMr-8zlhV8U2jKnZYX27DdTPZZZTmQ8eZ9Hk9gRA78HsixXkg54AkQnmRzEndYN3ZhFVlOj-gsvtO8sKCZg9uDzGPZ4WQVwy6FfllmnaeXsoxfdgAb0uobVa7j7TBTSlA9lzf7BTrMmA5Bnv2US_pQkk9OSkttYu12d5zLNIBKE-tdjq62tJAN3942zAJAPXFp5zcMZ3uwjBlv-RC3JaEEQ_q5GbUGRQXzWftrmIvZWvPh-kGLfgKVOz0JtuxXr7ZhGc5udVD4VLuRd824jQy53_L1a9LITVdScx39r8Xxmnb6NtmDnX7KPrPDhHEjde8M9--beXdYI&cid=CAQSTgDICaaNm4q7nBfyGOpSYOt7otgLqb5vPruaykjPW5YNC8tN05JgKBWlJajBMYIcZKs4IkxzIOrGBDOBQEPkHWtKDJkUD9lpgPcWktGbahgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.amigosecreto.com.br%2F&ds=l&xdt=1&iif=1&cor=7137276407181626000&adk=3944675600&idt=88&cac=0&dtd=25

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6e220e99b161c82228d6cff047d33752333611b0dc0010899bdd492966c3089d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Nov 2023 18:58:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20045
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame D0E7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFJAPmfVbXEB9b2bbtW8rQ4&google_cver=1

43 B
337 B

58ms
57ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFJAPmfVbXEB9b2bbtW8rQ4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CID6ShCinKcBGJnX-vABMAE&v=APEucNVxx9HW1ZDAsJ-t50xrV8OJNElw8ZyItXVMrX307hW_hnRG-jn7J9MjE8owR4-sN_OgHHlYudIzeuZUh-VjZJ1XuijgxVfkAUzvy7DGzTTZLs0m7b4DaLF8Re8tOjz_RQK1_erN02hlqXFkqb9CNegvM0jQ0Q9SPFXELkGc2LeNftIADik
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Nov 2023 18:58:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wRaRVyaJA6CQCyYul9QkKkYZ51uRBEt5UfU6QG3fPDIPnzgj3D%2FVWJsl2HB0rN764rmnZ9hDERsquYee79TFT5KJYxq47%2FfdW%2FklQkV9ZmB1JDwCSxDdtmarkpSSOl1vSBbvbtnFafBJog%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82593f09999e71d3-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 13 Nov 2023 18:58:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFJAPmfVbXEB9b2bbtW8rQ4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame D0E7
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVJx0zF.UEgtA-3d-vLo4gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFJAPmfVbXEB9b2bbtW8rQ4&google_cver=1&google_hm=2

43 B
765 B

59ms
59ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFJAPmfVbXEB9b2bbtW8rQ4&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CID6ShCinKcBGJnX-vABMAE&v=APEucNVxx9HW1ZDAsJ-t50xrV8OJNElw8ZyItXVMrX307hW_hnRG-jn7J9MjE8owR4-sN_OgHHlYudIzeuZUh-VjZJ1XuijgxVfkAUzvy7DGzTTZLs0m7b4DaLF8Re8tOjz_RQK1_erN02hlqXFkqb9CNegvM0jQ0Q9SPFXELkGc2LeNftIADik
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Nov 2023 18:58:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eh2jsRUmF8nPyIGuflohCpjjFanC26myCIkvag941JKGBn6lNGH28axae89%2BdiK1wcun6i4GMHno1rJ1VAK7bxmkj%2B7uoqqDLbX8mThVUzvWGQML1p%2BAKe0nJ0qFYmMG72qcAKmbi0nXZg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82593f0a5e9965c5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 13 Nov 2023 18:58:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFJAPmfVbXEB9b2bbtW8rQ4&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame D0E7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEHQTdLkoFsC7c8L6kOvTMTs&google_cver=1

43 B
837 B

46ms
45ms

Image
image/gif

37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEHQTdLkoFsC7c8L6kOvTMTs&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CID6ShCinKcBGJnX-vABMAE&v=APEucNVxx9HW1ZDAsJ-t50xrV8OJNElw8ZyItXVMrX307hW_hnRG-jn7J9MjE8owR4-sN_OgHHlYudIzeuZUh-VjZJ1XuijgxVfkAUzvy7DGzTTZLs0m7b4DaLF8Re8tOjz_RQK1_erN02hlqXFkqb9CNegvM0jQ0Q9SPFXELkGc2LeNftIADik

Protocol

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Nov 2023 18:58:27 GMT
an-x-request-uuid: b8918188-a817-400a-9934-c64b6d3cacb4
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.103; 80.255.7.103; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Nov 2023 18:58:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEHQTdLkoFsC7c8L6kOvTMTs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D0E7
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjczNzM1OTc0MTI0MTgyOTM4

170 B
243 B

52ms
52ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjczNzM1OTc0MTI0MTgyOTM4

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Nov 2023 18:58:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Nov 2023 18:58:27 GMT
an-x-request-uuid: 00674631-2620-48e6-8544-02b6a5088f4d
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjczNzM1OTc0MTI0MTgyOTM4
x-proxy-origin: 80.255.7.103; 80.255.7.103; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 405D 16 KB
12 KB 90ms
90ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231108&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b1caa183eb1fc8c5196d74ecdb78d1838d7ccca70dd81d1ba944876dd217eaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12267
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 405D 0
20 B 75ms
75ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pflna&evt=place&vh=300&eid=44759875%2C44759926%2C44759837%2C44798934%2C44807461%2C31078297%2C31079587%2C44806141%2C44807763%2C44808148%2C44808285&hl=pt&pvc=2789026869479824

Requested by

Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/?utm_source=amigosecreto&utm_medium=email-mkt&utm_campaign=as2023

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Nov 2023 18:58:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 2C96 39 KB
15 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 16:17:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9657
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Nov 2024 16:17:30 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231108/r20110914/ Frame C572 31 KB
12 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231108/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D9VMmIlgVUGyW56A4cDnurg_ixasf24RQNmHjuX9JAntg_zJ9d6jH4TdIM_g8-19G84G6RHi5GKhg32TbCheOdkFTNO3UyKD3EitjHwwh3bdNF_YQ6Ed944nX8YtgYSh9d9Urd7RjGnXRsjO_Vkd5Col6HSfPi2n8NYChXTho0yVdWfX0&cry=1&dbm_d=AKAmf-A5Hs8dBmufHG5ykCNCKR6iHW492ukcoO7Pv5uzMVds9HdIhCAkG8aPBksrI72TPHWu4-mk90CzRcEnV9uSrdLlq26EAJFB_AKxCJETL2U28RTBuq2U_vjDsJW-Jk-751XiVEakkUQyTkMsweDhcdpMNdhmJDp7ht6-tZktkYI_7ofTa1I54aYxHCYrWaK14pC7LAGnTDzn5k49c5vMXlnFZr5MZEBUOz8MsngOYZVF3Dl0DV6eKqIkV-yozGWM3LsNro0dwO9Wn6uYHUcV8kX0_h2oG1Wf557uJr1ew6UpUECP_Q9uF0-fvpyoTzMX8T3OhjoZTVJ7PtSJ27b5Iqw_kTeLqW6uWLu5zGLH5RB2_IHldGGzL0aqS4vherwZcJaazH_ZHriD44tpsMaZ-fzAKQYFPDfi_yiedZiPHVWKReDlpdAbWL71nkeh_EPXsUPqkWJ2xTTO7mFvLP9E79DpHpiaYo2IeM_u4V_qEDNCFA8Xkk0omX1poC5y73De51SXhSj9zlBfJef7nRRV13-QytkKlX-TqutZ-vYKeOFnX2yXCsZsVBZREhnMHX8L0RqyFZfc_XGLKuz_dwiEIe-4fNpHa088B4F69KFuckOnopGOZPuy-DDy9JR6Fe79xg8XL-6dRfc7EAEv3kwbSEWNJPt8-haloQbvjtL0qkiGinaLWnhTAwTLCZdW3ROM3x8H8YbUOAngjxdYqzA_YEYnW3lU5Qpjanuvk7cyc0qItERLTRF40b6PAxp6eCNFNHbb5fcO_pe3GPDw7it0fZRwLsKVEgRpGhkFcgbdY7NmWaTe1wV7WMvdAaFiHGVDYRvnJjPFTdr5Xsfkw5ETF13SkMhwTZKD4z3YOtWRvrysmlQna9taaTRHa4ZRdw3LPz-ZbP3a-6r7x19b9fM1JjmkVDIJaGmjau1t5QE0Ni5YY2UN4RGXSGmaP26tJAQfmvjfF2VO_AKQVTJW_a246iRYpviXAbW1vcAzugCWc5--3pGFw0WFIHygq0I0_7h6Y-Z2wMlLqu8m-9d1oXxhgQRLHRkTxlKNa0cgkxMrIGvp5goLYjJZX1Vr1xvC_aYLdDHUOsDV75ImBBGuk6gFW1KFtTyMh2ZgraKOjVdbQw2mXSuugEBlzEeCrr1A9OkDlNP8rNc8urp4eXT-V2mlacbLR_keaa_cMOv3NHygI6gsr1ETUeiQ7qCx7yEU9EdnyWLGC1aNCe7OH7X0vyWL-wp5vNQ8SCgwLuMb0zaUcIufEO2A5D9qO9spmgkSxMYAiyFuejE3vbjZgoT7-n4ja5Y2wtQArrLNPt2gykZWCP-rzZBVSwi3HeOkhOx1jFMLNbP6snop7Asl6mNUtd3-GOCx1_Vp9bueUvOvQ4-x_QP3mybX_0q67-_OpvGghanaX4_UZSCjdRy4F82kIUvpY_ljOWMveEog7AaZFnEoXhc8koUTKdfzwpM4lsrzZ--UUG0pM5fVCEUdhWzYLU6G7ShOrlczox9q0oWpmXA6GQZsPNdQX22ciXrJhg_Dayo9ImuOq8TKldmQuTRtSxnCe5_JZUqaJGM0P8-X7eEPj9L9A-10urP_InpTJuFHMp_3lARHrCQWo1yNcb5SpPIOe-A6rdgudNNGdI0_Hh32cDibTurTry3cbdfdPY7Yd99ih0S-wRUARCQNVvfViNsen_YgrNLphdxbyyFpg57BcGw0Rmr6r96F4T3P2txORl-BkFQSsEK1uIopmZcZPoCS8F4rPLnFBvfzkZuDXK5xTsJuZVXE8eIp6fQ-TyKSWn_nBsM0kcdHHv5RduGi4jv_2v4FErJmilsED_2hBBN8z_X-rAQ58-L9t4UyEiI41vZ3sNj33gonf4MTzicNsjv4fOedOCspa4kJuwgVUNS2e72wWoBYfLVBDcVMPp_Wsz4sWi6XxN5fKc6jw23XmIvM7srhmIgLXZmqarJyS6-z1sY_GgdmyirBlqNF-ONNRoECZAeurYNocPSp1kbnN9U1Yuz0GpTAD8YymSTrQbfkmQ9Jx9clkCBZUiAGsN4y9r6ZEb-GaUzQ8sQSuuAWw-xIJRvrhm-q1e3EtSbzj45DhjM_TRo50y8rxtEmWHwKhXTqiXRxDyS97OgmcPPsnRlypOh4VPzz17xsGczNxtZvCsIqSQF0dQV-mN14TjPU3AgzCdJxlrjh--pepvNUdUdVT11quSfbg2shxLrWq_A3IMX27PNYmLi4dMSAtUaIvO-egPYf-_wAeHB6AXDkmUDoU8hFB0fiCjT6QMcrlH2f37bQmjXqupiQhGOXqzfRvJoMqpOHfAxe7ZFNdZ0y1FZ2tenPSiH7q3dCGR1AwIWUWeOndpqkf0-nGZ1nS-0bnK_1RL-gBk312QtlvGF-ow6WZunFRKGt7rsWhUaf12Y10lwcioRoB2Xkahw-cJ90L4Gyg3M0DX5E-D_dMPR7qyWu3i27GJkVOjYrOiPV0DoaBD18Sk7xBc51pxR3k3_ltGmiRMAFPjK5xz2J9VCoi2YoPnEHS9iHPFdH-USjU7hG0RmlM9LVfFPdbNdAYiN_S87XRNWp38HukylUBXrtiTfXNFGafhCFydgqTGuUFZshxP20eMwc0Z68Z1b768FifiHvt1Q1vetSXenaCpvIwiaMkAxKTVjHkPe35x__GBUPQsNGz50JoaK3C_J0BFDxBUVCppBo52zIII_hmyDRicEAfEfffb5-IG6MrXcK6JKCJJtFSWyGFh6Mq-CpdJRSsCjYrZZP3_-_4wEYHqY8ilVJI6x6uNbXt-uhgoJ30HBqYIpwG2Gvna5MNWf69mtR9YxNn3ZBOdFld-PtFClcWDonoH5FPg8o-3ByaD0acHd2T1nWqzhAwH4j7-EiH-UgcI6BTIt25B-2cEMlvHzvGFzBBAoHDip_SUqt6cMRLf5V0Um5HsI5fGtn-g2Q2FYoH2G4ULySzY0k9Jm5D7PNDrD9OhlW5ls4qkw97j0E72FFEPdtR28DQyKtLqIRNc2cjKQSBljA_3SPRjemKaWrAIoz4ZMJtIPr1zsusqlcpm8baN3m2aQeeP9u6eUFIuEG4S8sTvS_EPN8Vmt5mwg4XgJLDN5APmBGmRlyf25rQHA0EdSbwar__xLezT2_llhQXk45uV5rpx8eHdHYwyorlGTEyBbceEIBrKJPGDSLeLC6s1vD93XgWLkMH_UALF5McGWYHUl7AR1vrvUHibFFbMne2JtNe9zqh-RhWumYJjjUw2PqMglCL7Ny65duRjz2UvBCvo5g0k5tx1X9VB-Fi_fse6cy34GB9qZlzN0GuT5fe94Ucw6XUxhQNpmdB-Ew57XA_Ijs2ge2t2vh_5F3SFC5DNWl9UvTjp0u3SO2K7pH0pVqklHKVhIYI4bE8BJ_E5X3vFB5I7NuwdFO1uQxzMiL1rhfiEneQv-mUonvhkO7UkMld8_LvtMYZqCuEVaOsitlCQIjVTDK6A6vRZmQgCu5D1dg_hYzGDrs2t49FQnDcOOj7bFnsWO-IZxVL7MSz0QoHmeQA1L8DLTlVH-YT9QjXkIBtwaUwdkHLGiScaqHp5hnIQkpoB_bm76n3Wh3Z9gjKmXaXUuazfRwEMukRVBirWfjSOm-ZoN_bMROvIEbre1N0AVogcglE1Sq6RVh0pul76-Q1dx4fYJdbus27BVydnyXUoLkFTVidQFW49LgvbaUGHoeyNkbqqQqa3FNB4EjXkfbJ_hc24HbIsHBEva3tTiioJ3MUw6yR0soIwQyMMr-8zlhV8U2jKnZYX27DdTPZZZTmQ8eZ9Hk9gRA78HsixXkg54AkQnmRzEndYN3ZhFVlOj-gsvtO8sKCZg9uDzGPZ4WQVwy6FfllmnaeXsoxfdgAb0uobVa7j7TBTSlA9lzf7BTrMmA5Bnv2US_pQkk9OSkttYu12d5zLNIBKE-tdjq62tJAN3942zAJAPXFp5zcMZ3uwjBlv-RC3JaEEQ_q5GbUGRQXzWftrmIvZWvPh-kGLfgKVOz0JtuxXr7ZhGc5udVD4VLuRd824jQy53_L1a9LITVdScx39r8Xxmnb6NtmDnX7KPrPDhHEjde8M9--beXdYI&cid=CAQSTgDICaaNm4q7nBfyGOpSYOt7otgLqb5vPruaykjPW5YNC8tN05JgKBWlJajBMYIcZKs4IkxzIOrGBDOBQEPkHWtKDJkUD9lpgPcWktGbahgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.amigosecreto.com.br%2F&ds=l&xdt=1&iif=1&cor=7137276407181626000&adk=3944675600&idt=88&cac=0&dtd=25

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

13ba2997ea62a564075f4e9d586d98c0f2662d6f23042e5f39366b2f27f320a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:20:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2297
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11881
x-xss-protection: 0
server: cafe
etag: 5723174479369309319
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Nov 2023 18:20:10 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame C572 41 KB
14 KB 44ms
42ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:44:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 306856
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Nov 2024 05:44:11 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTY5OTkwMTkwNzI2NjExOQogIHNlcnZlcl9pcDogMTQ2NTI1MTcwCiAgcHJvY2Vzc19pZDogNTU0NDk3NTU2Cn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDg2NzgzODkK...
ad.doubleclick.net/ddm/activity/ Frame C572 0
854 B 174ms
79ms Image
image/png 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTY5OTkwMTkwNzI2NjExOQogIHNlcnZlcl9pcDogMTQ2NTI1MTcwCiAgcHJvY2Vzc19pZDogNTU0NDk3NTU2Cn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDg2NzgzODkKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL2RvbGNlLWd1c3RvLmRlIgp4ZmFfYXR0cmlidXRpb25faW50ZXJhY3Rpb25fdHlwZTogVklFVwppbXByZXNzaW9uX3ByaW9yaXR5OiAwCmltcHJlc3Npb25fZXhwaXJ5X2luX2RheXM6IDMwCmV2ZW50X2ltcHJlc3Npb25faWQ6IDE1MzE5MzI0NTgxMTE4MzQ5ODQ3CmRlYnVnX2tleTogNTg4ODkzMDMzODE1MjY5MzU0MQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QUk9EVUNUX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjMtMTEtMTMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQ09ORklHX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA4Njc4Mzg5CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0NPUkVfUExBVEZPUk1fU0VSVklDRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFURk9STV9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1FVRVJZX0NPVU5UUlkKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiVVMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQUNFTUVOVF9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzcxNDg1MTMzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19BRFZFUlRJU0VSX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyNzM5NzQ2CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19MSU5FX0lURU1fSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIwMzI4Nzc0NjA3CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19DUkVBVElWRV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNTA1MzI2NDg5CiAgfQp9CmFyY2hldHlwZV9pZDogMTIKYXJjaGV0eXBlX2lkOiAxMwphcmNoZXR5cGVfaWQ6IDE0CmFyY2hldHlwZV9pZDogMTUKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2RvbGNlLWd1c3RvLmRlIgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZGVidWdjb252ZXJzaW9uZG9tYWluMS5jb20iCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9kZWJ1Z2NvbnZlcnNpb25kb21haW4yLmNvbSIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDc1NDk3NDcyMAo

Requested by

Host: 9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com
URL: https://9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Nov 2023 18:58:27 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0x8190cefc8020ea350000000000000000","13":"0xc67955956aebc3360000000000000000","14":"0xe41e1c2aef19315e0000000000000000","15":"0xe9a6295a5ab09d400000000000000000"},"debug_key":"5888930338152693541","debug_reporting":true,"destination":"https://dolce-gusto.de","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"8":["8678389"]},"priority":"0","source_event_id":"15319324581118349847"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 versionsFR.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts/versions/ Frame C572 213 B
510 B 232ms
40ms Script
application/javascript 2.19.126.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/versions/versionsFR.js
Requested by: Host: bs.serving-sys.com
URL: https://bs.serving-sys.com/Serving/adServer.bs?c=28&cn=display&pli=1079438849&gdpr=&gdpr_consent=&w=300&h=250&ncu=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCz8YM0nFSZY-dIs6G1PIPgMuZ2AHs3772csP3mvLaEWQQASDa-7QMYJWK_IGUB6AB1dKR_gLIAQmpAhMI2sG46LE-qAMByAObBKoEiwJP0AFQ1iuygKV7Jp2FN3Z3Dtz3JKplH31dxlHUtPXakLQo8m33yXoS6qUCXIxUmTPkwDzMg3vsCGWD_Lmw5asoF21StmmuiWkJ3XUqmB_kurjkyaJI4A4cLxEeJi9AY-LU9E80YwoTG2h0ex_VegiSsWEUquhVdv3hmzexjrAKcPhGo8yiyrSrxt4H7DkgsZB9fjn-F-ZS4_Lenpl4uLZvE7ao_zchCXrTHscQ97b-Qlsd_0p7BQbCgj5hLYHvwIp-gh6G_znoaAMXLeNOIBduD53P57Bs9THQYOwJmFJHPE6hdXIRvCHlUWHcrLKsmswLkHThFRpOXXjJif6ykue503XjaaUiPexuwMvABLzWi4fFBOAEA4gFz_fB3UuQBgGgBk2AB5Ot7oEBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgGYCwHICwGADAGiDBQqEgoQ5LSxAu61sQLktLEC7rWxAqoNAkRF4g0TCLjVq4rUwYIDFU4DVQgdgGUGG7ATtumfFNATANgTDYgUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNm4q7nBfyGOpSYOt7otgLqb5vPruaykjPW5YNC8tN05JgKBWlJajBMYIcZKs4IkxzIOrGBDOBQEPkHWtKDJkUD9lpgPcWktGbahgB%26sig%3DAOD64_25EuVLAGimPO3I3mdRIXIy0u1imw%26client%3Dca-pub-6260959165761598%26dbm_c%3DAKAmf-AyrE2gIL3iux27bjMZ-fg_cl4qG_UlSXpBS0lIZfrfBtFFBxjYmLRN2l3xLfH3aP2ZjIT6miB0xiWNRRvhRa2pIznRxLFkIH51hOxwFDDLmh-sRfVNg4th3AVyBwSRUS3IV_e41Y_eG9fT93jnMla1DnVQoHxPhKIhFH1_AHVvPoi3Sow%26cry%3D1%26dbm_d%3DAKAmf-COx3M5KwhMmOfhAkeitSgxnzT0EiCDRAsKaxXGUhHVAFjOa-VAc-zr26fTs-PMEGbayvXwQPEX9ARTfL3kZZdmHjpgrS02JL8IPD3FSZxPGfbkoX4ZEu0oLmKDdIjXzFZzsJKQ8PgHxQCkZvI6nAj8R8xxAVfs_sYJfnuGc76M22mgjfYKX2IZRcGjxKalUqMLlryQOLFgViwXGsojhQNRoeprlxvsYEgXGrMkOCBBCDATbRjHeWbKnVHTgpMGbksfABAGWFAYNMGsKG_TdwzWKgoGosvEOMVvmva1jkmqRG70sk8QeyYUL8yPRUkcTghYcbEGZiWtnNXOQPwhXJ6YU8fmodNh3x6MzK1shgu4HCQspBh-3yr5hyiNyxLjCpShjX4rV_jX5jhXBrR094nAsANZESgIeaCbcz2JypSLinz8296uc3lQEF-yRe7QDQEr4wL2toAp2AGqiOriWc3yse2h3wYlFmrL3cOueLFJLnlwan9o4n8dAhJ0bAp88tkDIu6DwHN-JLRDhhWBrTE8voDXsyq_GwI76s3aiWgm9BRg0YiDyGWkE84A3YwsyJbBejHXZ77VsBOkk3rx0veOAKgx2LVJfzcAxH_HXgUEqsPKRBg1W6bBmbhp-ksfEHtASMCV0LSDzXwQcHq8vJhKPpjXpg%26adurl%3D&e=0&ord=1699901906560783&z=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-92.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 77e0cbf5f73df644f929b908ed8697c27fecc3b456810ba75909ca8d14067104

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:27 GMT
content-encoding: gzip
x-amz-request-id: D5QQPPFXWANXRJ54
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
content-length: 126
x-amz-id-2: SmpwGBocwSo2J2Kt/oQT9NSz3OVcEzQvEZt7WSQX5Um1O4Fj9WWDE61uO72BxZSNkqvAZf8ZMfc=
last-modified: Wed, 04 Oct 2023 14:58:21 GMT
server: AmazonS3
etag: "7760d8126d8e1e7690d4e2ab3748812f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=493643
accept-ranges: bytes
x-amz-cf-id: VY_UlpXEzD2RAQmOy_ajqzIYZgq5aSquPqblduNc1_tOFcLYoHiAKw==

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 405D 17 KB
6 KB 65ms
65ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 13 Nov 2023 18:58:27 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 4647 38 KB
13 KB 41ms
40ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 412585
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 00:22:02 GMT
expires: Fri, 08 Nov 2024 00:22:02 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0DC3 0
0 75ms
75ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311090101&jk=1132910495721874&rc=
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/?utm_source=amigosecreto&utm_medium=email-mkt&utm_campaign=as2023
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2C96 0
10 B 42ms
42ms Image
text/plain 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ZSfiPQ
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/?utm_source=amigosecreto&utm_medium=email-mkt&utm_campaign=as2023
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:27 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2E34 13 KB
5 KB 47ms
40ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.amigosecreto.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2305
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 13 Nov 2023 18:20:02 GMT
expires: Tue, 12 Nov 2024 18:20:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4211 829 B
769 B 53ms
52ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4ba2311ce2e313ca8dd37274496701d28deed04e6233c5110bebe419c912b095

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HodVHHp_LzPLQx4QOuu0tw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.amigosecreto.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-HodVHHp_LzPLQx4QOuu0tw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 13 Nov 2023 18:58:27 GMT
expires: Mon, 13 Nov 2023 18:58:27 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 4647 39 KB
15 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 16:17:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9657
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Nov 2024 16:17:30 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4211 0
0 76ms
75ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231108&jk=2789026869479824&rc=
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/?utm_source=amigosecreto&utm_medium=email-mkt&utm_campaign=as2023
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 2E34 39 KB
15 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 16:17:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9657
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Nov 2024 16:17:30 GMT

GET
H2 200 ebHtml5Banner.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_245_3_0/ Frame C572 302 KB
82 KB 40ms
40ms Script
application/javascript 2.19.126.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_245_3_0/ebHtml5Banner.js
Requested by: Host: bs.serving-sys.com
URL: https://bs.serving-sys.com/Serving/adServer.bs?c=28&cn=display&pli=1079438849&gdpr=&gdpr_consent=&w=300&h=250&ncu=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCz8YM0nFSZY-dIs6G1PIPgMuZ2AHs3772csP3mvLaEWQQASDa-7QMYJWK_IGUB6AB1dKR_gLIAQmpAhMI2sG46LE-qAMByAObBKoEiwJP0AFQ1iuygKV7Jp2FN3Z3Dtz3JKplH31dxlHUtPXakLQo8m33yXoS6qUCXIxUmTPkwDzMg3vsCGWD_Lmw5asoF21StmmuiWkJ3XUqmB_kurjkyaJI4A4cLxEeJi9AY-LU9E80YwoTG2h0ex_VegiSsWEUquhVdv3hmzexjrAKcPhGo8yiyrSrxt4H7DkgsZB9fjn-F-ZS4_Lenpl4uLZvE7ao_zchCXrTHscQ97b-Qlsd_0p7BQbCgj5hLYHvwIp-gh6G_znoaAMXLeNOIBduD53P57Bs9THQYOwJmFJHPE6hdXIRvCHlUWHcrLKsmswLkHThFRpOXXjJif6ykue503XjaaUiPexuwMvABLzWi4fFBOAEA4gFz_fB3UuQBgGgBk2AB5Ot7oEBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgGYCwHICwGADAGiDBQqEgoQ5LSxAu61sQLktLEC7rWxAqoNAkRF4g0TCLjVq4rUwYIDFU4DVQgdgGUGG7ATtumfFNATANgTDYgUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNm4q7nBfyGOpSYOt7otgLqb5vPruaykjPW5YNC8tN05JgKBWlJajBMYIcZKs4IkxzIOrGBDOBQEPkHWtKDJkUD9lpgPcWktGbahgB%26sig%3DAOD64_25EuVLAGimPO3I3mdRIXIy0u1imw%26client%3Dca-pub-6260959165761598%26dbm_c%3DAKAmf-AyrE2gIL3iux27bjMZ-fg_cl4qG_UlSXpBS0lIZfrfBtFFBxjYmLRN2l3xLfH3aP2ZjIT6miB0xiWNRRvhRa2pIznRxLFkIH51hOxwFDDLmh-sRfVNg4th3AVyBwSRUS3IV_e41Y_eG9fT93jnMla1DnVQoHxPhKIhFH1_AHVvPoi3Sow%26cry%3D1%26dbm_d%3DAKAmf-COx3M5KwhMmOfhAkeitSgxnzT0EiCDRAsKaxXGUhHVAFjOa-VAc-zr26fTs-PMEGbayvXwQPEX9ARTfL3kZZdmHjpgrS02JL8IPD3FSZxPGfbkoX4ZEu0oLmKDdIjXzFZzsJKQ8PgHxQCkZvI6nAj8R8xxAVfs_sYJfnuGc76M22mgjfYKX2IZRcGjxKalUqMLlryQOLFgViwXGsojhQNRoeprlxvsYEgXGrMkOCBBCDATbRjHeWbKnVHTgpMGbksfABAGWFAYNMGsKG_TdwzWKgoGosvEOMVvmva1jkmqRG70sk8QeyYUL8yPRUkcTghYcbEGZiWtnNXOQPwhXJ6YU8fmodNh3x6MzK1shgu4HCQspBh-3yr5hyiNyxLjCpShjX4rV_jX5jhXBrR094nAsANZESgIeaCbcz2JypSLinz8296uc3lQEF-yRe7QDQEr4wL2toAp2AGqiOriWc3yse2h3wYlFmrL3cOueLFJLnlwan9o4n8dAhJ0bAp88tkDIu6DwHN-JLRDhhWBrTE8voDXsyq_GwI76s3aiWgm9BRg0YiDyGWkE84A3YwsyJbBejHXZ77VsBOkk3rx0veOAKgx2LVJfzcAxH_HXgUEqsPKRBg1W6bBmbhp-ksfEHtASMCV0LSDzXwQcHq8vJhKPpjXpg%26adurl%3D&e=0&ord=1699901906560783&z=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-92.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 653fa3a5827add226262f6aeb8dea0a49439241bc4e776caf36ed3e22f198f57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:27 GMT
content-encoding: gzip
x-amz-request-id: EFKN3ZGAJ1A9TA97
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
content-length: 83531
x-amz-id-2: gkaAHNCtSzXYOnb+dRw+saRoE8AHlI8eCxlSpgJFsPuK/Plc/swcHqQ63zjMNz/yLyxuS0DyR98=
last-modified: Wed, 04 Oct 2023 14:16:44 GMT
server: AmazonS3
etag: "f77480d0862b4ade584023228ed4dab1"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=331815
accept-ranges: bytes
x-amz-cf-id: SdwvAoSuU2IJQUudns68U9hTDu7SBsPGjFS7UQpcc_KNzmkKLFkg-g==

GET
H2 200 URLUtil.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_112_0_0/ Frame C572 7 KB
2 KB 41ms
40ms Script
application/javascript 2.19.126.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_112_0_0/URLUtil.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_245_3_0/ebHtml5Banner.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-92.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 91cf683ee0db61e475ee4f5c12ba9281256db5662fd80f2b812067fd9d39b691

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:27 GMT
content-encoding: gzip
x-amz-request-id: 18B5SXSC3BCVXRP5
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
content-length: 1951
x-amz-id-2: gXMRn5sxpvE46ZxeX907MOWacVpdgsdnIcoWIq4fT1Cs9KVZVtK/alvg0M0EzlxxFjsVk2+Q5Yc=
last-modified: Wed, 04 Oct 2023 14:16:50 GMT
server: AmazonS3
etag: "3470a076f0022d50a41874998110932e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=428417
accept-ranges: bytes
x-amz-cf-id: nHcXCynyZmr-o5t3KWY39y1bBG9JMcWuPohR3mhUOsTAMF2B1qwqyw==

GET
H2 200 index.html Show response
secure-ds.serving-sys.com/resources/PROD/html5/6745/20230614/1077105354/80046008818511880/ Frame 1C27 12 KB
4 KB 41ms
40ms Document
text/html 2.19.126.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/resources/PROD/html5/6745/20230614/1077105354/80046008818511880/index.html?versionId=VbIHTQ4Kkmb0NH7GzvQGahdNOv3snFLT&v=_2_174_1_0&n=1&sHost=secure-ds.serving-sys.com
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_245_3_0/ebHtml5Banner.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-92.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f74f38236aabcdf56bcba65d1a71a6821397b73a763b1ce2127567f60db1e447

Request headers

Referer: https://9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
content-encoding: gzip
content-length: 4062
content-type: text/html
date: Mon, 13 Nov 2023 18:58:27 GMT
etag: "5b49c162250b9699aea432588038aac5"
expires: Mon, 31 Dec 2035 00:00:00 GMT
last-modified: Fri, 30 Jun 2023 07:41:29 GMT
server: AmazonS3
vary: Accept-Encoding
x-amz-cf-id: GNcxqbH8WRM0AxFEcBYFljz-iOlkUzjAA5hS5jM4mkOdjIIDqB_zqg==
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: VbIHTQ4Kkmb0NH7GzvQGahdNOv3snFLT

GET
H2 200 IntersectionObserverVisibilityProvider.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_112_0_0/ Frame C572 10 KB
3 KB 41ms
41ms Script
application/javascript 2.19.126.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_112_0_0/IntersectionObserverVisibilityProvider.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_245_3_0/ebHtml5Banner.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-92.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 099657171463b4ada4b9bbf48a40e2305f67331a210ca4bc457051e0499ee23b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:27 GMT
content-encoding: gzip
x-amz-request-id: 18B6GRM88P5NNARY
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
content-length: 2964
x-amz-id-2: X2AWivujUSPTORJCkkndbg1Y/ztnfNEU+mySKccTceEf4NitghBauiOr9gKmQGUcMsbLRwJBW7k=
last-modified: Wed, 04 Oct 2023 14:16:50 GMT
server: AmazonS3
etag: "08712066615c929ef7883423b4376874"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=845692
accept-ranges: bytes
x-amz-cf-id: 3E0R67QqCjFoyg15pwb1EqI-9_h8svvnmq9jAbiBNyn2O0NJ2On9Vg==

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4647 0
20 B 76ms
76ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BWRUe03FSZYefEPKX7_UPlOyziAIAAAAAOAHgBAI&bg=!LyylLGPNAAZxrfrxUa07ADQBe5WfOBy9P2U4O97jk0qQZim2pStcSFDgU-zN09Po63EloqYBGHaepcCZL02QQ7-tnxDIAgAAAI5SAAAACGgBB5kDDcLJxWeEE6ItWDa9Z7QPN5zQP-J0a3EbjhahH7xVVEC4kD_kRTFpbBIvMHfv0j9CEsdWvBmWzAFKJezf9foMyTFf4Ug90FV-YpaMO1d1IWp0eIvD046FAe517zG26h46AMGPMVLnsmPRDWSXxCHeJrXO-TADlidU9cOxDdomXdO4zh9oDKYAEg0Yd5OygV3-28_DgiuqrusHoVfJVv2JXlvtG6p0IIco8JWSfoddlUTXchKztn8RYtYhugX9pXmiE8CnyTZ2c7cV9Y2AAJQe1bA4eZJL2FJvIEdd6SCZbXdqEVfPp3s3R_yuWQwk87DnS50P6QpMjfqMo38TxMZJ9VEo21-vBkPBVkbW0_dM7roUh13LzfKdOoSR1SMfmRjFWoanenLWKfnCeGSBkDmsZpAS13XKPYYxNSdBqeJ6TTWXgoa9hMjnZxRVhL3rgDXXqlhU6Xc7-4Fk8JkZXVfZSzGB56a4kmz959W03IzUM9BUN4zbclXUVHupnLjgtwBePrgPT3xee9LAjxuGQX_zQuwNrSERtY0mMg7Fg-QQCbPeY6fSQkt9ajQjeSrZZiFRPjamrSLjbVyZasTBoq0RpzsZRFE7PAUfoLAcu2MSqUCRnYcAv5MgC7rVFCBgDPilGU3h-vL2qCUrk8V5elLKOVYDjqtS56nl-iii4T3q7PpTXd1HL8BGIBo_xOdWRLXlWQx5tlsEpYTYDQi-ZODSH6r0sBim5JMPRC5Wcy1hMCtC7DV-79tNoqEWXSclP-me0gjyXuFVJ-Z_nt05BfDn-HymeuW-szxyNSGaQIlPDHi0-rOeQWEJbOFAEnpke-9ahVNgjRJowRerDeJrjCHKqXaRi6CS4rW2rRyCuKymcTGdLZ4Qlc4O1ixpDIyjH7J_uXDHqEezW2iSAwxVSG2WgzHA2Z4mNeINECCQagVZBrI1AXxhUY0kp_Ko8hcvZ6443xLZGuWICdKlgfVJEAI0Ts1Jknp0wDxuXcdqpQVnGEiVqc0JxfyBpufJs25-UR8w3D1bnZC-6uPQBAcPoQY

Requested by

Host: 9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com
URL: https://9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Nov 2023 18:58:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK evt Show response
lm.serving-sys.com/lm/ Frame C572 0
230 B 286ms
41ms XHR
text/plain 35.156.29.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lm.serving-sys.com/lm/evt
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_245_3_0/ebHtml5Banner.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.29.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-29-222.eu-central-1.compute.amazonaws.com
Software: LogModule 0.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: https://9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com
Access-Control-Allow-Credentials: true
Server: LogModule 0.6
Content-Length: 0
Content-Type: text/plain

GET
H2 200 Serving Show response
bs.serving-sys.com/ Frame C572 24 B
336 B 41ms
41ms XHR
text/html 52.58.73.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving?cn=display&c=40&dmae=0&sessionid=8254215474720760355&ai=1090992236&usercookie=u2=d89fc155-b761-4652-8922-26b95ef19a40&oo=1&clsrc=2&clbv=_2_245_3_0&gdprpurposes=834&dg=1077981695&sdg=1079167108&ctick=79&ord=0.260498476847858
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_245_3_0/ebHtml5Banner.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.73.75 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-73-75.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2e7778c6ed3c31a131da378d6e573a1b3b6723037cdeea4c4832da83e60c9399

Request headers

Referer: https://9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 13 Nov 2023 18:58:27 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com
p3p: CP="NOI DEVa OUR BUS UNI"
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 24
expires: Sun, 05-Jun-2005 22:00:00 GMT

POST
H2 200 adServer.bs
bs.serving-sys.com/Serving/ Frame C572 0
293 B 42ms
42ms Ping
text/html 52.58.73.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving/adServer.bs?cn=int&iv=2&dmae=0&int=1090992236~~0~~1077981695~~8254215474720760355^VsR~0~0~01020~81^VsRAg~0~0~01020~81^AdStart~0~0~01020~81&usercookie=u2=d89fc155-b761-4652-8922-26b95ef19a40&OptOut=1&rnd=0.4888954789835631&res=32
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_245_3_0/ebHtml5Banner.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.73.75 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-73-75.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Nov 2023 18:58:27 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com
p3p: CP="NOI DEVa OUR BUS UNI"
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H2 200 adkit.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts/adkit/1_0_41_5/ Frame 1C27 71 KB
23 KB 43ms
43ms Script
application/javascript 2.19.126.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/adkit/1_0_41_5/adkit.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/resources/PROD/html5/6745/20230614/1077105354/80046008818511880/index.html?versionId=VbIHTQ4Kkmb0NH7GzvQGahdNOv3snFLT&v=_2_174_1_0&n=1&sHost=secure-ds.serving-sys.com
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-92.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: a047140cc174d554a323b1b787199a21c2c976e9991fa0428ac9a94a641190ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure-ds.serving-sys.com/resources/PROD/html5/6745/20230614/1077105354/80046008818511880/index.html?versionId=VbIHTQ4Kkmb0NH7GzvQGahdNOv3snFLT&v=_2_174_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:27 GMT
content-encoding: gzip
last-modified: Tue, 18 Jul 2023 10:47:09 GMT
server: AmazonS3
x-amz-request-id: HBSGT7N0E2FFYCMD
x-amz-cf-pop: JFK50-P7
etag: "257b68f9ecc3e5a28f10fd241e580d02"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: Jgi17OLS2vvPjBmcHT1WbnilT39vwrZYWZs03sdCBtDTQ3ZNQfutaQ==
x-amz-id-2: sZORBlvsPwaBNHoBeGY+XFv35uCnZ3xYG3cQRt+6oeP3/FWlBREVT866CIcq1Qgl6oPk4rudu/o=
content-length: 22905

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2E34 0
10 B 45ms
44ms Image
text/plain 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?gg9sXw
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/?utm_source=amigosecreto&utm_medium=email-mkt&utm_campaign=as2023
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:27 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 config.js Show response
secure-ds.serving-sys.com/resources/PROD/html5/6745/20230614/1077105354/80046008818511880/ Frame 1C27 4 KB
1 KB 40ms
40ms Script
application/x-javascript 2.19.126.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/resources/PROD/html5/6745/20230614/1077105354/80046008818511880/config.js?versionId=y4w2_ILK_WY4C1s9NJHg1w4iRmJAjv_N
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/adkit/1_0_41_5/adkit.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-92.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 5a816b18c303dc73cdcf173612b0fba45c7b5389e6f78013921bbef7d0572a5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure-ds.serving-sys.com/resources/PROD/html5/6745/20230614/1077105354/80046008818511880/index.html?versionId=VbIHTQ4Kkmb0NH7GzvQGahdNOv3snFLT&v=_2_174_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: y4w2_ILK_WY4C1s9NJHg1w4iRmJAjv_N
content-encoding: gzip
date: Mon, 13 Nov 2023 18:58:27 GMT
last-modified: Fri, 30 Jun 2023 07:37:26 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C1
etag: "557b0c33888c4c9a53582fc2ea05e58a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: ZOKw1SiVbo5rkV4-ugs7j-fPUoZG-JzFR8fttpG1Jj4v8kRDezQuZQ==
content-length: 1023
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET
H2 200 optional.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts/adkit/1_0_41_5/contrib/requirejs-optional/ Frame 1C27 241 B
548 B 42ms
42ms Script
application/javascript 2.19.126.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/adkit/1_0_41_5/contrib/requirejs-optional/optional.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/adkit/1_0_41_5/adkit.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-92.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: b3d2d45118f3987c4a926a5e7454898f3b1a9c2be1efb1297f5e0ec555361c1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure-ds.serving-sys.com/resources/PROD/html5/6745/20230614/1077105354/80046008818511880/index.html?versionId=VbIHTQ4Kkmb0NH7GzvQGahdNOv3snFLT&v=_2_174_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:27 GMT
content-encoding: gzip
last-modified: Tue, 18 Jul 2023 10:47:10 GMT
server: AmazonS3
x-amz-request-id: 26R87S3661B7ZBCM
x-amz-cf-pop: JFK50-P7
etag: "fff4f7d0d640c4b6ea3612ad292bc75b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: Bazv9_YhzO__iU3M8OU7wMSti587shVpSCTplX9Kd9vy70qOiXDUSg==
x-amz-id-2: ofKswRSVfRYzdn5UkcV38ShWTFokonui9CCfa370asJvZiXRtddU/7fnSqNDCUh9Qxurdp6fDEQ=
content-length: 178

GET
H2 200 main.19.8.459.js Show response
static.adsafeprotected.com/ Frame C572 210 KB
66 KB 175ms
45ms Script
application/javascript 2600:9000:223f:5e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.459.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/1564033/72645939/skeleton.js?bundleId=&ias_dspID=3&ias_campId=1013287007&ias_pubId=pub-6260959165761598&ias_chanId=1&ias_placementId=20328774607&bidurl=https://www.amigosecreto.com.br/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jLpbyMHZ5owN67ii2whRdr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e95a8f9df7725ebc60c1e92dd06ae7e871775ff46dad05bfe4637e5ef925bfc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 22:53:50 GMT
x-amz-version-id: RNH8kGLIYxpRSbACdQvKah37Yw10pVI5
content-encoding: gzip
via: 1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 504279
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 07 Nov 2023 21:05:52 GMT
server: AmazonS3
etag: W/"9defff6ae1cb54d3a58accade99bd29c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: 1C1aqs8ChuTZGxkN0pn_2VAtOWeN2MTZJzNIxRFQ7FGcxSDyMlDZaA==

GET
DATA 200
OK truncated
/ Frame C572 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f49810996436405c94147c11c249646c14c32f598db2fc09aebbab9d191fff74

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 interactions.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts//AdBuilderScripts/Interactions/1_23_0/ Frame 1C27 77 KB
16 KB 40ms
39ms Script
application/javascript 2.19.126.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//AdBuilderScripts/Interactions/1_23_0/interactions.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/adkit/1_0_41_5/adkit.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-92.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: b6233b419d0d1cd612c3327f9a4887b243b1d816cc339de1a5b84a3f6dd852c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure-ds.serving-sys.com/resources/PROD/html5/6745/20230614/1077105354/80046008818511880/index.html?versionId=VbIHTQ4Kkmb0NH7GzvQGahdNOv3snFLT&v=_2_174_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:28 GMT
content-encoding: gzip
last-modified: Tue, 18 Jul 2023 10:13:07 GMT
server: AmazonS3
x-amz-request-id: 1TAJHZSW0Q9NKWP6
x-amz-cf-pop: JFK50-P7
etag: "a4fcb10e97cdee7a3e1cb0ac73478261"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: PPAM69HE-yLLqz_eR32m1ZIvjrTOxgsohSmUZ07Bwsbzy--NYQ8mcA==
x-amz-id-2: oRKrwt+JVJGxQH24wBCEGHRTjf7cYtdi+2azlRpgBi5D1H7gop2Giwi8+k3OfIkpb9x34EstWag=
content-length: 15784

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E98D 0
0 77ms
76ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311090101&jk=1132910495721874&bg=!4OOl46zNAAZxrfrxUa07ADQBe5WfOAZiCxrmWOFgB8C3_GtCXPHOmkXodJJnUiyBzKJoMt4GzSP0E3OKPKlzLpJtBZDKAgAAAHlSAAAACGgBB5kC82iCgeR5r6ZSAAvkNkCnNmr8JItg-viy3o_6WfuTHIbG5n0TVYDzTaOyCFZ7yfnPtTHLOvpF98vbCGML-Vn7_JCJbQdYRFEXnntJvX-DJhODeCSi_i9uyy7Hsh6Sw6pX-V97asPPrEhX1D5_0Ddsr3D5afj8DnimZkRNUee_jDHNDzPRA2s_VmQJmeVRVGA-IaoGGRbDw-5q_YNyanY3otQPsDwXf8AGeZgffj4Q7KjcV-GXu2sPz-KS2BAW8d1aBCmq7vyAQSqvjYlb4FAn_79_2UKie9YJE215LkoyLomUnGUiVeWyGYb8OpheJ6iHljW6dEe6tLtjdmTx2lQtKvcpevAbakVvAVLOi_ZXmMgFPASRNlZ61m2XXMUeCDkC2LCaVfiTVXGkjz_Y0x2g7j6k1EXn6EHmstNkSDTZ-k4L-k1OWVRbC8FFZEzBpoGsuCWS94hMckJqHwH5KZLBFTElvH886lV9h1th2ahjCK6u-WU7Uw0W57SQi1qSboWnCBx1p0sEFg4W61ZAB7LlrGOJxpLP7b7HQYm9Ux5ORg3j3LYG9_FT7mvLwyS3uw9hN7d3XVgKThR_zDW9zLT6_zVkZxrgiGIR_WnOhDSAF_4ADjA_TTryhKiI4mGussEOoMZK_qVDZKQm1JU9mLq6NTwEtv8DQNP_nXEnzbyAwZl95svEnwD_V9d7rwOoe-3YwzOFZN6hggip_yxy3DwE99Oe1HLpqji1uzoFyV6wjJcn-X5c4CIEL5zXn7_3L67okooKW3CI--oMiAnCrp_7WnVguAHLOH30NhYzbOY5wLr7Niky7sxwzAtWxNEAM_JOJntfPjSAiMz2-2sVvyIUkiM8ePKn2WLNN3CiNFPWnXXxDSvzi-NPLGTSwVW1fkALrxYuhl9RAm4gbdP5COVrfVu2pWw8nTdr_0DattLe3-IlZ0hWLCufCESSbqzt0L7s2r4LCZ5BRAOS87Nbt8lvvhW3W9XKht6zUfwsmizUa-0J1HU9
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/?utm_source=amigosecreto&utm_medium=email-mkt&utm_campaign=as2023
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H2 200 EBLoader.js Show response
secure-ds.serving-sys.com/BurstingScript/ Frame 1C27 12 KB
4 KB 46ms
45ms Script
application/javascript 2.19.126.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingScript/EBLoader.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/adkit/1_0_41_5/adkit.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-92.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 7ae0b8e3f80fd2c97dea35c4a3643b17368ea41e6e63f083065bfb2a38caf37c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure-ds.serving-sys.com/resources/PROD/html5/6745/20230614/1077105354/80046008818511880/index.html?versionId=VbIHTQ4Kkmb0NH7GzvQGahdNOv3snFLT&v=_2_174_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:28 GMT
content-encoding: gzip
x-amz-request-id: PBZKZ9E99F7PZTQS
x-amz-cf-pop: JFK50-P7
x-amz-server-side-encryption: AES256
content-length: 3615
x-amz-id-2: dY1sog/jFEOXiYot7VLY5EaWxRlMw+g1cFNblO7r9aXCbhbJezkSDuJakCliYca4euOvAZIL6gI=
pragma: no-cache
last-modified: Tue, 18 Jul 2023 10:48:48 GMT
server: AmazonS3
etag: "b92fa833b298e9df5fa8ee69009adb9a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
x-amz-cf-id: 4OXxlVtKMzrf0CE86k4M55OedEnm5LY-Vch0e6nzkZFnV1iXH_OAlw==
expires: Mon, 13 Nov 2023 18:58:28 GMT

GET
H2 200 EB.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts/HTML5Res_2_174_1_0/ Frame 1C27 79 KB
28 KB 40ms
40ms XHR
application/javascript 2.19.126.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/HTML5Res_2_174_1_0/EB.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingScript/EBLoader.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-92.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: b1f1881d36e033f8a3a3c2d76a8cee754ed1f5bf38cd2b8616489997ebd4cb0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure-ds.serving-sys.com/resources/PROD/html5/6745/20230614/1077105354/80046008818511880/index.html?versionId=VbIHTQ4Kkmb0NH7GzvQGahdNOv3snFLT&v=_2_174_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:28 GMT
content-encoding: gzip
x-amz-request-id: RKKKE767SE8YD12F
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
content-length: 28366
x-amz-id-2: X9ITCify+2RwFFFfX9omqh5OAc9NP8CuFTPUpMmmg90tZsxRQnrTHL9a2Ew4ekH1EEVO9c0Pn6c=
last-modified: Wed, 04 Oct 2023 14:16:49 GMT
server: AmazonS3
etag: "1e19bdb7b58f499266826e96c99faa92"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1076474
accept-ranges: bytes
x-amz-cf-id: Xw7eYu2KJbXm_9CcUk6HXOanKf__rQWYt2L18MgiH54CEDLgV33LHQ==

GET
H2 200 adServer.bs Show response
bs.serving-sys.com/Serving/ Frame C572 0
293 B 42ms
42ms XHR
text/html 52.58.73.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving/adServer.bs?cn=int&iv=2&dmae=0&interactionsStr=$$1090992236~~0~~1077981695~~8254215474720760355%5EActualSize~300x250x0x1x0000x0x0x300x250~0~01020~455$$&usercookie=u2=d89fc155-b761-4652-8922-26b95ef19a40&OptOut=1&rnd=0.39599952006118166&res=32
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_245_3_0/ebHtml5Banner.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.73.75 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-73-75.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 13 Nov 2023 18:58:28 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com
p3p: CP="NOI DEVa OUR BUS UNI"
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 89ms
89ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311080101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311080101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

484fce84811a53d431756b559e3d7771d4f575a2aba628c186d1dd78a18b362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12238
x-xss-protection: 0

GET
H3

200

/
www.facebook.com/login/ Frame 0354
Redirect Chain

https://www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3f7a1f4a8a28d%26do...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconn...

0
0

128ms
128ms

Document
text/html

2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3f7a1f4a8a28d%2526domain%253Dwww.amigosecreto.com.br%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.amigosecreto.com.br%25252Ff2ea269856db2a%2526relation%253Dparent.parent%26container_width%3D350%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FAmigoSecreto.com.br%26locale%3Dpt_BR%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue%26width%3D290

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js?hash=132377958eee9a902922764736f395e6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.amigosecreto.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 13 Nov 2023 18:58:28 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
pragma: no-cache
priority: u=0,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: wf0/xEg620TpCnZpnWncUsuZJifi/J/Vh8wBuBU09tVJiPTpQDttKrZQL1FPY4iQnQQnIb1RRcCGirjs4wKJsw==
x-frame-options: DENY
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 13 Nov 2023 18:58:28 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v12.0
location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3f7a1f4a8a28d%2526domain%253Dwww.amigosecreto.com.br%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.amigosecreto.com.br%25252Ff2ea269856db2a%2526relation%253Dparent.parent%26container_width%3D350%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FAmigoSecreto.com.br%26locale%3Dpt_BR%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue%26width%3D290
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
pragma: no-cache
reporting-endpoints
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-fb-debug: f5ra0wX2FOK/KTKKoFHDHbURd2UOgIgTzyUGKVwgVJr4nUnC5rQlN2A/X6cs4rVWCuvt51Eu/zC1AcrPH5hXAg==
x-xss-protection: 0

GET
H2 200 image.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts/adkit/1_0_41_5/comp/image/ Frame 1C27 2 KB
1 KB 47ms
46ms Script
application/javascript 2.19.126.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/adkit/1_0_41_5/comp/image/image.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/adkit/1_0_41_5/adkit.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-92.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 3807c51a39a1b8f50e09a8390f26d13c1b9724476d55913750aaf8addd91a5f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure-ds.serving-sys.com/resources/PROD/html5/6745/20230614/1077105354/80046008818511880/index.html?versionId=VbIHTQ4Kkmb0NH7GzvQGahdNOv3snFLT&v=_2_174_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:28 GMT
content-encoding: gzip
last-modified: Tue, 18 Jul 2023 10:47:10 GMT
server: AmazonS3
x-amz-request-id: M4JM4DY1948P4X79
x-amz-cf-pop: JFK50-P7
etag: "bdbba956fba782397025036aa424985f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: ifr1xD8FEqv3mKDiKIiiHge4Gn9wdgoFEkLp4FyNsywPrGgIhLUEXg==
x-amz-id-2: mRXbjzE4MBLCy31pLTl7SWAcehN/yBM1JxNTcvLWPP/aCOt9vOStXfwxzGcYapP0M4XAJAo89DA=
content-length: 653

GET
H2 200 hotspot.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts/adkit/1_0_41_5/comp/hotspot/ Frame 1C27 568 B
726 B 48ms
47ms Script
application/javascript 2.19.126.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/adkit/1_0_41_5/comp/hotspot/hotspot.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/adkit/1_0_41_5/adkit.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-92.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 3b79ef5d825ac2a75bec6ba12481736d11dc0a6e477932557e140948d229670c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure-ds.serving-sys.com/resources/PROD/html5/6745/20230614/1077105354/80046008818511880/index.html?versionId=VbIHTQ4Kkmb0NH7GzvQGahdNOv3snFLT&v=_2_174_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:28 GMT
content-encoding: gzip
last-modified: Tue, 18 Jul 2023 10:47:09 GMT
server: AmazonS3
x-amz-request-id: PBZRT0BGVH6VGA10
x-amz-cf-pop: JFK50-P7
etag: "43a3f1d1487ec86fcb61358e207f6302"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: XOwYeqgpaZhpvAVVbUHN5i5Q_YIWP7quhWnMa-kS0XN5P-iSNTTswQ==
x-amz-id-2: lOiVnewaqHH0ez8WMiR4MXxj1eb3uF/0LXMm30iM+x+r1GKjKsTb3vwwtAVHicaoSGt8JysMyFw=
content-length: 355

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame C572
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/1564033/72645939/skeleton.js?bundleId=&ias_dspID=3&ias_campId=1013287007&ias_pubId=pub-6260959165761598&ias_chanId=1&ias_placementId=20328774607&bidurl=http...
https://static.adsafeprotected.com/skeleton.js?bundleId=

17 B
465 B

39ms
39ms

Script
application/javascript

2600:9000:223f:5e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js?bundleId=
Protocol: H2
Server: 2600:9000:223f:5e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 03:51:51 GMT
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via: 1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 26060798
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: 7YWg4VdN51zX7nWAby4lYyAy6VL-cgdoC65D_GPGU2mbdvvSfyF8zQ==

Redirect headers

pragma: no-cache
date: Mon, 13 Nov 2023 18:58:28 GMT
server: nginx
x-server-name: app11.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js?bundleId=
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 6659 91 KB
23 KB 47ms
46ms Script
application/javascript 2600:9000:223f:5e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com
URL: https://9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 4646958
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: 990ivIoqGvO2mRP-_A_Tob_TpRqcpOZaASe4APFhC3G6g3Xw0h7pOg==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C572 43 B
215 B 424ms
121ms Image
image/gif 2600:1f18:1aca:4282:640a:bb2c:d265:c552
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1564033&asId=22b2ec17-ee5b-7a66-ef70-d39cf45486ab&tv=%7Bc:tSzO4F,pingTime:-3,time:311,type:v,im:%7BpBlk:305%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:286%7D,%7Bpiv:0,vs:o,r:l,t:310%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:311,n:310,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:286,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B46~1,0~0%5D,as:%5B46~300.250%5D%7D%7D,%7Bsl:o,t:310,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tVwbasy+111%7C112%7C113%7C114%7C121%7C122%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a*.1564033-72645939%7C1a1%7C1a2%7C1a3%7C1b,idMap:1a*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:287%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:640a:bb2c:d265:c552 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Nov 2023 18:58:28 GMT
server: nginx
x-server-name: dt31.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C572 43 B
216 B 418ms
118ms Image
image/gif 2600:1f18:1aca:4282:640a:bb2c:d265:c552
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1564033&asId=22b2ec17-ee5b-7a66-ef70-d39cf45486ab&tv=%7Bc:tSzO4G,pingTime:-6,time:312,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:312,n:310,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:286,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B46~1,0~0%5D,as:%5B46~300.250%5D%7D%7D,%7Bsl:o,t:310,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B2~0%5D,as:%5B2~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tVwbasy+111%7C112%7C113%7C114%7C121%7C122%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a*.1564033-72645939%7C1a1%7C1a2%7C1a3%7C1b,idMap:1a*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:287%7D&tpiLookup=ao:www.amigosecreto.com.br*&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:640a:bb2c:d265:c552 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Nov 2023 18:58:28 GMT
server: nginx
x-server-name: dt33.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 jquery.min.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts/AdBuilderScripts/ Frame 1C27 91 KB
33 KB 41ms
41ms Script
application/javascript 2.19.126.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/AdBuilderScripts/jquery.min.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/resources/PROD/html5/6745/20230614/1077105354/80046008818511880/index.html?versionId=VbIHTQ4Kkmb0NH7GzvQGahdNOv3snFLT&v=_2_174_1_0&n=1&sHost=secure-ds.serving-sys.com
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-92.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 04bebecfb9f7ce92cf947ce283fccf067cf6870f65af3456dd22b6c102447c83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure-ds.serving-sys.com/resources/PROD/html5/6745/20230614/1077105354/80046008818511880/index.html?versionId=VbIHTQ4Kkmb0NH7GzvQGahdNOv3snFLT&v=_2_174_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:28 GMT
content-encoding: gzip
last-modified: Tue, 18 Jul 2023 10:13:07 GMT
server: AmazonS3
x-amz-request-id: M4JPXVY8F0Y8ZZQE
x-amz-cf-pop: JFK50-P7
etag: "1d14cd3798bc4d6aaf65dd625870723f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: Jmw0umXegRUvr3YZ29iGyWWzPeSAAJMb9GrH33jzC02ckTlCKOFLrQ==
x-amz-id-2: rwiWxP8ZHfxgUI+NY2U3+uFS0fR0G+zX3UZI0Uk43jBAG56EkYgYKy06g4XLTWx1sv02C+zdwgA=
content-length: 33424

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C572 43 B
215 B 416ms
120ms Image
image/gif 2600:1f18:1aca:4282:640a:bb2c:d265:c552
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1564033&asId=22b2ec17-ee5b-7a66-ef70-d39cf45486ab&tv=%7Bc:tSzO4N,pingTime:-2,time:319,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:990,beZ:991,mfA:1250,cmA:1251,inA:1251,inZ:1256,prA:1257,prZ:1267,si:1276,poA:1278,bl:1295,poZ:1295,cmZ:1295,mfZ:1295,loA:1301,loZ:1304,ltA:1308,ltZ:1308,mdA:992,mdZ:1213%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.254,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:286%7D,%7Bpiv:0,vs:o,r:l,t:310%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:319,n:310,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:286,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B46~1,0~0%5D,as:%5B46~300.250%5D%7D%7D,%7Bsl:o,t:310,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B9~0%5D,as:%5B9~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tVwbasy+111%7C112%7C113%7C114%7C121%7C122%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a*.1564033-72645939%7C1a1%7C1a2%7C1a3%7C1b,idMap:1a*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:287,sinceFw:31,readyFired:true%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:640a:bb2c:d265:c552 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Nov 2023 18:58:28 GMT
server: nginx
x-server-name: dt32.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311080101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 13 Nov 2023 18:58:28 GMT

GET
H2 200 jquery.mobile-events.min.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts/AdBuilderScripts/ Frame 1C27 18 KB
4 KB 43ms
42ms Script
application/javascript 2.19.126.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/AdBuilderScripts/jquery.mobile-events.min.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/resources/PROD/html5/6745/20230614/1077105354/80046008818511880/index.html?versionId=VbIHTQ4Kkmb0NH7GzvQGahdNOv3snFLT&v=_2_174_1_0&n=1&sHost=secure-ds.serving-sys.com
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-92.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: b8171c8f2827406e089cbc98ea4d9b5904cd05bc701a7f12242e368fa21d1f7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure-ds.serving-sys.com/resources/PROD/html5/6745/20230614/1077105354/80046008818511880/index.html?versionId=VbIHTQ4Kkmb0NH7GzvQGahdNOv3snFLT&v=_2_174_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:28 GMT
content-encoding: gzip
last-modified: Tue, 18 Jul 2023 10:13:07 GMT
server: AmazonS3
x-amz-request-id: PBZMWMJRHF4K7QA5
x-amz-cf-pop: JFK50-P7
etag: "d0c4feddacbc122bed5ed9a5e3268345"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: fcAqoYstb63pq5QCHDBUM8_ypSoAcYY8Bos7jF1oB-xsC2YZKInaCg==
x-amz-id-2: D9G8Mxlfk484FAPoB4J6hyiSajwfnOKE4WFgBqIVibtxlfyyewca1X9I6umRSOA57kCIwU87OuI=
content-length: 3530

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C572 43 B
215 B 352ms
119ms Image
image/gif 2600:1f18:1aca:4282:640a:bb2c:d265:c552
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1564033&asId=22b2ec17-ee5b-7a66-ef70-d39cf45486ab&tv=%7Bc:tSzO5O,time:382,type:e,im:%7BpWait:4%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:382,n:310,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:286,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B46~1,0~0%5D,as:%5B46~300.250%5D%7D%7D,%7Bsl:o,t:310,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B72~0%5D,as:%5B72~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tVwbasy+111%7C112%7C113%7C114%7C121%7C122%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a*.1564033-72645939%7C1a1%7C1a2%7C1a3%7C1b,idMap:1a*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:287%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:640a:bb2c:d265:c552 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Nov 2023 18:58:28 GMT
server: nginx
x-server-name: dt15.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C8B8 13 KB
5 KB 42ms
41ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.amigosecreto.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2306
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 13 Nov 2023 18:20:02 GMT
expires: Tue, 12 Nov 2024 18:20:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F6F8 829 B
560 B 53ms
52ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bed9fe0e0e854a3610cc13ffa89d17120cdbcb402a1ca80c77af58b03f459040

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3MaennwCBQ1j5BDZz4Vsdw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.amigosecreto.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-3MaennwCBQ1j5BDZz4Vsdw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 13 Nov 2023 18:58:28 GMT
expires: Mon, 13 Nov 2023 18:58:28 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 405D 0
0 80ms
80ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231108&jk=2789026869479824&bg=!r6ylrOPNAAZxrfrxUa07ADQBe5WfOCCS_Y9tgpYPMi8yUZbCh7gsbxUqOMX43SoIsliOAk6UqX6NjX3cCac2YOGhJqkHAgAAAJtSAAAABmgBB5kC3q64VMNT-Yx397hr2NdjYGdEQvg6KebdUdDdPYieODUFzi50uQaWrxWaoJk1PqFM7wZLYqPW7opqd3pHU0c_7WGCI0K9ydC-uDaiXByZEtH26X-9evhknbs-MCbg5OvD69e9q88nYAKxT7EtaDYAcbtjgblBFoEThBlTNbtCRmWhoJgW640r58H0ZnxfQGcmp-siLZj7vziKEW2QkPtkYFaoTxLEPC8DAQ2-lBtjOnXjBwiV0XkqRcHfiBq6lns3ovHz39qghDwjPK0PN9FGFJ1hWP3yBsLy5TOE6o4yLnrCAKt1EH2sVxB3yx47zVSIeeNO5GljmDCuOD5wuvjWZWM63IXC5I1jDfMyyDYl_fAQnZBI4zS6uaU7SxX6OWSE3rnS9zZA1T4_3n5l1dr1yYDQPLQ8VU-V6i_wlph2amJPlmHiCxA43lFyKqTHNOjuwLu3dGe7BxVwqJiCLgrwETZG09g2NKdmLvfNUl9NGpSLzES9ZPLgWCqCJqQ29mLQ7jRexhujQj5nDQwSmog3nZtRqtykGC4Q5YnSrQ0pvtN7wAkgnNGLGePKkXfXYygEiQ5xRa3w-dsdm3rUeHoHbAe-SBQukxh1n9MouRVkVTi-INZXZuX4BuMDVMH3CLjh3xfojdOxMLKmiaP08_XKE10mVqsKniArcuzIciU6NWZvhmwcWRd84ir_csHIwXYtzAtnJLXmBS0AXH3LulZRrQvdByE77DISw8y18y6annHM2sZCynM63hbgRf8SQRAUxhVwNsRKIq6yciFbyXUMjqJ88B6lU2P5DTwnk_6Z88_LDIt0aF95espVZsWQRe24kgTrVmkaXGSAXKhm_rApu1ViBv-XufwvVL7o0nJMoj0GgaDzoZNwptDmTcFhwXYYYdCXpybXfS0BbCShYlCG_19dXChbQS39GsiPYAnI7y1gDoxtpFA3fllrlSSoqu2LEZsEIVoJmEDGqYS2gjNb
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H2 200 CSSPlugin.min.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts/AdBuilderScripts/ Frame 1C27 27 KB
11 KB 41ms
41ms Script
application/javascript 2.19.126.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/AdBuilderScripts/CSSPlugin.min.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/resources/PROD/html5/6745/20230614/1077105354/80046008818511880/index.html?versionId=VbIHTQ4Kkmb0NH7GzvQGahdNOv3snFLT&v=_2_174_1_0&n=1&sHost=secure-ds.serving-sys.com
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-92.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 484fe4a5e1df3fe20f5e032826bb99c91806f3947cf0a1d7249af40942c466ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure-ds.serving-sys.com/resources/PROD/html5/6745/20230614/1077105354/80046008818511880/index.html?versionId=VbIHTQ4Kkmb0NH7GzvQGahdNOv3snFLT&v=_2_174_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:28 GMT
content-encoding: gzip
last-modified: Tue, 18 Jul 2023 10:13:06 GMT
server: AmazonS3
x-amz-request-id: TMBXXDV1P69CVGN3
x-amz-cf-pop: JFK50-P7
etag: "11367100ead0fa91f9924179efcefb7e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: dDVnxeinmaJvK98FJGZXMQrDrtBcMAr0Z_Al9m-vIFYfxNkWSVaByw==
x-amz-id-2: rJMXC8J7neix8WxBVPtWJOkT9bh9QkYULGHXAsZ2nsElcP5EuzCNiyg2tFeSoPxESpyQ/b/BmcQ=
content-length: 11288

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame C8B8 39 KB
15 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 16:17:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9658
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Nov 2024 16:17:30 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F6F8 0
0 72ms
72ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311080101&jk=1941516421622326&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H2 200 EasePack.min.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts/AdBuilderScripts/ Frame 1C27 4 KB
2 KB 46ms
45ms Script
application/javascript 2.19.126.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/AdBuilderScripts/EasePack.min.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/resources/PROD/html5/6745/20230614/1077105354/80046008818511880/index.html?versionId=VbIHTQ4Kkmb0NH7GzvQGahdNOv3snFLT&v=_2_174_1_0&n=1&sHost=secure-ds.serving-sys.com
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-92.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 1962a1c66c902d9648e4ade28d36cef821499b07d13f6cbe50aa5e57561d08f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure-ds.serving-sys.com/resources/PROD/html5/6745/20230614/1077105354/80046008818511880/index.html?versionId=VbIHTQ4Kkmb0NH7GzvQGahdNOv3snFLT&v=_2_174_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:28 GMT
content-encoding: gzip
last-modified: Tue, 18 Jul 2023 10:13:06 GMT
server: AmazonS3
x-amz-request-id: TMBV6KX5E8SXEPSY
x-amz-cf-pop: JFK50-P7
etag: "367d034dd8d374fcdff6dea4e059142a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: VUT0WYOQDOlIl89MF32KPK6z8frDNdpEYz4ZAjkZURmdysFmc0s27A==
x-amz-id-2: 7YEZwJOb2CXopZhR7qRCK41tfKbYtIA0yZ2HsPuRXYu06r4OmRa54tjxd2R3yEyKBzU4SkawJ6Q=
content-length: 1456

GET
H2 200 TweenLite.min.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts/AdBuilderScripts/ Frame 1C27 21 KB
8 KB 42ms
41ms Script
application/javascript 2.19.126.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/AdBuilderScripts/TweenLite.min.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/resources/PROD/html5/6745/20230614/1077105354/80046008818511880/index.html?versionId=VbIHTQ4Kkmb0NH7GzvQGahdNOv3snFLT&v=_2_174_1_0&n=1&sHost=secure-ds.serving-sys.com
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-92.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 3eb568caecd6ca476ae2143f0ec1597b4621e69708fc452354bd53c8d6b25373

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure-ds.serving-sys.com/resources/PROD/html5/6745/20230614/1077105354/80046008818511880/index.html?versionId=VbIHTQ4Kkmb0NH7GzvQGahdNOv3snFLT&v=_2_174_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:28 GMT
content-encoding: gzip
last-modified: Tue, 18 Jul 2023 10:13:07 GMT
server: AmazonS3
x-amz-request-id: PBZZSH09D0TWYVBK
x-amz-cf-pop: JFK50-P7
etag: "5ef824d2c8d4c77989c81525b59567eb"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: V7a-WPjCcaANdyNR304r8ozANWBfVI77WUZpaWFdTUi7Giyh98FfAQ==
x-amz-id-2: cTcngyHKclB/BQLN5WEZDxl9MwCbqZ/K4zBGM2VDT5yzwC7RAFMGYhuA0gpvOg/GuwunFG0RX6s=
content-length: 7373

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C8B8 0
10 B 40ms
39ms Image
text/plain 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?YAPmIA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:58:28 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 bg.png
secure-ds.serving-sys.com/resources/PROD/html5/6745/20230614/1077105354/80046008818511880/ Frame 1C27 58 KB
58 KB 41ms
39ms Image
image/png 2.19.126.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-ds.serving-sys.com/resources/PROD/html5/6745/20230614/1077105354/80046008818511880/bg.png?versionId=8RvZnARq0VCxeem6NJEDBd_pXq2ORDDg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-92.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 153e88d30f95c196b8ab65ec6a51727e3ad5d935e06cfbbf7335504539a4812c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure-ds.serving-sys.com/resources/PROD/html5/6745/20230614/1077105354/80046008818511880/index.html?versionId=VbIHTQ4Kkmb0NH7GzvQGahdNOv3snFLT&v=_2_174_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: 8RvZnARq0VCxeem6NJEDBd_pXq2ORDDg
date: Mon, 13 Nov 2023 18:58:28 GMT
last-modified: Wed, 14 Jun 2023 07:51:11 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C1
etag: "d70e14ee72f04d2877297da1399850f6"
x-amz-server-side-encryption: AES256
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 59304
x-amz-cf-id: yBqX8CXqE8nHUWkgrAJqJlOrXJSalzBX8mZ1VgDmpvJPNH9Eyd1QAQ==
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET
H2 200 cafe_au_lait.png
secure-ds.serving-sys.com/resources/PROD/html5/6745/20230614/1077105354/80046008818511880/ Frame 1C27 21 KB
22 KB 61ms
59ms Image
image/png 2.19.126.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-ds.serving-sys.com/resources/PROD/html5/6745/20230614/1077105354/80046008818511880/cafe_au_lait.png?versionId=ecFKdWoTqzav_RTu3MHYnJwUX_QW3RT3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-92.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f99c012dc07a4215a0ae4970568e9b564aefdc42b46bb33e8bcf85eaacd5081d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure-ds.serving-sys.com/resources/PROD/html5/6745/20230614/1077105354/80046008818511880/index.html?versionId=VbIHTQ4Kkmb0NH7GzvQGahdNOv3snFLT&v=_2_174_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: ecFKdWoTqzav_RTu3MHYnJwUX_QW3RT3
date: Mon, 13 Nov 2023 18:58:28 GMT
last-modified: Wed, 14 Jun 2023 07:53:56 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P1
etag: "e7a1d4acd28eae29661af710595d845e"
x-amz-server-side-encryption: AES256
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 21709
x-amz-cf-id: QmHwJpLyce6aI3-cTkbRMaoglnVaCXfYPmXxL2EXxvRNzyUjoBwxXw==
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET
H2 200 flat_white.png
secure-ds.serving-sys.com/resources/PROD/html5/6745/20230614/1077105354/80046008818511880/ Frame 1C27 20 KB
21 KB 63ms
62ms Image
image/png 2.19.126.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-ds.serving-sys.com/resources/PROD/html5/6745/20230614/1077105354/80046008818511880/flat_white.png?versionId=A7Dpe_O7XmybHmSny6XOdL6N9EG6E5sJ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-92.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: fbda5fc5be095ec74f7d10343c78015892d0a2da4585772bc8cc7b9c91baf338

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure-ds.serving-sys.com/resources/PROD/html5/6745/20230614/1077105354/80046008818511880/index.html?versionId=VbIHTQ4Kkmb0NH7GzvQGahdNOv3snFLT&v=_2_174_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: A7Dpe_O7XmybHmSny6XOdL6N9EG6E5sJ
date: Mon, 13 Nov 2023 18:58:28 GMT
last-modified: Wed, 14 Jun 2023 07:54:32 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C1
etag: "6b246594c6179393fa124e65e6040586"
x-amz-server-side-encryption: AES256
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 20790
x-amz-cf-id: P2AAJTUlDRp819VqMzRMwProCzKS2wMH4e0s5gGRnPNGtVSM5xVKbg==
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET
H2 200 grande.png
secure-ds.serving-sys.com/resources/PROD/html5/6745/20230614/1077105354/80046008818511880/ Frame 1C27 17 KB
17 KB 61ms
60ms Image
image/png 2.19.126.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-ds.serving-sys.com/resources/PROD/html5/6745/20230614/1077105354/80046008818511880/grande.png?versionId=FOJCkF4iiZPXDo0CFhVPN.ujVvwOnpmX
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-92.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 2cf7896c22c069f4f1eab5055217ed84757e751a523d60ad37f4b97ffc3fd42e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure-ds.serving-sys.com/resources/PROD/html5/6745/20230614/1077105354/80046008818511880/index.html?versionId=VbIHTQ4Kkmb0NH7GzvQGahdNOv3snFLT&v=_2_174_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: FOJCkF4iiZPXDo0CFhVPN.ujVvwOnpmX
date: Mon, 13 Nov 2023 18:58:28 GMT
last-modified: Wed, 14 Jun 2023 07:55:28 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C1
etag: "5ab19e12a9039f0c2f4c1289ec305c6b"
x-amz-server-side-encryption: AES256
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 17228
x-amz-cf-id: IwvWgOdyW-2LK8W-gUTPBMOwoKoyaGEkGLvk86VJ7hoiz9EjMTg_3w==
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET
H2 200 badge_6-boxes.png
secure-ds.serving-sys.com/resources/PROD/html5/6745/20230614/1077105354/80046008818511880/ Frame 1C27 3 KB
3 KB 66ms
65ms Image
image/png 2.19.126.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-ds.serving-sys.com/resources/PROD/html5/6745/20230614/1077105354/80046008818511880/badge_6-boxes.png?versionId=u.xFWMJB.VXrWHLSv8Q9HJqIG77cblWb
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-92.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e2c21a8d2d8744102ee66caeb54f788b386af398aa607852e56a0c79753cfde1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure-ds.serving-sys.com/resources/PROD/html5/6745/20230614/1077105354/80046008818511880/index.html?versionId=VbIHTQ4Kkmb0NH7GzvQGahdNOv3snFLT&v=_2_174_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: u.xFWMJB.VXrWHLSv8Q9HJqIG77cblWb
date: Mon, 13 Nov 2023 18:58:28 GMT
last-modified: Thu, 29 Jun 2023 14:56:58 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C1
etag: "ea7a3c29bbcf86569b9b65835fde97f8"
x-amz-server-side-encryption: AES256
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 3168
x-amz-cf-id: T1N76F_9QZPjSqDJ_gc0dGu6QyvQQOni9Vb5xHPioVSv477AKDTPQg==
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C572 43 B
215 B 167ms
167ms Image
image/gif 2600:1f18:1aca:4282:640a:bb2c:d265:c552
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1564033&asId=22b2ec17-ee5b-7a66-ef70-d39cf45486ab&tv=%7Bc:tSzOaA,pingTime:-10,time:678,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTkuMC42MDQ1LjEyMyBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1699901908608%7C%7C4c9a5bcef335502b84ef018a92efc69c%7C%7C4df39c49faab03d0511dbe678c90b7cd%7C%7Cec4e8e387a5bded29702d93b4b81805a%7C%7C39fe3bf932051de1a4e55ade1dd42ee3%7C%7Cbd57ea5b5e703bc0635f5772b070724e%7C%7Cbc26915bc985ef530c4cb7ef672a71bf%7C%7C9dd85ab1d86a1beb8adb0443d064f01f%7C%7C1663701684%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:640a:bb2c:d265:c552 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Nov 2023 18:58:28 GMT
server: nginx
x-server-name: dt18.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 183ms
183ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311080101&jk=1941516421622326&bg=!QEOlQwzNAAZxrfrxUa07ADQBe5WfOG-UmH_D_C0JLrtg9n_E3sMWyjsG8b9ccyXHYxqVKAcylZKOTh6ea4BgXzjOl6WBAgAAAHJSAAAAB2gBB5kCxKnF0SZOOo61L3gvA93YEFYbAPWDuEzodD-b_OoR7t3W28SyP7HYXxCD5vdckmfyv7TI_3mytmkTsfLy8RJEnLQqf1ojNcQKKUaNkm39L21E7wLa2oNo9fFmfEw3ebCbvOYWC22v6MqACUdiKJGJXkqdSrMUL12_-PUkVKVh0SoM_t7G58UmK--AeQ3vLyxY8HTfl9IkaHJvaq6J2idpYQSTmKKAtDa6IKCXvhsZZzbYy-UtuUfBo795xLTu_fW-fxcgDgI9jVvep2hvFK_8zbeq2UQ-hk4Bmx_j6TakVgOTEKgzM-SnhPyJqW5T4x3aWHbk5s7aBekCEjIX8Bh-cizBXD96TPb_7gTjqSGI44vm_fOJAylRPQN-dv9iHzO8kf7VxIPf4CELTkxdwhy36IApt07Nd-tUAoYtpRaM_sh-0zUVM4GEL0vLBy2WsLJyt49ROW1JlDVS6-MtOfJ7f_1oBGVmvKirNFQ51TCLW3BWSvPx45isEFdR4NxTyeuAS26ZQVk2rXHqtB28411q-3Xp3sW1RxEjPYctVKAKCzJql0kUi-7zCwtQAFHMbZuXX4DYsgSPzGllpOGDqOPVokHVSnr5JbphCSDuUi8SVQWgfQmneNyIAVhu2L8zfSuz3zYJLgKUEi62sxTs7S2_wMhXMM3zwxSwiZvExIWd67HOR8km8KTgqVR9x1zFjhsBbc5HJkQCA2obncUBwq6p74l0nAFOmoEqxOKeyOA21OP4q6Dmp6cEGMH5QR-VomuW-dTh0FKWTLZzlcnnq-AUVOfUb4Ps5Vw0tXefied6l7wZs6JCNZcNM20IHxobE0wfzq9koypl7AZOdDGfdoWaqQA_MbrKR4SNqpKcIenJ64wJ0fsvF68b9pRd59-SOmSiIPmMZLVYnVlNw_pjUOZt1uvsLo_rVz9mF32rOPxhJp-FdUKGzg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C572 0
20 B 113ms
113ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7638076050558&version=m202309260101&ct=77&x=1&cor=7137276407181626000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Nov 2023 18:58:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 4699 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5bd67c28fab89fce8eca8feae3c6570df107a8d98bd174d256f69f30e357806e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 collect
region1.google-analytics.com/g/ Frame 405D 0
17 B 48ms
48ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-MH0ZFXE61K&gtm=45je3b81v887988591&_p=1699901906350&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=727135855.1699901906&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEAI&_s=2&sid=1699901906&sct=1&seg=1&dl=https%3A%2F%2Fwww.amigosecreto.com.br%2Fpresentes%2Fdestaque%2Fhome-deslogada%2F&dr=https%3A%2F%2Fwww.amigosecreto.com.br%2F%3Futm_source%3Damigosecreto%26utm_medium%3Demail-mkt%26utm_campaign%3Das2023&dt=DESTAQUE%20%E2%80%93%20Home%20Deslogada%20-%20AmigoSecreto.com.br&en=scroll&epn.percent_scrolled=90&tfd=5805
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MH0ZFXE61K&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Nov 2023 18:58:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.amigosecreto.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 47ms
47ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-J2TS8EPKY3&gtm=45je3b81v878338784&_p=1699901905002&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=727135855.1699901906&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEII&_s=2&sid=1699901906&sct=1&seg=0&dl=https%3A%2F%2Fwww.amigosecreto.com.br%2F%3Futm_source%3Damigosecreto%26utm_medium%3Demail-mkt%26utm_campaign%3Das2023&dr=https%3A%2F%2Fimages.il.com.br%2F&dt=O%20site%20oficial%20do%20Amigo%20Secreto&en=ad_impression&ep.query_id=CI_OrIrUwYIDFU4DVQgdgGUGGw&_et=395&tfd=7190
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J2TS8EPKY3&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Nov 2023 18:58:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.amigosecreto.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK int Show response
lm.serving-sys.com/lm/ Frame C572 0
230 B 164ms
41ms XHR
text/plain 35.156.29.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lm.serving-sys.com/lm/int
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_245_3_0/ebHtml5Banner.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.29.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-29-222.eu-central-1.compute.amazonaws.com
Software: LogModule 0.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: https://9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com
Access-Control-Allow-Credentials: true
Server: LogModule 0.6
Content-Length: 0
Content-Type: text/plain

Verdicts & Comments Add Verdict or Comment

141 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.amigosecreto.com.br/	1969-12-31 23:59:59	Name: ASPSESSIONIDSSATCBAD Value: CIMIOBJAMDKNBKOKGPHNJHOO
images.il.com.br/	1969-12-31 23:59:59	Name: ASPSESSIONIDCADQAATB Value: FHLDLEKAMAIFCHACIOCAOJGE
www.amigosecreto.com.br/	1970-01-20 16:25:08	Name: tipoAcesso Value: desktop
.amigosecreto.com.br/	1970-01-20 18:21:17	Name: _fbp Value: fb.2.1699901906468.1502808416
.amigosecreto.com.br/	1970-01-20 16:13:08	Name: _gid Value: GA1.3.927822237.1699901907
.amigosecreto.com.br/	1970-01-20 16:11:41	Name: _gat_gtag_UA_5699012_1 Value: 1
.amigosecreto.com.br/	1970-01-21 01:47:41	Name: _ga Value: GA1.1.727135855.1699901906
.amigosecreto.com.br/	1970-01-20 16:11:43	Name: _hjFirstSeen Value: 1
.amigosecreto.com.br/	1970-01-20 16:11:43	Name: _hjIncludedInSessionSample_2766609 Value: 0
.amigosecreto.com.br/	1970-01-20 16:11:43	Name: _hjSession_2766609 Value: eyJpZCI6IjM1MjJkMDRhLWRjNzEtNDgyYi1hNzY5LTkwNjkzMWYwYzBiNSIsImNyZWF0ZWQiOjE2OTk5MDE5MDY3NTksImluU2FtcGxlIjpmYWxzZSwic2Vzc2lvbml6ZXJCZXRhRW5hYmxlZCI6ZmFsc2V9
.amigosecreto.com.br/	1970-01-20 16:11:43	Name: _hjAbsoluteSessionInProgress Value: 0
.amigosecreto.com.br/	1970-01-21 01:47:41	Name: _ga_MH0ZFXE61K Value: GS1.1.1699901906.1.1.1699901906.0.0.0
.amigosecreto.com.br/	1970-01-21 00:57:17	Name: _hjSessionUser_2766609 Value: eyJpZCI6IjJhMmRiNmZmLTc5ZWItNWIyMS04ZjExLTJmODY4ZWMzOTYyNCIsImNyZWF0ZWQiOjE2OTk5MDE5MDY3NTksImV4aXN0aW5nIjp0cnVlfQ==
.amigosecreto.com.br/	1970-01-21 01:33:17	Name: __gads Value: ID=68d1586201a61596:T=1699901906:RT=1699901906:S=ALNI_MYilq99i6HMr_mFttXMcX60GrIUlg
.amigosecreto.com.br/	1970-01-21 01:33:17	Name: __gpi Value: UID=00000cc3815a4288:T=1699901906:RT=1699901906:S=ALNI_MbiLGPkb1Hj6j6OmEZNU7dnpWHY-w
.amigosecreto.com.br/	1970-01-21 01:47:41	Name: _ga_J2TS8EPKY3 Value: GS1.1.1699901906.1.0.1699901906.60.0.0
.doubleclick.net/	1970-01-21 01:33:17	Name: IDE Value: AHWqTUnnycBjnDvmYjqor5c5ZN1rzXpLw898JA3bmMa5laIWUuM4uHRKLuIqLIEY-KQ
.doubleclick.net/	1970-01-20 20:30:53	Name: APC Value: AfxxVi6ADh5Ub92MIgc8Z2XRUJCrgkVcJDC2tLIpAvMpYaC_Inab8Q
.casalemedia.com/	1970-01-21 00:57:17	Name: CMID Value: ZVJx0zF.UEgtA-3d-vLo4gAA
.casalemedia.com/	1970-01-20 18:21:17	Name: CMPS Value: 5126
.casalemedia.com/	1970-01-20 18:21:17	Name: CMPRO Value: 5126
.adnxs.com/	1970-01-20 18:21:17	Name: uuid2 Value: 673735974124182938
.adnxs.com/	1970-01-20 18:21:17	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVSuzNN@!]tbPl1M>e)ZlrFUfJ+tGXxo3CvC2RK1v4h_`(o4S)2tDAguzj_/$NE0[iUI3If)y3KL9D3I?+47w0wu
.doubleclick.net/	1970-01-20 16:54:53	Name: ar_debug Value: 1

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_245_3_0/ebHtml5Banner.js(Line 109) Message: The devicemotion events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
javascript	warning	URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_245_3_0/ebHtml5Banner.js(Line 109) Message: The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
javascript	warning	URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/AdBuilderScripts/jquery.mobile-events.min.js(Line 4) Message: The devicemotion events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9e3cbc0dc344047c4ecc1772b861777c.safeframe.googlesyndication.com
ad.doubleclick.net
bs.serving-sys.com
cdn.jsdelivr.net
cm.g.doubleclick.net
connect.facebook.net
d308cf5aba4c350d52f6f982b50ad7bb.safeframe.googlesyndication.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
images.il.com.br
lm.serving-sys.com
netdna.bootstrapcdn.com
pagead2.googlesyndication.com
pixel.adsafeprotected.com
region1.analytics.google.com
region1.google-analytics.com
script.hotjar.com
secure-ds.serving-sys.com
securepubads.g.doubleclick.net
static.adsafeprotected.com
static.hotjar.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.amigosecreto.com.br
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
104.18.36.155
13.32.27.21
142.250.181.230
142.250.184.226
2.19.126.92
2001:4860:4802:32::36
2600:1f18:1aca:4282:640a:bb2c:d265:c552
2600:9000:223f:5e00:8:48e:53c0:93a1
2606:4700::6810:5514
2606:4700::6812:acf
2a00:1450:4001:803::2001
2a00:1450:4001:806::2008
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:810::200a
2a00:1450:4001:811::2001
2a00:1450:4001:812::2004
2a00:1450:4001:827::2002
2a00:1450:4001:82f::2003
2a00:1450:400c:c03::9b
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
35.156.29.222
37.252.171.21
52.10.170.101
52.222.139.19
52.58.73.75
66.232.27.51
66.232.27.70
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
04bebecfb9f7ce92cf947ce283fccf067cf6870f65af3456dd22b6c102447c83
05d5eb9a7560b5768cf322cc2da63c3c66f0d65101444e3708a295134df3952c
076336fdd4c5acfa3555badec27bf1d55f370ead418e5500427179c5c782c0e4
099657171463b4ada4b9bbf48a40e2305f67331a210ca4bc457051e0499ee23b
0998cafe4fb72f635108eecba3ce34132f05d3efafa09f7730566c6ddb664cb6
09f067898cd4c8bd05a3e0528266f39c7d5bff6b09c46f436b77226ef5416658
0b43d60aca8a76914d20830e4bb05e4a4758a4194108fb916b6942c4ca127163
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
11f4b1c5b48fa0100ba180a2e7ffc3296a59ecd4b210351bb452130979c8582c
1314782a6823d4d4cf17adf55e1985ee8d5d447ce28457e75f84493efbde641d
13ba2997ea62a564075f4e9d586d98c0f2662d6f23042e5f39366b2f27f320a9
1440f1a09f9b2c13c4459191aa9e390b5efa998db377d60e5f88b4a1f6886805
14c2c2d31549def425126ae4d7ab7ec66cc9f103770154c1f201bc99cc74a47f
153e88d30f95c196b8ab65ec6a51727e3ad5d935e06cfbbf7335504539a4812c
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1962a1c66c902d9648e4ade28d36cef821499b07d13f6cbe50aa5e57561d08f1
1c0b40607413fb72210d2fae45f70bf47dd69ee16abfd54584cc6b4f1304707b
1cf30e59d21d4ae560af7143f5913efcc8222bcaa4fcc7508eb802b5faa9e94e
22e056d59c62c03f657756cdd1b0cdb9d9afadcbdb9528ef3645fd958660964d
23fb092c9dc3addc12ca0d7d6f92427b65c5f47dc4a38ccaabb24bb3ea7e1fb4
24cba174dc0edbadb1e7b656d2769dfe165512b48575741c2a4c19826eae505d
252001d3ee62be0c78acc972d8815a95db0f0e71590cc94178b9922b4b707e6d
2b1caa183eb1fc8c5196d74ecdb78d1838d7ccca70dd81d1ba944876dd217eaa
2cf7896c22c069f4f1eab5055217ed84757e751a523d60ad37f4b97ffc3fd42e
2e5c38f91141b372594bad8cc8da91282fbd59952f7d9d1b8b3d59ae76e562b5
2e7778c6ed3c31a131da378d6e573a1b3b6723037cdeea4c4832da83e60c9399
2ff03a27b1279e642a25b88582f99925f26ac69149a1e828ad3cc862a455b3bc
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3807c51a39a1b8f50e09a8390f26d13c1b9724476d55913750aaf8addd91a5f0
3b51898ccc6ab28456816157537b6152ac448e74c10f7e586ecabddacd417dae
3b79ef5d825ac2a75bec6ba12481736d11dc0a6e477932557e140948d229670c
3b84cdee97a0dba26a5eacfca74f8da8c573a84aa3c40f51ff7c0edb41c9bb04
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3eb568caecd6ca476ae2143f0ec1597b4621e69708fc452354bd53c8d6b25373
3f37bddd375cf2646702677b6c607c0d8c365899ac52d9e87fb9861e9583a40e
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
484fce84811a53d431756b559e3d7771d4f575a2aba628c186d1dd78a18b362f
484fe4a5e1df3fe20f5e032826bb99c91806f3947cf0a1d7249af40942c466ed
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ba2311ce2e313ca8dd37274496701d28deed04e6233c5110bebe419c912b095
4ce16f8c793c6a2f3be0831b5785e11b906bcbc507df8b2ba7bc23841d5103ab
4dac4307464c58c79b17882847cd4166894288e7184c50afff68a19c6c3a7273
4e9799d6889333c95e582dd5e8988699b207bda2cee6898e0bf9b0580233fd04
4f3fb001823a36c026ac3c56ceb242c0b6351d4616fa9c55075a501728386aef
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4fa1fbb70e211f5034e5e72297a70b26290c8b6851d4d9253d304add87c5216c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58e76c492eae94b396915e82e7414080a3781447920b3e04b4dc19f89758da56
5a816b18c303dc73cdcf173612b0fba45c7b5389e6f78013921bbef7d0572a5b
5b7bda0af3dd9f5712d7b58867ae96898863dfa09ed16b1997ab6bba59a1f315
5bd67c28fab89fce8eca8feae3c6570df107a8d98bd174d256f69f30e357806e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
653fa3a5827add226262f6aeb8dea0a49439241bc4e776caf36ed3e22f198f57
665273a9b548830b3ae7acda2d45d9dd61a2bbb5223ebeaf37e5cb12bb4ac7c3
665bcb6ed770ac2912650669bab9a192745b8bde1492e4eae4c9de962930552a
6779927a414cbf0fe75402465415087eb51e26f9a5f466bd8c59ed2df157d9b2
679387c2f15182819b17e9f3aec3cb611bbf474b3797f72a96a4f9bb439508ef
69471d73fdd7c16540c41a040ee1d68b7ea09d9bc3ab236392c4e1d728d13a20
699887e1045d576408e48e01b72e33e39657a673e209f463e7760518cdc2823a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
6e220e99b161c82228d6cff047d33752333611b0dc0010899bdd492966c3089d
77e0cbf5f73df644f929b908ed8697c27fecc3b456810ba75909ca8d14067104
78674c24919c24b1047cfcb448907e28a91281d511eb2a9c75433680f5ab4cdc
7ae0b8e3f80fd2c97dea35c4a3643b17368ea41e6e63f083065bfb2a38caf37c
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
820104d2635b6142cd4ad4bfc096f7bd1aa757a8150380730fde125cc1bc9e43
83e15bac592379d6321bb5bd62f6a378a2229cc902f064c148f2032feb5bde86
862f5e7bf96f53112e8d4b35edfe9aad7f88181ecc776db926bfe3e4a515f7aa
866ce0557c25a351783f1f5287f6cee1332efafe406194195fb9c98234b8e162
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f
8fe5ebbe44388c9f7d1e3d2924a3ebea4d110a0c430d24ecdcf06a2eb5f610c7
904dec00a15aa6e85bb26e5050a1c8bfd8059dba531d6b3430d737d2958d1080
91cf683ee0db61e475ee4f5c12ba9281256db5662fd80f2b812067fd9d39b691
924590d6c568380e23b9397b8e4b7f23e4df43b6a98d9675e3eea5be3bc6834e
95c30c0c79aab954ef04aac162402d7bd9efed9474788f4a2783cf4339a66b6e
970a471f91ad8bc60848134b6630c76d5300caa1e88e6ebed454174022dec0af
99a72945b2bc7c9b6e21f87854905b0760833e236e0891750c6cf01c8585922a
9ae2bcf835711475d796fdfecce7fba774084969544c37d2eea4d7ef0de34f03
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a047140cc174d554a323b1b787199a21c2c976e9991fa0428ac9a94a641190ed
a5515c53111bb4a4f45aff63d06df893ae9033dc85e82cc2ef27fc099a4d7609
a603b2b20c78990ff3b6b9e99a5d303b936d8885950ced8135df87c23eff4f20
a72843979d55dc4d5d9bcac65c18b3b75d753258c9fece915f49e9ad52a290b8
ae23784b80b3af05f1330516409f816a15d794e38a9ae9a9458f5b0918c3be20
af2781a535d6ebb9937eb6c109e1cca91d43a0584252d561f7331a118ef80a3b
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1f1881d36e033f8a3a3c2d76a8cee754ed1f5bf38cd2b8616489997ebd4cb0f
b3d2d45118f3987c4a926a5e7454898f3b1a9c2be1efb1297f5e0ec555361c1f
b6233b419d0d1cd612c3327f9a4887b243b1d816cc339de1a5b84a3f6dd852c7
b8171c8f2827406e089cbc98ea4d9b5904cd05bc701a7f12242e368fa21d1f7c
b9b20c45fa7937a540df46f96c90d6a36a0f3c2cc4be9f500e89168b0ea330a5
bc88754dc07d3db18ae64a5feccf516afa3c824f6727085ee26170fd4cfe35a7
bcd19a9d5a816d9a38f85e9c6467e2b6d4f45dd054d6447cb93212e56af477ff
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bed9fe0e0e854a3610cc13ffa89d17120cdbcb402a1ca80c77af58b03f459040
c1282be42b8d2163c8d5b170521ce2f167ebfaabecbf4cc34e63299ee61dc651
c2a1f50a60bde2976b5f3488cc773fe2d73cc9c8e741c6700c9bf5c852cec0dd
c9c6dbca6551abc94328d2de87ab016d69fa9035811709272161f76091a52068
ca6ef142765010507ac8c344ee29295e28bf2b93a06c536f14fdd91deff6a697
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cca7903166ac60c3620645ba4202de339127c89206ac39bf657f74f679bb73a1
d3327061052227a35fd1df1cf0fc9338047374b84640665fd6750c7a91343791
d6f3358743b370d0292e2c8db3820b32eb5ea5f8f4cac004b3d3a34c6557ee7d
d7485684ab40601d4a059a0553f57645611c29e78e77c140b21327af71106c15
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df9087237b9804035dbf46d276cc601be56096174e605fe02cecfa1ba6f45b92
e28ad55da00153b0123915f629dd34cb5e9f1de065c33f7c096e84d5f33d0b7d
e2c21a8d2d8744102ee66caeb54f788b386af398aa607852e56a0c79753cfde1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e68de99a451c0ddc94f691c9351c9a1c5d97d00c47ae8f51d27639885f5130bc
e947a34e3241a8fa04ba18016cd7f89c56130e69e3724f6cc242ceceb825d557
e95a8f9df7725ebc60c1e92dd06ae7e871775ff46dad05bfe4637e5ef925bfc1
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec128873eaa636d64c032688f8078a183dc65e24272f3c3325143ee311e8bbf8
ec4eb1d43feb1ff5d46ff8fceb2ff6a7447a604bdbbe0e2c0e3fce9545954736
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef432b2d6a204dd907361abf001ceec4d8d9c81f79cd7e1023a3d4be9202fc15
f49810996436405c94147c11c249646c14c32f598db2fc09aebbab9d191fff74
f62e61bd234a5c42f5eaa21d80979ae5e1c3e70116e819ea2d67b1169199edca
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f68361193d90603a25d438f72f3497c2a4c3deaf087df0e8ecac48b8a58aaf55
f6ac8c2ed700717e60d76e8391f06562d2f65382acbd76e696ea65de9306a595
f74f38236aabcdf56bcba65d1a71a6821397b73a763b1ce2127567f60db1e447
f99c012dc07a4215a0ae4970568e9b564aefdc42b46bb33e8bcf85eaacd5081d
fbda5fc5be095ec74f7d10343c78015892d0a2da4585772bc8cc7b9c91baf338

www.amigosecreto.com.br Open in urlscan Pro 66.232.27.51 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

185 Requests

97 %HTTPS

63 %IPv6

20 Domains

34 Subdomains

33 IPs

4 Countries

4389 kBTransfer

9125 kBSize

24 Cookies

7 Outgoing links

Page URL History

Redirected requests

185 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.amigosecreto.com.br Open in urlscan Pro
66.232.27.51 Public Scan

Screenshot
Live screenshot

Full Image

185
Requests

97 %
HTTPS

63 %
IPv6

20
Domains

34
Subdomains

33
IPs

4
Countries

4389 kB
Transfer

9125 kB
Size

24
Cookies

185 HTTP transactions
5 data transactions