www.amigosecreto.com.br Open in urlscan Pro
66.232.27.51 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.amigosecreto.com.br/
Effective URL:
https://www.amigosecreto.com.br/
Submission Tags: falconsandbox
Submission: On January 11 via api (January 11th 2024, 8:31:38 am UTC) from US — Scanned from DE

Summary HTTP 125 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 24 IPs in 3 countries across 15 domains to perform 125 HTTP transactions. The main IP is 66.232.27.51, located in United States and belongs to COGENT-174, US. The main domain is www.amigosecreto.com.br.
TLS certificate: Issued by R3 on December 3rd 2023. Valid for: 3 months.

This is the only time www.amigosecreto.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 35	66.232.27.51 66.232.27.51	174 (COGENT-174) (COGENT-174)
5	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
7	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	108.138.7.127 108.138.7.127	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
2	13.32.27.107 13.32.27.107	16509 (AMAZON-02) (AMAZON-02)
1 3	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c1d::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
125	24

35 66.232.27.51 (United States) 1 redirects

ASN174 (COGENT-174, US)
PTR: www.amigosecreto.com.br

www.amigosecreto.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

netdna.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.7.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-127.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.27.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-107.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1d::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

8b2ef45b3f554aa501ab6d2a6c3964b0.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
39d8c44d2cc16f77222a0cf2281b3f5b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	amigosecreto.com.br 1 redirects www.amigosecreto.com.br	1 MB
29	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 140 8b2ef45b3f554aa501ab6d2a6c3964b0.safeframe.googlesyndication.com 39d8c44d2cc16f77222a0cf2281b3f5b.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 185	502 KB
13	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 68 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269 stats.g.doubleclick.net — Cisco Umbrella Rank: 184	334 KB
8	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2014 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1187 www.google.com — Cisco Umbrella Rank: 6	123 KB
8	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	516 KB
7	gstatic.com fonts.gstatic.com	338 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 271	252 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 1202 script.hotjar.com — Cisco Umbrella Rank: 1735	118 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 240	179 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 115	8 KB
3	facebook.com 1 redirects www.facebook.com — Cisco Umbrella Rank: 98	3 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101 region1.google-analytics.com — Cisco Umbrella Rank: 1695	21 KB
1	google.de www.google.de — Cisco Umbrella Rank: 4002	408 B
1	bootstrapcdn.com netdna.bootstrapcdn.com — Cisco Umbrella Rank: 8446	71 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 438	2 KB
125	15

	Domain	Requested by
35	www.amigosecreto.com.br	1 redirects www.amigosecreto.com.br 8b2ef45b3f554aa501ab6d2a6c3964b0.safeframe.googlesyndication.com
13	tpc.googlesyndication.com	securepubads.g.doubleclick.net 8b2ef45b3f554aa501ab6d2a6c3964b0.safeframe.googlesyndication.com tpc.googlesyndication.com www.amigosecreto.com.br
13	pagead2.googlesyndication.com	www.amigosecreto.com.br pagead2.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
10	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.amigosecreto.com.br 8b2ef45b3f554aa501ab6d2a6c3964b0.safeframe.googlesyndication.com
8	www.googletagmanager.com	www.amigosecreto.com.br www.googletagmanager.com
7	fonts.gstatic.com	fonts.googleapis.com www.amigosecreto.com.br
5	www.googletagservices.com	www.amigosecreto.com.br securepubads.g.doubleclick.net 8b2ef45b3f554aa501ab6d2a6c3964b0.safeframe.googlesyndication.com
4	connect.facebook.net	www.amigosecreto.com.br connect.facebook.net
4	fonts.googleapis.com	www.amigosecreto.com.br
3	www.google.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
3	www.facebook.com	1 redirects www.amigosecreto.com.br connect.facebook.net
2	8b2ef45b3f554aa501ab6d2a6c3964b0.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	region1.analytics.google.com	www.googletagmanager.com
2	script.hotjar.com	static.hotjar.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	static.hotjar.com	www.amigosecreto.com.br
1	39d8c44d2cc16f77222a0cf2281b3f5b.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	www.google.de	www.amigosecreto.com.br
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.google-analytics.com	www.googletagmanager.com
1	netdna.bootstrapcdn.com	www.amigosecreto.com.br
1	cdn.jsdelivr.net	www.amigosecreto.com.br
125	24

This site contains links to these domains. Also see Links.

Domain
www.instagram.com
www.facebook.com
www.tiktok.com
twitter.com
www.youtube.com
blog.amigosecreto.com.br
amigosecreto.zendesk.com

Subject Issuer	Validity	Valid
*.amigosecreto.com.br R3	`2023-12-03` - `2024-03-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-20` - `2024-01-18`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
bootstrapcdn.com GTS CA 1P5	`2023-11-30` - `2024-02-28`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh

This page contains 18 frames:

Primary Page: https://www.amigosecreto.com.br/
Frame ID: 9326B2966AA2C15DFB91AE56AAD72AD7
Requests: 54 HTTP requests in this frame

Frame: https://www.amigosecreto.com.br/patrocinadores.asp
Frame ID: 75B10E30E2BA53398CC7858EDB75C0C3
Requests: 10 HTTP requests in this frame

Frame: https://www.amigosecreto.com.br/00_bco.asp
Frame ID: 6596CBA26355E444B79F82304A7D2D11
Requests: 1 HTTP requests in this frame

Frame: https://www.amigosecreto.com.br/00_bco.asp
Frame ID: 81735A3A87B31FF2B975DA88346E2D53
Requests: 1 HTTP requests in this frame

Frame: https://www.amigosecreto.com.br/00_bco.asp
Frame ID: 9D6F5A06D7D0BECC78AA622BD1361BA8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html
Frame ID: 3BD2A713BD044F4E7B31C07906E0E823
Requests: 1 HTTP requests in this frame

Frame: https://8b2ef45b3f554aa501ab6d2a6c3964b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 65F68A2471F376470219500B9D374C94
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6260959165761598&output=html&adk=1812271804&adf=3025194257&lmt=1704961891&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x810_l%7C500x810_r&format=0x0&url=https%3A%2F%2Fwww.amigosecreto.com.br%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=0.8&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704961891010&bpp=4&bdt=1224&idt=451&shv=r20240109&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8506179326207&frm=20&pv=2&ga_vid=81466539.1704961891&ga_sid=1704961891&ga_hid=774423462&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320239%2C44795922%2C95320889&oid=2&pvsid=3964506096998695&tmod=67459235&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=467
Frame ID: 22D6526F71AD6388C77F5C0E643DC0DA
Requests: 1 HTTP requests in this frame

Frame: https://39d8c44d2cc16f77222a0cf2281b3f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: F3A0206BDDE2AA05C9482EBCEDBFEC8B
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstHsp9SQKY7VePQelcp0Wx5Q8jku8rMtH64QBwm3YLF0kp1guM2SluBqY1NW4rluMnfmzCTROW9T4rOi2GPnQQV9pRozFzseZYefLUQ0acbrS_9eQuf6a-k5iS2j5onujtx0n6QtWGocHO3o1qPagfHpxrk5tVYEGP_frTkoJQ7Jh0fMOcAQaJVTP6QuuEriR0QhJGFUPg5SlUmCQMv-V5rl3gSxXtQS2TTCH9flBrIWZR1Kb60SikWGpqxW5QbnmajeQ84U4B2C5s8bgocJbRvnWqHfXQv7X2Awl6LLQMQFi2RC_Q92RXWAgzZxjm19PS9DKBpTXr6KHUqcqPoMFW9X1ZzIUOlL1cGKBsjhJNHB-qWCCGPig&sai=AMfl-YQraQGxteSwarjW-bhCoz4XmRet0wuFGZxYd6kUxweXi9B3cbaaHd6e3KOrMah-Hm0m--ZRjIm6Qtk5ASWOKUTBzdw5Tgq016XSAFQVx42NvwK9i6h_h6WkuHB3d_Y6yvCyqhsLjZKXWlguK3U00yEt&sig=Cg0ArKJSzLjglR1wpOWEEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 44C2432102778AE536198A8DBFBED139
Requests: 7 HTTP requests in this frame

Frame: https://8b2ef45b3f554aa501ab6d2a6c3964b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A735A8988D1FB173433D129256EB67DE
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssvMz14sFmiTRTm_qPSuCyrWoKFPb9SnXcgpYA7bGD7PKnOYDeVDO5ZY6VXypyazXUr8Zvjd2ninEsrIngmHsKNSHJ5btotrCzbRtExpVfLl_IcYd3pjh3qN24x-Pbvj4gwvaKEfUDBYG_isHcuDbM0VRXU8Wk72VJwW916iQhiIlgI-sv6TAKQuikw1Rgy_-iDBCE0MOQeMwK6Ii0Igvhr6rZwa4JwMrHT1tuXOn5zTDwj4pWTncx1OUWearu_H98hX-IiYkUmkXxCs8b-piF9Sez8lo4UIoJKG7mitPKnRG5XR5D-fL4LHa9_8b95-jTyaa0TnYHehJdD24EawgdG9WNZVi73GQukFguShzCmP8w&sai=AMfl-YSKfAaIqx3KmicYMxlwS0dsIKKJy7DmfzS4dL3mhUp3VFq1Gnc4P0x0cNAN7js3hnamePZ5upZTMvkgRvlq_Mw7gJ9VPpYDrjEjoqueUt8vH6FRv3owNhuy0WAIzXw&sig=Cg0ArKJSzGhNPp-ZvOeZEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 0FBF1A89B96257DF8D2DC179E6648121
Requests: 8 HTTP requests in this frame

Frame: https://www.amigosecreto.com.br/presentes/destaque/insider/
Frame ID: 1962BA7C0C1182B0E6B157DE80C86E18
Requests: 28 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A364B97B253439B18D69E1EC643C654B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DB53CDA120836B587B760037102C1074
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df279ee14a1d25c8%2526domain%253Dwww.amigosecreto.com.br%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.amigosecreto.com.br%25252Ff14711b11e0daf4%2526relation%253Dparent.parent%26container_width%3D350%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FAmigoSecreto.com.br%26locale%3Dpt_BR%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue%26width%3D290
Frame ID: DF693609623AD8F1C3A2246103566E46
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C2D9EFB750790616C9207203DD3A81D5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B44E4079B45C0650BED1418BD1B664F6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

O site oficial do Sorteio de Amigo Secreto

Page URL History Show full URLs

http://www.amigosecreto.com.br/ HTTP 301
https://www.amigosecreto.com.br/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css
owl\.carousel.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

125
Requests

99 %
HTTPS

87 %
IPv6

15
Domains

24
Subdomains

24
IPs

3
Countries

3938 kB
Transfer

8554 kB
Size

16
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.instagram.com/amigosecretocombr

Search URL Search Domain Scan URL

URL: https://www.facebook.com/AmigoSecreto.com.br

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@amigosecretocombr

Search URL Search Domain Scan URL

URL: https://twitter.com/amigo_secreto

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/amigosecretocombr

Search URL Search Domain Scan URL

URL: http://blog.amigosecreto.com.br/
Title: Blog

Search URL Search Domain Scan URL

URL: http://amigosecreto.zendesk.com/hc
Title: Ajuda

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.amigosecreto.com.br/ HTTP 301
https://www.amigosecreto.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 118

https://www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df279ee14a1d25c8%26domain%3Dwww.amigosecreto.com.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.amigosecreto.com.br%252Ff14711b11e0daf4%26relation%3Dparent.parent&container_width=350&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FAmigoSecreto.com.br&locale=pt_BR&sdk=joey&show_facepile=true&small_header=true&width=290 HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df279ee14a1d25c8%2526domain%253Dwww.amigosecreto.com.br%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.amigosecreto.com.br%25252Ff14711b11e0daf4%2526relation%253Dparent.parent%26container_width%3D350%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FAmigoSecreto.com.br%26locale%3Dpt_BR%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue%26width%3D290

125 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.amigosecreto.com.br/
Redirect Chain

http://www.amigosecreto.com.br/
https://www.amigosecreto.com.br/

31 KB
8 KB

490ms
172ms

Document
text/html

66.232.27.51
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amigosecreto.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN174 (COGENT-174, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) / ASP.NET
Resource Hash: 663a4813fa0b3bc5a6739f224f4b6203b2d5e9bd76390dab13a6a3ac6c809b5f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private
content-encoding: gzip
content-type: text/html
date: Thu, 11 Jan 2024 08:31:29 GMT
expires: -1,Wed, 10 Jan 2024 08:31:28 GMT
pragma: no-cache
server: nginx/1.18.0 (Ubuntu)
x-powered-by: ASP.NET

Redirect headers

Connection: keep-alive
Content-Length: 178
Content-Type: text/html
Date: Thu, 11 Jan 2024 08:31:29 GMT
Location: https://www.amigosecreto.com.br/
Server: nginx/1.18.0 (Ubuntu)

GET
H2 200 owl.carousel.css
www.amigosecreto.com.br/js/plugins/owl-carousel/ 2 KB
2 KB 169ms
166ms Stylesheet
text/css 66.232.27.51
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amigosecreto.com.br/js/plugins/owl-carousel/owl.carousel.css?var=202312091230
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN174 (COGENT-174, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) / ASP.NET
Resource Hash: 78674c24919c24b1047cfcb448907e28a91281d511eb2a9c75433680f5ab4cdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:31:29 GMT
last-modified: Thu, 14 Dec 2017 23:24:43 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "802f9db83275d31:0"
x-powered-by: ASP.NET
content-type: text/css
accept-ranges: bytes
content-length: 2062

GET
H2 200 owl.theme.css
www.amigosecreto.com.br/js/plugins/owl-carousel/ 2 KB
2 KB 168ms
166ms Stylesheet
text/css 66.232.27.51
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amigosecreto.com.br/js/plugins/owl-carousel/owl.theme.css?var=202312091230
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN174 (COGENT-174, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) / ASP.NET
Resource Hash: a72843979d55dc4d5d9bcac65c18b3b75d753258c9fece915f49e9ad52a290b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:31:29 GMT
last-modified: Wed, 06 Sep 2017 19:24:56 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "0f465d24527d31:0"
x-powered-by: ASP.NET
content-type: text/css
accept-ranges: bytes
content-length: 1743

GET
H2 200 main.css
www.amigosecreto.com.br/css/themes/amigosecreto/ 378 KB
379 KB 168ms
165ms Stylesheet
text/css 66.232.27.51
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amigosecreto.com.br/css/themes/amigosecreto/main.css?var=202312091230
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN174 (COGENT-174, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) / ASP.NET
Resource Hash: 48645bc834b63daa7d6998fc161a75d14e9b456c2b5569f13d11a524fc55f399

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:31:29 GMT
last-modified: Sat, 09 Dec 2023 15:31:03 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "80d5fab7b42ada1:0"
x-powered-by: ASP.NET
content-type: text/css
accept-ranges: bytes
content-length: 387283

GET
H2 200 jquery-3.1.1.min.js Show response
www.amigosecreto.com.br/js/jquery/ 85 KB
85 KB 167ms
165ms Script
application/javascript 66.232.27.51
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amigosecreto.com.br/js/jquery/jquery-3.1.1.min.js
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN174 (COGENT-174, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) / ASP.NET
Resource Hash: 1cf30e59d21d4ae560af7143f5913efcc8222bcaa4fcc7508eb802b5faa9e94e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:31:29 GMT
last-modified: Tue, 28 Nov 2017 21:47:16 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "0caeb749268d31:0"
x-powered-by: ASP.NET
content-type: application/javascript
accept-ranges: bytes
content-length: 86713

GET
H2 200 owl.carousel.js Show response
www.amigosecreto.com.br/js/plugins/owl-carousel/ 87 KB
87 KB 166ms
164ms Script
application/javascript 66.232.27.51
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amigosecreto.com.br/js/plugins/owl-carousel/owl.carousel.js
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN174 (COGENT-174, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) / ASP.NET
Resource Hash: 5b7bda0af3dd9f5712d7b58867ae96898863dfa09ed16b1997ab6bba59a1f315

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:31:29 GMT
last-modified: Wed, 25 Nov 2020 03:08:50 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "08d214cd8c2d61:0"
x-powered-by: ASP.NET
content-type: application/javascript
accept-ranges: bytes
content-length: 88639

GET
H2 200 tether.min.js Show response
www.amigosecreto.com.br/css/bootstrap/dist/js/ 27 KB
27 KB 166ms
164ms Script
application/javascript 66.232.27.51
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amigosecreto.com.br/css/bootstrap/dist/js/tether.min.js
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN174 (COGENT-174, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) / ASP.NET
Resource Hash: 862f5e7bf96f53112e8d4b35edfe9aad7f88181ecc776db926bfe3e4a515f7aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:31:29 GMT
last-modified: Tue, 17 Oct 2017 16:35:14 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "0cd63e86547d31:0"
x-powered-by: ASP.NET
content-type: application/javascript
accept-ranges: bytes
content-length: 27498

GET
H2 200 bootstrap.min.js Show response
www.amigosecreto.com.br/css/bootstrap/dist/js/ 44 KB
44 KB 323ms
321ms Script
application/javascript 66.232.27.51
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amigosecreto.com.br/css/bootstrap/dist/js/bootstrap.min.js
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN174 (COGENT-174, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) / ASP.NET
Resource Hash: 8fe5ebbe44388c9f7d1e3d2924a3ebea4d110a0c430d24ecdcf06a2eb5f610c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:31:29 GMT
last-modified: Tue, 17 Oct 2017 16:35:14 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "0cd63e86547d31:0"
x-powered-by: ASP.NET
content-type: application/javascript
accept-ranges: bytes
content-length: 44735

GET
H2 200 scripts.js Show response
www.amigosecreto.com.br/js/ 36 KB
36 KB 167ms
165ms Script
application/javascript 66.232.27.51
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amigosecreto.com.br/js/scripts.js?var=202312091230
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN174 (COGENT-174, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) / ASP.NET
Resource Hash: b7fc0786acf28d7f98421dd6a445d55daad209e4fafc76d788e143dcf1c993e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:31:29 GMT
last-modified: Sat, 09 Dec 2023 15:32:43 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "809f95f3b42ada1:0"
x-powered-by: ASP.NET
content-type: application/javascript
accept-ranges: bytes
content-length: 36451

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 96 KB
29 KB 199ms
110ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a05d1383e867dd41784c6f739b31af0610e63049584066ef477e547047778de8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:31:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29235
x-xss-protection: 0
server: cafe
etag: 906 / 19733 / m202401030101 / config-hash: 1407827963928654873
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 08:31:30 GMT

GET
H2 200 logo-amigo-secreto.png
www.amigosecreto.com.br/images/themes/amigosecreto/ 21 KB
21 KB 166ms
165ms Image
image/png 66.232.27.51
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.amigosecreto.com.br/images/themes/amigosecreto/logo-amigo-secreto.png
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN174 (COGENT-174, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) / ASP.NET
Resource Hash: 4fa1fbb70e211f5034e5e72297a70b26290c8b6851d4d9253d304add87c5216c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:31:29 GMT
last-modified: Tue, 12 Sep 2023 16:33:04 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "06084cd96e5d91:0"
x-powered-by: ASP.NET
content-type: image/png
accept-ranges: bytes
content-length: 21159

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 150 KB
51 KB 177ms
89ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6260959165761598

Requested by

Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bad32c62c050489fa0a0c953824e749584e54c20ec66900b63c373b39c6b232a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.amigosecreto.com.br/
Origin: https://www.amigosecreto.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:31:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52002
x-xss-protection: 0
server: cafe
etag: 18239527859301031552
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Thu, 11 Jan 2024 08:31:30 GMT

GET
H2 200 jquery.cookie.js Show response
cdn.jsdelivr.net/jquery.cookie/1.1/ 2 KB
2 KB 132ms
50ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/jquery.cookie/1.1/jquery.cookie.js

Requested by

Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1440f1a09f9b2c13c4459191aa9e390b5efa998db377d60e5f88b4a1f6886805

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:31:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3546144
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230030-FRA
server: cloudflare
etag: W/"733-GTysKzh+kGKSffuPyT9NLnUvh6E"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LV9hdvuf%2FwydO8mRreL4lmPMXpg1CSTGYj6391CsWMZ4TddG5p1gKaUpbZx0lSXMtXtCCGY%2F60%2BgDnCLe9nOnEITqh0FsnF9BAGitiq5OJ4Etrewh%2B7fCW7JptbUuZ4FaHDx5vccugp2cgkZefM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 843bcdc3db4418cb-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 133 KB
51 KB 197ms
108ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-5699012-5

Requested by

Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a937e43b9bf533a9362664051f4b4ee0bb3d62c11733890b09bd592976261e02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:31:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 51860
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 11 Jan 2024 08:31:30 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 116 KB
45 KB 139ms
51ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NJXLM59

Requested by

Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0dc251b1b01de3b50f2bbfe46b7d63f3be83a47bb05cf04181d44655996c7de6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:31:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45637
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 Jan 2024 08:31:30 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
689 B 138ms
51ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu:300,400,700

Requested by

Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/css/themes/amigosecreto/main.css?var=202312091230

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2ff03a27b1279e642a25b88582f99925f26ac69149a1e828ad3cc862a455b3bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 11 Jan 2024 08:31:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 08:12:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Jan 2024 08:31:30 GMT

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
923 B 137ms
49ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Maven+Pro:wght@400;500;600&display=swap

Requested by

Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/css/themes/amigosecreto/main.css?var=202312091230

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

69471d73fdd7c16540c41a040ee1d68b7ea09d9bc3ab236392c4e1d728d13a20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 11 Jan 2024 08:31:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 08:31:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Jan 2024 08:31:30 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/pt_BR/ 3 KB
2 KB 221ms
133ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/sdk.js

Requested by

Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b25070c2620a132771a52c6c11decf1b70ed0f21a9a01ceee23584d00862b6b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 11 Jan 2024 08:31:30 GMT
content-md5: 1rX05AaTIlLSLga2oiSgAA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1685
reporting-endpoints
x-fb-debug: Pfz64rs2NPB1fQPDEIXo+vlKnwfr97nUJBaOZiOEi+oDXXIOsUWFCN2vWHQ9G/0ghVnE/jf9KUKAKLaE6/5Vkw==
x-fb-content-md5: a48759893bc160ce084e470b0e9ff438
cross-origin-opener-policy: same-origin-allow-popups
etag: "d3cb7970d0b16e1066f122ca433d10a5"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 11 Jan 2024 08:50:23 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 128ms
41ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b625d5a8adce0e637b3263a627b65445e87da3ec1e62aff4ff86869707ed4fe7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 11 Jan 2024 08:31:30 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54366
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: kTkpRf2HS9Uc97vntCE0ZPfLvvFo93y9TtA8neIJtfdMAERnIE3zEcdRe2XPpgMxGvPX3asBhM6IesRNn0LVuw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 patrocinadores.asp Show response
www.amigosecreto.com.br/ Frame 75B1 6 KB
2 KB 163ms
162ms Document
text/html 66.232.27.51
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amigosecreto.com.br/patrocinadores.asp
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN174 (COGENT-174, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) / ASP.NET
Resource Hash: 38699fdb185f665283d6d881454c2e22dd3554c4a79904305197bc5eddbd976d

Request headers

Referer: https://www.amigosecreto.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-transform, no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0, max-age=0
content-encoding: gzip
content-type: text/html
date: Thu, 11 Jan 2024 08:31:30 GMT
expires: -1,Wed, 10 Jan 2024 08:31:30 GMT
pragma: no-cache
server: nginx/1.18.0 (Ubuntu)
x-powered-by: ASP.NET

GET
H2 200 00_bco.asp Show response
www.amigosecreto.com.br/ Frame 6596 152 B
368 B 162ms
161ms Document
text/html 66.232.27.51
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amigosecreto.com.br/00_bco.asp
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN174 (COGENT-174, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) / ASP.NET
Resource Hash: b3e2621d3488907ae1ff1c956bb67960e9c0d4eabcca7db8660b80e7a7e48a7e

Request headers

Referer: https://www.amigosecreto.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-transform, no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0, max-age=0
content-encoding: gzip
content-type: text/html
date: Thu, 11 Jan 2024 08:31:30 GMT
expires: -1,Wed, 10 Jan 2024 08:31:30 GMT
pragma: no-cache
server: nginx/1.18.0 (Ubuntu)
x-powered-by: ASP.NET

GET
H2 200 home-bg-02.jpg
www.amigosecreto.com.br/images/themes/amigosecreto/ 154 KB
155 KB 160ms
160ms Image
image/jpeg 66.232.27.51
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.amigosecreto.com.br/images/themes/amigosecreto/home-bg-02.jpg
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN174 (COGENT-174, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) / ASP.NET
Resource Hash: c1282be42b8d2163c8d5b170521ce2f167ebfaabecbf4cc34e63299ee61dc651

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:31:30 GMT
last-modified: Sat, 08 Oct 2022 15:48:58 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "091577a2ddbd81:0"
x-powered-by: ASP.NET
content-type: image/jpeg
accept-ranges: bytes
content-length: 158042

GET
H2 200 tiktok.png
www.amigosecreto.com.br/images/themes/amigosecreto/icons/ 2 KB
3 KB 159ms
159ms Image
image/png 66.232.27.51
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.amigosecreto.com.br/images/themes/amigosecreto/icons/tiktok.png
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/css/themes/amigosecreto/main.css?var=202312091230
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN174 (COGENT-174, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) / ASP.NET
Resource Hash: 14c2c2d31549def425126ae4d7ab7ec66cc9f103770154c1f201bc99cc74a47f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/css/themes/amigosecreto/main.css?var=202312091230
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:31:30 GMT
last-modified: Sun, 13 Nov 2022 15:11:46 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "065d63e72f7d81:0"
x-powered-by: ASP.NET
content-type: image/png
accept-ranges: bytes
content-length: 2487

GET
H2 200 4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v20/ 34 KB
35 KB 127ms
39ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.amigosecreto.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 19:39:36 GMT
x-content-type-options: nosniff
age: 478314
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34852
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:31:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Jan 2025 19:39:36 GMT

GET
H2 200 fontawesome-webfont.woff2
netdna.bootstrapcdn.com/font-awesome/4.6.3/fonts/ 70 KB
71 KB 144ms
49ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/font-awesome/4.6.3/fonts/fontawesome-webfont.woff2?v=4.6.3

Requested by

Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/css/themes/amigosecreto/main.css?var=202312091230

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.amigosecreto.com.br/
Origin: https://www.amigosecreto.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:31:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1076
age: 330922
cdn-cachedat: 10/31/2023 18:59:59
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 71896
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "e6cf7c6ec7c2d6f670ae9d762604cb0b"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: a1d2d7eca4021c0e555aa25daf12c51d
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 843bcdc9d84fbbe6-FRA
cdn-requestpullsuccess: True

GET
H2 200 4iCv6KVjbNBYlgoCxCvjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ 29 KB
29 KB 174ms
87ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.amigosecreto.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 17:45:55 GMT
x-content-type-options: nosniff
age: 485135
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29752
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:05:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Jan 2025 17:45:55 GMT

GET
H2 200 4iCv6KVjbNBYlgoC1CzjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ 38 KB
38 KB 198ms
111ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoC1CzjsGyN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5515c53111bb4a4f45aff63d06df893ae9033dc85e82cc2ef27fc099a4d7609

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.amigosecreto.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 21:34:54 GMT
x-content-type-options: nosniff
age: 212196
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38752
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:04:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Jan 2025 21:34:54 GMT

GET
H2 200 00_bco.asp Show response
www.amigosecreto.com.br/ Frame 8173 152 B
368 B 163ms
163ms Document
text/html 66.232.27.51
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amigosecreto.com.br/00_bco.asp
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN174 (COGENT-174, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) / ASP.NET
Resource Hash: b3e2621d3488907ae1ff1c956bb67960e9c0d4eabcca7db8660b80e7a7e48a7e

Request headers

Referer: https://www.amigosecreto.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-transform, no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0, max-age=0
content-encoding: gzip
content-type: text/html
date: Thu, 11 Jan 2024 08:31:30 GMT
expires: -1,Wed, 10 Jan 2024 08:31:30 GMT
pragma: no-cache
server: nginx/1.18.0 (Ubuntu)
x-powered-by: ASP.NET

GET
H2 200 00_bco.asp Show response
www.amigosecreto.com.br/ Frame 9D6F 152 B
368 B 163ms
162ms Document
text/html 66.232.27.51
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amigosecreto.com.br/00_bco.asp
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN174 (COGENT-174, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) / ASP.NET
Resource Hash: b3e2621d3488907ae1ff1c956bb67960e9c0d4eabcca7db8660b80e7a7e48a7e

Request headers

Referer: https://www.amigosecreto.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-transform, no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0, max-age=0
content-encoding: gzip
content-type: text/html
date: Thu, 11 Jan 2024 08:31:30 GMT
expires: -1,Wed, 10 Jan 2024 08:31:30 GMT
pragma: no-cache
server: nginx/1.18.0 (Ubuntu)
x-powered-by: ASP.NET

GET
H2 200 jquery-1.4.2.min.js Show response
www.amigosecreto.com.br/js/ Frame 75B1 71 KB
71 KB 162ms
161ms Script
application/javascript 66.232.27.51
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amigosecreto.com.br/js/jquery-1.4.2.min.js
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/patrocinadores.asp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN174 (COGENT-174, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) / ASP.NET
Resource Hash: 6779927a414cbf0fe75402465415087eb51e26f9a5f466bd8c59ed2df157d9b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/patrocinadores.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:31:30 GMT
last-modified: Wed, 06 Sep 2017 19:24:56 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "0f465d24527d31:0"
x-powered-by: ASP.NET
content-type: application/javascript
accept-ranges: bytes
content-length: 72328

GET
H2 200 jquery.cycle.lite.1.0.min.js Show response
www.amigosecreto.com.br/js/plugins/ Frame 75B1 4 KB
4 KB 162ms
162ms Script
application/javascript 66.232.27.51
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amigosecreto.com.br/js/plugins/jquery.cycle.lite.1.0.min.js
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/patrocinadores.asp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN174 (COGENT-174, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) / ASP.NET
Resource Hash: 924590d6c568380e23b9397b8e4b7f23e4df43b6a98d9675e3eea5be3bc6834e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/patrocinadores.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:31:30 GMT
last-modified: Wed, 06 Sep 2017 19:24:56 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "0f465d24527d31:0"
x-powered-by: ASP.NET
content-type: application/javascript
accept-ranges: bytes
content-length: 3890

GET
H2 200 site.css
www.amigosecreto.com.br/css/ Frame 75B1 131 KB
131 KB 162ms
161ms Stylesheet
text/css 66.232.27.51
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amigosecreto.com.br/css/site.css
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/patrocinadores.asp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN174 (COGENT-174, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) / ASP.NET
Resource Hash: 5e5d7e6238432e3af5259d422eceda37eb083bd792d40c662a6f13f586348f87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/patrocinadores.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:31:30 GMT
last-modified: Wed, 29 Nov 2023 22:22:34 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "0f1d48c1223da1:0"
x-powered-by: ASP.NET
content-type: text/css
accept-ranges: bytes
content-length: 133754

GET
H2 200 hotjar-2766609.js Show response
static.hotjar.com/c/ 9 KB
4 KB 160ms
70ms Script
application/javascript 108.138.7.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2766609.js?sv=6

Requested by

Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-127.fra56.r.cloudfront.net

Software

Resource Hash

79898ad55cca58e6e9ba8eecf2cc6c0b7335226fea3080497277827d26c76f9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:31:31 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 def5acc189db6e2856a956225d5cd100.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
etag: W/e3787f2a7a55ea47333ffcba1c759cee
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: IPlJzb7v-dCKRtJkt8VEXwija_h0aB14fgtxOzdFwFKiJs-1H5ZQFA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 188 KB
68 KB 54ms
53ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-5699012-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJXLM59

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9f4f3402418e58a9bb4bfa86c4d94e3d54c23dd5708de74d62498a014853c5d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:31:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69495
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 Jan 2024 08:31:30 GMT

GET
H2 200 788304701281929 Show response
connect.facebook.net/signals/config/ 139 KB
36 KB 170ms
169ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/788304701281929?v=2.9.139&r=stable&domain=www.amigosecreto.com.br

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

076336fdd4c5acfa3555badec27bf1d55f370ead418e5500427179c5c782c0e4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 11 Jan 2024 08:31:31 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: pVwDhqU0cCyGo5L8Pi5KCtv3YDxdbgJvZEdd1NtE8ppqWiI45n5wvKnYIzHki0DKzslFdpjcjTIsDrm5fFSKSQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/ 403 KB
136 KB 194ms
114ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6260959165761598&plah=www.amigosecreto.com.br

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6260959165761598

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

371ea552be761dc2a215b59fafc2213a9cf3cadfead0c6d51df7959d3be058cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:31:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139436
x-xss-protection: 0
server: cafe
etag: 10826021377605569600
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 08:31:31 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/ Frame 3BD2 9 KB
4 KB 128ms
40ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6260959165761598

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.amigosecreto.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 19697
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 03:03:14 GMT
etag: 9219409622527106327
expires: Thu, 25 Jan 2024 03:03:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/ 436 KB
137 KB 126ms
40ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

292c4b31226660d43c28401602552c41ee62725a14405471e49b069251908026

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 09:35:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82558
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140053
x-xss-protection: 0
server: cafe
etag: 1469350900164882112
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 09 Jan 2025 09:35:33 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/pt_BR/ 303 KB
86 KB 81ms
40ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/sdk.js?hash=45fbeefbc2317f51bd611418c2aea5f1

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a318ade81739d2989dfbf8b5a0b9c03a84a5c792afb8edd411998e1b771c7aa0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.amigosecreto.com.br/
Origin: https://www.amigosecreto.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 11 Jan 2024 08:31:31 GMT
content-md5: pc9tjuED0+Aa8gDJ/tn2HA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88428
reporting-endpoints
x-fb-debug: ge9wWn6JQxwkjqshxEjZOXOxl9ejAHbpQES++YcniG/35q8BTHkZ+Gx/MKiFHKHksfFCLEmLHXVg0QUbj9Bs8g==
x-fb-content-md5: 4067e44328a86b79778c4d5a59936552
cross-origin-opener-policy: same-origin-allow-popups
etag: "97896521f94c778dbeb5d50ab71c382b"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Fri, 10 Jan 2025 07:55:48 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 242 KB
84 KB 56ms
55ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MH0ZFXE61K&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-5699012-5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e5cff0fb3482152d0924088d7535b934bfc80a58bd84b7d83bb0c2694049ec69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:31:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85682
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 11 Jan 2024 08:31:31 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 75B1 97 KB
29 KB 118ms
117ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/patrocinadores.asp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9462c4d9c42d54044fb22924e445d0dab8ac0c8a0d254fda5158138b7d9c0ec6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:31:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29463
x-xss-protection: 0
server: cafe
etag: 648 / 19733 / 31080366 / config-hash: 1407827963928654873
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 08:31:31 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 269 KB
90 KB 62ms
62ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-J2TS8EPKY3&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-5699012-1&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c1644925b7ca4193188ce5a6a0af394d1c1d34a9afc0cb2a671cb739ee3e1173

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:31:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92204
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 11 Jan 2024 08:31:31 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 127ms
39ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-5699012-1&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 11 Jan 2024 07:48:17 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2594
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 11 Jan 2024 09:48:17 GMT

GET
H2 200 modules.abdef350bc65bc59cb61.js Show response
script.hotjar.com/ 220 KB
55 KB 134ms
48ms Script
application/javascript 13.32.27.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.abdef350bc65bc59cb61.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2766609.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-107.fra56.r.cloudfront.net

Software

Resource Hash

5fc7c56821ed5ac0a40aecde186c558d6b846831cbd483f434ed862fd1b955c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 10:38:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 aff6ac5c98fa897349204752e5877c80.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 251605
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55659
last-modified: Mon, 08 Jan 2024 10:37:27 GMT
etag: "80c44d9c04a527e3fdaa01818eb305c1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 2Dyp_-uJ8VO3y9NLl4wwBZ557F-uckzGUGSxookMdZd2O1elq6yUeQ==

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 127ms
39ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=788304701281929&ev=PageView&dl=https%3A%2F%2Fwww.amigosecreto.com.br%2F&rl=&if=false&ts=1704961891194&sw=1600&sh=1200&v=2.9.139&r=stable&ec=0&o=4126&fbp=fb.2.1704961891191.925979209&cs_est=true&ler=empty&it=1704961890991&coo=false&rqm=GET

Requested by

Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 11 Jan 2024 08:31:31 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401090101/ Frame 75B1 437 KB
138 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401090101/pubads_impl.js?cb=31080366

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93abbe9a158ffb11fd2ba05dddff30ed3d7205bed155ff90160287f353cb749b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 21:55:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38153
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140647
x-xss-protection: 0
server: cafe
etag: 6083039351134279638
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 09 Jan 2025 21:55:38 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
259 B 135ms
48ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-MH0ZFXE61K&gtm=45je4180v887988591&_p=1704961889805&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=81466539.1704961891&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1704961891&sct=1&seg=0&dl=https%3A%2F%2Fwww.amigosecreto.com.br%2F&dt=O%20site%20oficial%20do%20Sorteio%20de%20Amigo%20Secreto&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2433
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MH0ZFXE61K&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 08:31:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.amigosecreto.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
259 B 137ms
48ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-J2TS8EPKY3&gtm=45je4180v878338784&_p=1704961889805&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=81466539.1704961891&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1704961891&sct=1&seg=0&dl=https%3A%2F%2Fwww.amigosecreto.com.br%2F&dt=O%20site%20oficial%20do%20Sorteio%20de%20Amigo%20Secreto&en=page_view&_fv=1&_ss=1&tfd=2505
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J2TS8EPKY3&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 08:31:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.amigosecreto.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
259 B 144ms
47ms Ping
text/plain 2a00:1450:400c:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-J2TS8EPKY3&cid=81466539.1704961891&gtm=45je4180v878338784&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J2TS8EPKY3&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1d::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 08:31:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.amigosecreto.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 138ms
51ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-J2TS8EPKY3&cid=81466539.1704961891&gtm=45je4180v878338784&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=320719140

Requested by

Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 08:31:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
211 B 48ms
47ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=774423462&t=pageview&_s=1&dl=https%3A%2F%2Fwww.amigosecreto.com.br%2F&ul=en-us&de=windows-1252&dt=O%20site%20oficial%20do%20Sorteio%20de%20Amigo%20Secreto&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=724739286&gjid=2080022525&cid=81466539.1704961891&tid=UA-5699012-1&_gid=1621851629.1704961891&_r=1&gtm=457e4180&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=797470566

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.amigosecreto.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 08:31:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.amigosecreto.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 165 KB
31 KB 96ms
96ms Fetch
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3964506096998695&correlator=2911069714250239&eid=31079783%2C31068825&output=ldjh&gdfp_req=1&vrg=202401030101&ptt=17&impl=fifs&iu_parts=18364646%2CAmigoSecreto_300x250_Footer%2CAmigoSecreto_320x50_Header%2Cdestaque-home-deslogada&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=300x250%2C320x50%2C1140x300&ifi=2&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1704961891396&lmt=1704961891&adxs=1030%2C-9%2C230&adys=1604%2C-9%2C1289&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C-1%7C2&ucis=1%7C2%7C3&oid=2&tos=~~&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.amigosecreto.com.br%2F&vis=1&psz=350x250%7C0x-1%7C1600x1589&msz=300x-1%7C0x-1%7C1600x-1&fws=0%2C2%2C0&ohw=0%2C0%2C0&ga_vid=81466539.1704961891&ga_sid=1704961891&ga_hid=774423462&ga_fc=true&dlt=1704961889787&idt=1584&adks=805912551%2C3879938239%2C2407005826&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

473a782075aef21c05fb0f7d61060130a86b7f22100a4f7ddcf519d8909165cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:31:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31342
x-xss-protection: 0
google-lineitem-id: 6419108810,6416232924,6420039517
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138455924140,138455383382,138456252925
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.amigosecreto.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
8b2ef45b3f554aa501ab6d2a6c3964b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 65F6 6 KB
3 KB 164ms
48ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8b2ef45b3f554aa501ab6d2a6c3964b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.amigosecreto.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 08:31:31 GMT
expires: Fri, 10 Jan 2025 08:31:31 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 22D6 6 KB
1 KB 103ms
102ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6260959165761598&output=html&adk=1812271804&adf=3025194257&lmt=1704961891&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x810_l%7C500x810_r&format=0x0&url=https%3A%2F%2Fwww.amigosecreto.com.br%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=0.8&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704961891010&bpp=4&bdt=1224&idt=451&shv=r20240109&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8506179326207&frm=20&pv=2&ga_vid=81466539.1704961891&ga_sid=1704961891&ga_hid=774423462&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320239%2C44795922%2C95320889&oid=2&pvsid=3964506096998695&tmod=67459235&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=467

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6260959165761598&plah=www.amigosecreto.com.br

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a72fe46a82a96e238471bfc5f98247d714b8438862f05ccbf69bcf6d84d7aee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.amigosecreto.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 1156
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 08:31:31 GMT
expires: Thu, 11 Jan 2024 08:31:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 75B1 62 KB
22 KB 91ms
91ms Fetch
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3560591162960456&correlator=2619937837745114&eid=31079926%2C31079956%2C95320408%2C31080366%2C44780989%2C31079527%2C31080116&output=ldjh&gdfp_req=1&vrg=202401090101&ptt=17&impl=fifs&iu_parts=18364646%2CAmigoSecreto_Patrocinio3%2CAmigoSecreto_Patrocinio1&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=180x180%2C180x180&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&cdm=www.amigosecreto.com.br&abxe=1&dt=1704961891515&lmt=1704961891&adxs=710%2C-12245933&adys=1731%2C-12245933&biw=1600&bih=1200&isw=180&ish=180&scr_x=0&scr_y=0&btvi=1%7C-1&ucis=ssb3nr1p389k%7Ckhx3k0w413y4&oid=2&tos=~&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fwww.amigosecreto.com.br%2Fpatrocinadores.asp&ref=https%3A%2F%2Fwww.amigosecreto.com.br%2F&top=https%3A%2F%2Fwww.amigosecreto.com.br%2F&vis=1&psz=180x-1%7C180x-1&msz=180x-1%7C0x-1&fws=256%2C384&ohw=0%2C0&ea=0&ga_vid=81466539.1704961891&ga_sid=1704961892&ga_hid=1095148852&ga_fc=true&dlt=1704961890902&idt=588&adks=2641534900%2C155391808&frm=23

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401090101/pubads_impl.js?cb=31080366

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa2703662797d5424d131fbaf9a935127d3258bedaa7037d049a6bb04d5a0c0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:31:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22747
x-xss-protection: 0
google-lineitem-id: -2,75031606
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,67698098686
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.amigosecreto.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
39d8c44d2cc16f77222a0cf2281b3f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F3A0 6 KB
3 KB 76ms
47ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://39d8c44d2cc16f77222a0cf2281b3f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401090101/pubads_impl.js?cb=31080366

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.amigosecreto.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 08:31:31 GMT
expires: Fri, 10 Jan 2025 08:31:31 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 44C2 0
0 80ms
80ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstHsp9SQKY7VePQelcp0Wx5Q8jku8rMtH64QBwm3YLF0kp1guM2SluBqY1NW4rluMnfmzCTROW9T4rOi2GPnQQV9pRozFzseZYefLUQ0acbrS_9eQuf6a-k5iS2j5onujtx0n6QtWGocHO3o1qPagfHpxrk5tVYEGP_frTkoJQ7Jh0fMOcAQaJVTP6QuuEriR0QhJGFUPg5SlUmCQMv-V5rl3gSxXtQS2TTCH9flBrIWZR1Kb60SikWGpqxW5QbnmajeQ84U4B2C5s8bgocJbRvnWqHfXQv7X2Awl6LLQMQFi2RC_Q92RXWAgzZxjm19PS9DKBpTXr6KHUqcqPoMFW9X1ZzIUOlL1cGKBsjhJNHB-qWCCGPig&sai=AMfl-YQraQGxteSwarjW-bhCoz4XmRet0wuFGZxYd6kUxweXi9B3cbaaHd6e3KOrMah-Hm0m--ZRjIm6Qtk5ASWOKUTBzdw5Tgq016XSAFQVx42NvwK9i6h_h6WkuHB3d_Y6yvCyqhsLjZKXWlguK3U00yEt&sig=Cg0ArKJSzLjglR1wpOWEEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:31:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 11 Jan 2024 08:31:31 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame 44C2 23 KB
9 KB 143ms
40ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 23:06:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33924
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 23:06:07 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 44C2 3 KB
1 KB 149ms
46ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 07:44:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2842
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 07:44:09 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 44C2 205 KB
65 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:31:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Jan 2024 08:31:31 GMT

GET
H2 200 1375080895305302418
tpc.googlesyndication.com/simgad/ Frame 44C2 9 KB
10 KB 158ms
57ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1375080895305302418

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ea8703d61bfd69a2fa60a1008bcb44dc6606a9b4b44030005b11dcd2b2bfb7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
date: Thu, 11 Jan 2024 08:31:31 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9624
x-xss-protection: 0
last-modified: Thu, 23 Nov 2023 23:08:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 10 Jan 2025 08:31:31 GMT

GET
H2 200 container.html Show response
8b2ef45b3f554aa501ab6d2a6c3964b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A735 6 KB
3 KB 43ms
43ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8b2ef45b3f554aa501ab6d2a6c3964b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.amigosecreto.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 08:31:31 GMT
expires: Fri, 10 Jan 2025 08:31:31 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 44C2 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 215d630fe4e983e94be7c390a9b13a4ed9d82cc42ee9b620a940bcab24456b55

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ca-pub-6260959165761598 Show response
fundingchoicesmessages.google.com/i/ 183 KB
61 KB 185ms
74ms Script
application/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-6260959165761598?ers=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0642623fc7f39b4068725e076e3393747f3b3c2044b0350b51460de1e29dffb6

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-yYJW4V1gMq4PhP1wvnf31g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:31:31 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-yYJW4V1gMq4PhP1wvnf31g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 75B1 16 KB
12 KB 96ms
95ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401090101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401090101/pubads_impl.js?cb=31080366

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd763c7ef2588bd2782997f3eddcb46418fb68760c224538a19d9affd140aff9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:31:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12158
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0FBF 0
0 79ms
79ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssvMz14sFmiTRTm_qPSuCyrWoKFPb9SnXcgpYA7bGD7PKnOYDeVDO5ZY6VXypyazXUr8Zvjd2ninEsrIngmHsKNSHJ5btotrCzbRtExpVfLl_IcYd3pjh3qN24x-Pbvj4gwvaKEfUDBYG_isHcuDbM0VRXU8Wk72VJwW916iQhiIlgI-sv6TAKQuikw1Rgy_-iDBCE0MOQeMwK6Ii0Igvhr6rZwa4JwMrHT1tuXOn5zTDwj4pWTncx1OUWearu_H98hX-IiYkUmkXxCs8b-piF9Sez8lo4UIoJKG7mitPKnRG5XR5D-fL4LHa9_8b95-jTyaa0TnYHehJdD24EawgdG9WNZVi73GQukFguShzCmP8w&sai=AMfl-YSKfAaIqx3KmicYMxlwS0dsIKKJy7DmfzS4dL3mhUp3VFq1Gnc4P0x0cNAN7js3hnamePZ5upZTMvkgRvlq_Mw7gJ9VPpYDrjEjoqueUt8vH6FRv3owNhuy0WAIzXw&sig=Cg0ArKJSzGhNPp-ZvOeZEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:31:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame 0FBF 23 KB
9 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401090101/pubads_impl.js?cb=31080366

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 23:06:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33924
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 23:06:07 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 0FBF 3 KB
1 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401090101/pubads_impl.js?cb=31080366

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 07:44:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2842
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 07:44:09 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0FBF 205 KB
65 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401090101/pubads_impl.js?cb=31080366

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:31:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Jan 2024 08:31:31 GMT

GET
H2 200 7783409155183645356
tpc.googlesyndication.com/simgad/ Frame 0FBF 6 KB
6 KB 55ms
54ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7783409155183645356

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401090101/pubads_impl.js?cb=31080366

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e947a34e3241a8fa04ba18016cd7f89c56130e69e3724f6cc242ceceb825d557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Fri, 10 Jan 2025 02:37:22 GMT
date: Thu, 11 Jan 2024 02:37:22 GMT
x-content-type-options: nosniff
age: 21249
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6169
x-xss-protection: 0
last-modified: Thu, 22 Oct 2020 22:46:32 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 204 l
www.google.com/ads/measurement/ Frame 0FBF 0
0 136ms
48ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS1XO-qvChcVhN2suCJRn7fGcNsWrtnz9Sdv0EM16HmVLsrNOIB2zw7BgaEe4RxTpQV-FwR0tMt3x4_z8QiwQ4tWTiCjg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401090101/pubads_impl.js?cb=31080366
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 75ms
75ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pfeu&evt=place&vh=1200&eid=44759875%2C44759926%2C95320239%2C44795922%2C95320889&hl=pt&pvc=3964506096998695

Requested by

Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 08:31:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame A735 24 KB
7 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 8b2ef45b3f554aa501ab6d2a6c3964b0.safeframe.googlesyndication.com
URL: https://8b2ef45b3f554aa501ab6d2a6c3964b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8b2ef45b3f554aa501ab6d2a6c3964b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:45:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 171950
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 08 Jan 2025 08:45:41 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame A735 205 KB
65 KB 67ms
66ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 8b2ef45b3f554aa501ab6d2a6c3964b0.safeframe.googlesyndication.com
URL: https://8b2ef45b3f554aa501ab6d2a6c3964b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8b2ef45b3f554aa501ab6d2a6c3964b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:31:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Jan 2024 08:31:31 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 44C2 0
0 167ms
85ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstUxa815IJxGLxfOk92168mHto7ZWxrD_pmeoXaVdTBy56WPYNZmiUo_AZK5IlM59cQwVDoXTzd5KoLwoCA_NY14DTLpHxgJ2A6DUTbI7PdDxWjyQA2mYYoL8PuhIv_wNluo7mnL8ZNqwDBmNqZECkZtjdDD_r7AsRSAy-8io53H4oBCaYXN9TayDxMWPHvq6xEdXAbT6VgBvHXWynD87g_1-ImekEbyKgBXOl_MK5y6-ZQyakCL2f3P-dsd-5-fuFJFKUaUTXmrkNaIKR7rgESsqCNu4FJ4IbfcUNfmQksZprLoaAdFtAv4iXLx-JrnTEC8739MJ57mPnIteFDKbA4iDBTFw6MTaHzuP0oDCykHlSfQSttybW4&sai=AMfl-YRrFJ1OynCOf4H4LcG7YcVuQIWxZgndQIXKJzUKt4kfYlP-mTNC9ewXxfs5FCOLsi6yrFxxj7iXosxWYizQBaEBeBg5Um-grN_-w3_E6HHjNUCiBJRdmlCyRBYMBrJEiJvhjNYI9uL0QZYmNYGyhyGW&sig=Cg0ArKJSzNlg7uO_MamEEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:31:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 11 Jan 2024 08:31:31 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 75B1 17 KB
7 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401090101/pubads_impl.js?cb=31080366

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:31:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 11 Jan 2024 08:31:31 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A735 0
0 79ms
78ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv2LOoD3eMKUDATROo3mT1j88utm8SrVLl7v9Ambf_iaqBTRkPOmLdoWFhFGHGyBnqj3Fal1vTUjbvbZzc__eJZW8e9n26IS7LAcJS8Ay_aPASQnwBRT5oRZ8KWapWO7CQzNVIUalT2AfpSOYYr1uY3tccQ7Xe20A8uXS1_XsDv6lWukP9gpAkYM0nkjclUvILhs2iYPFrxsLfcWA2z48Gd4AfpuKYsl8clZESC7VERoCebfMSHoOS5TtJphapvJDu895tFHZlqzLSEv7N_zXSty9A2JNPYV_AqcniEjjLUJykDpdxUrDi83gwy3YtDfyKCrHXcMOenHiPbWkutV5rj15iy2utc9SPkDj1UHxTY9CU&sai=AMfl-YT4JwZ3_9LeVWFaX3UHDyc69N62UtuiJDgDGhHRtArNQa2gkdvFA5uATkXjs-GnietgMqf-gsOXMRrKaPAgm0vPwGZH8SINMSzkavGmQBAsoPg-OOOwHt_tkEtyrLPKGdXUMJmai60T-wHJ6tIIfdaz&sig=Cg0ArKJSzPdgSvLpob0hEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: 8b2ef45b3f554aa501ab6d2a6c3964b0.safeframe.googlesyndication.com
URL: https://8b2ef45b3f554aa501ab6d2a6c3964b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8b2ef45b3f554aa501ab6d2a6c3964b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:31:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 / Show response
www.amigosecreto.com.br/presentes/destaque/insider/ Frame 1962 59 KB
13 KB 194ms
192ms Document
text/html 66.232.27.51
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amigosecreto.com.br/presentes/destaque/insider/
Requested by: Host: 8b2ef45b3f554aa501ab6d2a6c3964b0.safeframe.googlesyndication.com
URL: https://8b2ef45b3f554aa501ab6d2a6c3964b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN174 (COGENT-174, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: bdfed152e3fe0308a592c5dab5531527d4494477bc323e328d7cd8315cbe892a

Request headers

Referer: https://8b2ef45b3f554aa501ab6d2a6c3964b0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=3600, public
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 11 Jan 2024 08:31:31 GMT
etag: "be7a354ffe3381a8f038d7ae73b083fb"
last-modified: Thu, 11 Jan 2024 08:31:31 GMT
pragma: public
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0FBF 0
0 89ms
85ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstpRxeZnQ5-lkvelmDSIT7Z0UQZpm_nq45J_L-__CSGWf7dfTIRuJw0OUteUWcT2GsLptfGxrU389V1dLnZRLk3gtrqemx0mYtuqBMjTRcK7k2tZANpy0JpTD_U35GHkM-kEaRCBc7qes3m_TlI7f7a9Vi222hd4jJJXtTG1lfRBWpjY2__jYCSUghj7UMa1r-SlsoXjKIC6CJqs5h7cGsG4hIB-2wNe2hnvrIAm1n3oFMYNR9qQCOH5vzGB5NxIGDyb2gm3IyYTL2Lcvu2ONRBqP1gFN7VlsGpzQp3FpjKrARUMcXaDEghiBseRKJ_vSM3CoHL8ytoJahYlXCZer3CVzo4YXn977MXSPX4O5rGJYKlpw&sai=AMfl-YQj9-dXO6ewwgKlR7xk7oRBSuaineif2iQfL792PcCh5AfaNZ4h_VamMoxEkDhFJFoUc7qMKIqXIU9tzuNtrVQmYlj6YQIofHEw2LbTnpTP12bW3d5SeNQ687hkeUs&sig=Cg0ArKJSzHIFD-NZMuCQEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:31:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 11 Jan 2024 08:31:31 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A735 0
0 78ms
78ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvNNoKJc4RNGHybXiAfLUci25VwCh3mp5N36i7OmJ4-DpG3Nug5roAVbt7k5o60T6WLdRiLt_tUDxP_mQaGbQWPaizqZxVeWkAplo3GYJZHcSzuBqQs3VVHQsgk77eN1FLKWVWRUeBozCnAcJwuMiHJ5-Trtj26-j2wIdH39wpn9xN6uiaWnpX4ysL6oK3PyYgIpll7KyD94H6HHWNsKp3j9F6zzjjIK4_BD_NQoPLq1F75C_MDpJ7Tg7ns-AzV1H3khoXzVLHkQDbZb5RT1XAnbNaaLwlsu3fo2u5bLJ-_BFW2V0_Xm35JFr3eadOmZzao7GniowESXk-__kTE9uUd-45GDFRTkIwC5Wa8Lrw7gpxrMw&sai=AMfl-YRw2d_aBsAzUMrto66eevYqJAzlXG8B8Lev4D1cs3P7IKEXuT-jfmZ4MCHg8lb11yzSMQAjm7abHJAwGV0_wFbwVtcvF-5mMAiEEdPFhDHWBayouCqhSBqi7mUcxRl9SSomSFh1l6r2Ldc3Vuuw-2ee&sig=Cg0ArKJSzJPACbiOHTHIEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8b2ef45b3f554aa501ab6d2a6c3964b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:31:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 11 Jan 2024 08:31:31 GMT

GET
DATA 200
OK truncated
/ Frame A735 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5bed93160bfdb45ba6168822f13f02378b6ad8e7e3c529879a2324bb8f542af7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A364 13 KB
5 KB 43ms
42ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.amigosecreto.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2381
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 07:51:50 GMT
expires: Fri, 10 Jan 2025 07:51:50 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DB53 829 B
1 KB 52ms
51ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

88c117050986495112206cfd6fc55457c34f812f07b543eebd1554846108b6e5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wlXDK51Lo8-Irb5oftJmZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.amigosecreto.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-wlXDK51Lo8-Irb5oftJmZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 08:31:31 GMT
expires: Thu, 11 Jan 2024 08:31:31 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 AGSKWxUZuMpUxV4x_lvOz7DwvSVxu0UT_pJ76PNWcJtL4Wlm_9OChjQBm_p-yOh1vxR2UabpWB2c_qUM8UD6rsFiLnm1BDPueCUcNqS_E8u4GlQJy3SW3_2tER55Ci8gIpQySpSdgWQazw== Show response
fundingchoicesmessages.google.com/f/ 405 KB
60 KB 162ms
162ms Script
application/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUZuMpUxV4x_lvOz7DwvSVxu0UT_pJ76PNWcJtL4Wlm_9OChjQBm_p-yOh1vxR2UabpWB2c_qUM8UD6rsFiLnm1BDPueCUcNqS_E8u4GlQJy3SW3_2tER55Ci8gIpQySpSdgWQazw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA0OTYxODkxLDkzMTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cuYW1pZ29zZWNyZXRvLmNvbS5ici8iLG51bGwsW1s4LCJ1UHpYczVIaU5EWSJdLFs5LCJkZSJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMSJdLFsxNywiWzBdIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.uPzXs5HiNDY.es5.O/am=wA/d=1/rs=AJlcJMxpdhWtJQg77_QAWgHkb9bc5DQpDg/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1a8c6325b0b89baa93899a73f1fac4e321f8a421a9bea8655d27de53848103ae

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-9ad3d50vFJqRB02tTp2O5Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:31:32 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-9ad3d50vFJqRB02tTp2O5Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 op3-reboot.css
www.amigosecreto.com.br/presentes/wp-content/plugins/op-builder/public/assets/css/ Frame 1962 4 KB
4 KB 164ms
161ms Stylesheet
text/css 66.232.27.51
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amigosecreto.com.br/presentes/wp-content/plugins/op-builder/public/assets/css/op3-reboot.css?ver=3670bcb7b6ff7f5812f99d7f51f4f643
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/presentes/destaque/insider/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN174 (COGENT-174, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 665273a9b548830b3ae7acda2d45d9dd61a2bbb5223ebeaf37e5cb12bb4ac7c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/presentes/destaque/insider/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:31:32 GMT
last-modified: Tue, 12 Dec 2023 18:25:46 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "6578a5aa-e65"
content-type: text/css
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 3685
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 page-819.css
www.amigosecreto.com.br/presentes/wp-content/plugins/op-builder/public/assets/cache/ Frame 1962 22 KB
22 KB 163ms
160ms Stylesheet
text/css 66.232.27.51
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amigosecreto.com.br/presentes/wp-content/plugins/op-builder/public/assets/cache/page-819.css?ver=3058f47ae318bfc872e1f87a191e54bb
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/presentes/destaque/insider/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN174 (COGENT-174, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 015d323035f6083e8680971eb381dc4e2a4a6426ca30fb05c0288ba525896e90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/presentes/destaque/insider/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:31:32 GMT
last-modified: Tue, 19 Dec 2023 03:01:02 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "6581076e-5883"
content-type: text/css
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 22659
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 smartslider.min.css
www.amigosecreto.com.br/presentes/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/ Frame 1962 22 KB
22 KB 164ms
160ms Stylesheet
text/css 66.232.27.51
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amigosecreto.com.br/presentes/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/smartslider.min.css?ver=78442573
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/presentes/destaque/insider/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN174 (COGENT-174, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 92b3f4acfaebc2783b3278da66519618a5dfc33d413ebcfe846a270e73eb1c1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/presentes/destaque/insider/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:31:32 GMT
last-modified: Fri, 17 Nov 2023 12:41:36 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "65575f80-5643"
content-type: text/css
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 22083
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 1962 6 KB
827 B 86ms
83ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?display=swap&family=Ubuntu%3A300%2C400%7CPoppins%3A300%2C400

Requested by

Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/presentes/destaque/insider/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

de9d3939c61738ea474fe375be07232fb51b5090888351263a3498754ed8c16f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 11 Jan 2024 08:31:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 08:31:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Jan 2024 08:31:32 GMT

GET
H2 200 jquery.min.js Show response
www.amigosecreto.com.br/presentes/wp-includes/js/jquery/ Frame 1962 86 KB
86 KB 162ms
160ms Script
application/javascript 66.232.27.51
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amigosecreto.com.br/presentes/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/presentes/destaque/insider/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN174 (COGENT-174, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/presentes/destaque/insider/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:31:32 GMT
last-modified: Tue, 07 Nov 2023 20:04:04 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "654a9834-15601"
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 87553
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tracking.js Show response
www.amigosecreto.com.br/presentes/wp-content/plugins/op-dashboard/public/assets/js/ Frame 1962 746 B
963 B 163ms
161ms Script
application/javascript 66.232.27.51
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amigosecreto.com.br/presentes/wp-content/plugins/op-dashboard/public/assets/js/tracking.js?ver=1.0.100
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/presentes/destaque/insider/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN174 (COGENT-174, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 820104d2635b6142cd4ad4bfc096f7bd1aa757a8150380730fde125cc1bc9e43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/presentes/destaque/insider/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:31:32 GMT
last-modified: Tue, 12 Dec 2023 18:26:49 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "6578a5e9-2ea"
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 746
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 1962 133 KB
51 KB 156ms
154ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-5699012-5

Requested by

Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/presentes/destaque/insider/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a937e43b9bf533a9362664051f4b4ee0bb3d62c11733890b09bd592976261e02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:31:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 51860
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 11 Jan 2024 08:31:32 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 1962 150 KB
51 KB 186ms
186ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6260959165761598&host=ca-host-pub-2644536267352236

Requested by

Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/presentes/destaque/insider/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

024ca5fb7792f6fa4ace20a64205bce1b182b40bc0310c9605eb9be526fbecf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.amigosecreto.com.br/
Origin: https://www.amigosecreto.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:31:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51744
x-xss-protection: 0
server: cafe
etag: 823270367021021423
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 08:31:32 GMT

GET
H2 200 n2.min.js Show response
www.amigosecreto.com.br/presentes/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/ Frame 1962 40 KB
41 KB 227ms
224ms Script
application/javascript 66.232.27.51
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amigosecreto.com.br/presentes/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/n2.min.js?ver=78442573
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/presentes/destaque/insider/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN174 (COGENT-174, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: d2da9c717c6544d3681599d64e4d2d7a015b92abd6159f086b6c36df8d82d56d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/presentes/destaque/insider/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:31:32 GMT
last-modified: Fri, 17 Nov 2023 12:41:36 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "65575f80-a1bb"
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 41403
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 smartslider-frontend.min.js Show response
www.amigosecreto.com.br/presentes/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/ Frame 1962 111 KB
112 KB 226ms
223ms Script
application/javascript 66.232.27.51
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amigosecreto.com.br/presentes/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/smartslider-frontend.min.js?ver=78442573
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/presentes/destaque/insider/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN174 (COGENT-174, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f25e5ba6d1bebbd94a7dcaecb99dbdfa7566f53c75f7a46cbea21221fcaf84ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/presentes/destaque/insider/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:31:32 GMT
last-modified: Fri, 17 Nov 2023 12:41:36 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "65575f80-1bcfc"
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 113916
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ss-simple.min.js Show response
www.amigosecreto.com.br/presentes/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Slider/SliderType/Simple/Assets/dist/ Frame 1962 13 KB
13 KB 227ms
224ms Script
application/javascript 66.232.27.51
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amigosecreto.com.br/presentes/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Slider/SliderType/Simple/Assets/dist/ss-simple.min.js?ver=78442573
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/presentes/destaque/insider/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN174 (COGENT-174, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: ca6ef142765010507ac8c344ee29295e28bf2b93a06c536f14fdd91deff6a697

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/presentes/destaque/insider/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:31:32 GMT
last-modified: Fri, 17 Nov 2023 12:41:36 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "65575f80-3472"
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 13426
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 w-arrow-image.min.js Show response
www.amigosecreto.com.br/presentes/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Widget/Arrow/ArrowImage/Assets/dist/ Frame 1962 1 KB
2 KB 224ms
222ms Script
application/javascript 66.232.27.51
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amigosecreto.com.br/presentes/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Widget/Arrow/ArrowImage/Assets/dist/w-arrow-image.min.js?ver=78442573
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/presentes/destaque/insider/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN174 (COGENT-174, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 50b9b0f5f712db98a09b0eea971035cd3fc52c526abdea65175ad3c78a1a49b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/presentes/destaque/insider/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:31:32 GMT
last-modified: Fri, 17 Nov 2023 12:41:36 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "65575f80-5ae"
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 1454
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 w-bullet.min.js Show response
www.amigosecreto.com.br/presentes/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Widget/Bullet/Assets/dist/ Frame 1962 5 KB
6 KB 225ms
224ms Script
application/javascript 66.232.27.51
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amigosecreto.com.br/presentes/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Widget/Bullet/Assets/dist/w-bullet.min.js?ver=78442573
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/presentes/destaque/insider/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN174 (COGENT-174, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: d6f3358743b370d0292e2c8db3820b32eb5ea5f8f4cac004b3d3a34c6557ee7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/presentes/destaque/insider/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:31:32 GMT
last-modified: Fri, 17 Nov 2023 12:41:36 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "65575f80-15f5"
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 5621
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Destaque-1-970x300-1.jpg
www.amigosecreto.com.br/presentes/wp-content/uploads/2023/11/ Frame 1962 42 KB
42 KB 164ms
162ms Image
image/jpeg 66.232.27.51
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.amigosecreto.com.br/presentes/wp-content/uploads/2023/11/Destaque-1-970x300-1.jpg
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/presentes/destaque/insider/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN174 (COGENT-174, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: acbdf830dd5d0d2f14535022f371beac653fae6eb4e6583b4d66360692137301

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/presentes/destaque/insider/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:31:32 GMT
last-modified: Mon, 27 Nov 2023 21:48:21 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "65650ea5-a84f"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 43087
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Destaque-1-400x300-1.jpg
www.amigosecreto.com.br/presentes/wp-content/uploads/2023/11/ Frame 1962 24 KB
24 KB 163ms
162ms Image
image/jpeg 66.232.27.51
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.amigosecreto.com.br/presentes/wp-content/uploads/2023/11/Destaque-1-400x300-1.jpg
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/presentes/destaque/insider/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN174 (COGENT-174, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 8b6f18067b885df2fed8e8689343c709f653c818f7493c4081dec77dd9fdf444

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/presentes/destaque/insider/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:31:32 GMT
last-modified: Mon, 27 Nov 2023 21:48:24 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "65650ea8-5fcd"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 24525
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 page-819.nodelay.js Show response
www.amigosecreto.com.br/presentes/wp-content/plugins/op-builder/public/assets/cache/ Frame 1962 11 KB
11 KB 167ms
166ms Script
application/javascript 66.232.27.51
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amigosecreto.com.br/presentes/wp-content/plugins/op-builder/public/assets/cache/page-819.nodelay.js?ver=3058f47ae318bfc872e1f87a191e54bb
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/presentes/destaque/insider/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN174 (COGENT-174, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 83e15bac592379d6321bb5bd62f6a378a2229cc902f064c148f2032feb5bde86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/presentes/destaque/insider/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:31:32 GMT
last-modified: Tue, 19 Dec 2023 03:01:02 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "6581076e-2c14"
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 11284
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
BLOB 200
OK 6ae203e0-c1a1-4465-8c2a-67bc935e94e7
https://www.amigosecreto.com.br/ Frame 1962 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.amigosecreto.com.br/6ae203e0-c1a1-4465-8c2a-67bc935e94e7
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/presentes/destaque/insider/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DB53 0
0 74ms
73ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401090101&jk=3560591162960456&rc=
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

GET
H2 200 css
fonts.googleapis.com/ 100 KB
5 KB 60ms
60ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.uPzXs5HiNDY.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwI2FAhKw80dABmfVbjMnB2SCL76w/m=web_iab_tcf_v2_wall_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8354d043bdebec71c66c058e88ecc6f032f98e2dad2c9efe882a39e01619f101

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 11 Jan 2024 08:31:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 08:31:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Jan 2024 08:31:32 GMT

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame A364 39 KB
15 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 21:54:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38195
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Jan 2025 21:54:57 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 45ms
39ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.amigosecreto.com.br/
Origin: https://www.amigosecreto.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 06:01:29 GMT
x-content-type-options: nosniff
age: 9003
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Jan 2025 06:01:29 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 125 KB
126 KB 54ms
51ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.amigosecreto.com.br/
Origin: https://www.amigosecreto.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:59:49 GMT
x-content-type-options: nosniff
age: 171103
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 19:51:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jan 2025 08:59:49 GMT

POST
H3 204 AGSKWxXTitjRFF_yhPX024t39VZqygET2qmM3kHPzUhIEbAh6GFidIXr2exCVI1qCvq1BdFA6i0EJly-_tVpqh0eKv8Cug8ZHG5rwC1AfF8K8m-tuY1aEqjAuLvf-gf73EY-4W2hJnx5Nw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 143ms
52ms XHR
text/html 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXTitjRFF_yhPX024t39VZqygET2qmM3kHPzUhIEbAh6GFidIXr2exCVI1qCvq1BdFA6i0EJly-_tVpqh0eKv8Cug8ZHG5rwC1AfF8K8m-tuY1aEqjAuLvf-gf73EY-4W2hJnx5Nw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Y5vrJj-lmBYLcdbo-UE4lg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.amigosecreto.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 11 Jan 2024 08:31:32 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Y5vrJj-lmBYLcdbo-UE4lg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.amigosecreto.com.br
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4iCv6KVjbNBYlgoCjC3jsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ 30 KB
30 KB 45ms
43ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jsGyN.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8e147e15907f25cad69b2bcf060213efad4ed04e0d36374715cbca17b2afc1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.amigosecreto.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 03:33:15 GMT
x-content-type-options: nosniff
age: 190697
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30480
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jan 2025 03:33:15 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A364 0
10 B 40ms
39ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?hmk-yg
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:31:32 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
DATA 200
OK truncated
/ Frame 1962 34 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/webp

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 1962 116 KB
45 KB 120ms
120ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NJXLM59

Requested by

Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/presentes/destaque/insider/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

912b51b03f326f6f4fe7dc0798e0aa469738c1faa6763cab8bf0d5f64930005d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:31:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45636
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 Jan 2024 08:31:32 GMT

GET
DATA 200
OK truncated
/ Frame 1962 374 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f68361193d90603a25d438f72f3497c2a4c3deaf087df0e8ecac48b8a58aaf55

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1962 382 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7485684ab40601d4a059a0553f57645611c29e78e77c140b21327af71106c15

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v20/ Frame 1962 34 KB
34 KB 97ms
96ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?display=swap&family=Ubuntu%3A300%2C400%7CPoppins%3A300%2C400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.amigosecreto.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 19:39:36 GMT
x-content-type-options: nosniff
age: 478316
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34852
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:31:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Jan 2025 19:39:36 GMT

GET
H2 200 wp-emoji-release.min.js Show response
www.amigosecreto.com.br/presentes/wp-includes/js/ Frame 1962 18 KB
18 KB 206ms
205ms Script
application/javascript 66.232.27.51
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amigosecreto.com.br/presentes/wp-includes/js/wp-emoji-release.min.js?ver=3670bcb7b6ff7f5812f99d7f51f4f643
Requested by: Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/presentes/destaque/insider/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.232.27.51 , United States, ASN174 (COGENT-174, US),
Reverse DNS: www.amigosecreto.com.br
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/presentes/destaque/insider/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:31:32 GMT
last-modified: Thu, 07 Sep 2023 22:10:33 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "64fa4a59-4904"
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 18692
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 1962 242 KB
84 KB 56ms
56ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MH0ZFXE61K&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-5699012-5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b32ff88a34d9c212e1574759e659f9890a64b35f19c36c7dc31326a4616266f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:31:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85681
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 11 Jan 2024 08:31:32 GMT

GET
H2 200 hotjar-2766609.js Show response
static.hotjar.com/c/ Frame 1962 9 KB
4 KB 42ms
41ms Script
application/javascript 108.138.7.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2766609.js?sv=6

Requested by

Host: www.amigosecreto.com.br
URL: https://www.amigosecreto.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-127.fra56.r.cloudfront.net

Software

Resource Hash

79898ad55cca58e6e9ba8eecf2cc6c0b7335226fea3080497277827d26c76f9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:31:31 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 def5acc189db6e2856a956225d5cd100.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 1
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/e3787f2a7a55ea47333ffcba1c759cee
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
x-amz-cf-id: o9htezZPzcBgt03UA22_hC_1UQDWzDGc29apRnxDbjEIBqBj28AawQ==

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401030101/ Frame 1962 401 KB
136 KB 108ms
107ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6260959165761598&plah=www.amigosecreto.com.br&bust=31080218

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6260959165761598&host=ca-host-pub-2644536267352236

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41c09850e4b3fbbfcd444f512c222b9c9c71a2e0b41b038927cd19434472caac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:31:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139117
x-xss-protection: 0
server: cafe
etag: 5441582788310333624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 08:31:33 GMT

GET
H2 200 modules.abdef350bc65bc59cb61.js Show response
script.hotjar.com/ Frame 1962 220 KB
55 KB 47ms
43ms Script
application/javascript 13.32.27.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.abdef350bc65bc59cb61.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2766609.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-107.fra56.r.cloudfront.net

Software

Resource Hash

5fc7c56821ed5ac0a40aecde186c558d6b846831cbd483f434ed862fd1b955c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 10:38:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 aff6ac5c98fa897349204752e5877c80.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 251607
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55659
last-modified: Mon, 08 Jan 2024 10:37:27 GMT
etag: "80c44d9c04a527e3fdaa01818eb305c1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: waUMoimLtqVdaCsB1_jcrsbq_ooL6OfsWQ2RDvslNUGuFehT60Uq3w==

GET
H3

200

/
www.facebook.com/login/ Frame DF69
Redirect Chain

https://www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df279ee14a1d25c8%26d...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconn...

0
0

219ms
218ms

Document
text/html

2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df279ee14a1d25c8%2526domain%253Dwww.amigosecreto.com.br%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.amigosecreto.com.br%25252Ff14711b11e0daf4%2526relation%253Dparent.parent%26container_width%3D350%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FAmigoSecreto.com.br%26locale%3Dpt_BR%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue%26width%3D290

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js?hash=45fbeefbc2317f51bd611418c2aea5f1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.amigosecreto.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 11 Jan 2024 08:31:33 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
pragma: no-cache
priority: u=0,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: bti8YXStA3WZxVwT5m1kjMVV0LFaI4FH5eYsTjVwIEJ/WvWAOrzmVSVuhfzinO/EU3WZq6uDrvtS1RjUco3uCw==
x-frame-options: DENY
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 08:31:33 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v12.0
location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df279ee14a1d25c8%2526domain%253Dwww.amigosecreto.com.br%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.amigosecreto.com.br%25252Ff14711b11e0daf4%2526relation%253Dparent.parent%26container_width%3D350%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FAmigoSecreto.com.br%26locale%3Dpt_BR%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue%26width%3D290
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), display-capture=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self)
permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), encrypted-media=()
pragma: no-cache
reporting-endpoints
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-fb-debug: ISmReImFZ67pFC0tj3WxxAnZumdzO9RQjBZOPSW4chSKBbSyIMZC2et3MQnXPwABYBO6FYc1HNiGv4LZQeN3Wg==
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 91ms
91ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401030101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20213cf1d8f04cf20010a87b5f177112bb064b538d062ea3ab30d25c772a2183

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:31:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12112
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 75B1 0
0 77ms
77ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401090101&jk=3560591162960456&bg=!W1ilWBfNAAaumcC-jpk7ADQBe5WfOLsvsqu-0LGSZiEefpDKjiZuVNyGSOKpGnSlJ44N6ItF871rZ1LK-eCweWnmPalVAgAAAWxSAAAABGgBB5kC3NHRqNXPKlzcko3cIiNqiHIplBOjUDJ0D5De-3aPhTWSGLspV6gpzIjCbRImM7cHySqvDKfL28mV3QQ0wUDB-RcP-i6suLXkwqW3TxV2rIYPTVKFh5c4LGSQf63MK6iuo1tPwKFQF1euS4DfBQ2kbyRSCtGlxWl9GMaKC284qMBG3lBOAW4X747DCUTJh7CFf0Y9ZRATNYqrroRpIhpyM3saMxy_veeP1YUFybrx0L4Quw7uVlx58w6vCCzsAelvOCg1B8IA6IJhWZOHDUP_tHCzaE_TUK3lvhWT3xlgNShjuxgVygSw-q9PT-LQUUD78dvG_sc4jZ6th3h3MGLE-neQZh2MtGi35dstv9LE2OQm6rBx657xcu0MezNIdJxoxqvqXGpzwJXcu58MOOI2H2xxIkB3BSqjGxXKRP4w53lcBnXks0BkLO3rk2fXkZU_3IlBa0q8Elf5aoTWFKIKA-66REKIQau0Pdsn6j22_RKQbPBWCwaxQhBky3SleZfnbG0PxSdzER34slylmHZiG2o8sD8f5jWLLMW73uHD4GZXsrS4Kg_0BWQUp92fQ0aPmbw3bl0_-R728coIBGVBlosD3TPf_VIcSAcZN-lnRb75uBPfrC2ywcdXpBgGCG0MnqcgsVFjwwrevNv_SSHDKwcHevxLzFhZPzIWPq0tL1ESsIuZLoON3qYJmYbznv42wTRgtgj_aHmE0_P4bJP-ClX9ObXuwXLQ7K5jO8ptZIiXlnH5Pk4IAqourhOmXKBpGqOQegu_uO6ww_SBIDv7m5gHsWkO7oOeczsDOHh_hs2lPLMGDP8C02_8euvJi7Y-oVw_w4sbm-a3NIDHhUh92AIoWiEhU-F4M81-2fwPzmg-BdvqBAn8zuz-760KDzQnuq_-8vY_CwWGoTrC4u8KmvKDk1ezw-wTiGylwk5iuctrwmfWCKSdpyHimjOcXfulF9RyZbrI-CgUp1_Vpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:31:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 11 Jan 2024 08:31:33 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C2D9 13 KB
5 KB 40ms
40ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.amigosecreto.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2383
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 07:51:50 GMT
expires: Fri, 10 Jan 2025 07:51:50 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B44E 829 B
559 B 50ms
49ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e085002d1494283a4cf4cc952c53c7e47c535104498a5d62411fa69787f74ba2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WDmisbdN09_M9p66_E8YUQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.amigosecreto.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-WDmisbdN09_M9p66_E8YUQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 08:31:33 GMT
expires: Thu, 11 Jan 2024 08:31:33 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame C2D9 39 KB
15 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 21:54:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38196
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Jan 2025 21:54:57 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B44E 0
0 77ms
76ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401030101&jk=3964506096998695&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C2D9 0
10 B 41ms
40ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?UBggqA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:31:33 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 78ms
77ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401030101&jk=3964506096998695&bg=!zs2lzYLNAAaumcC-jpk7ADQBe5WfOF19HXU5Z9YugSVj8yocRcRRuDVLyKOjur4atAY9M6_i3lMjXzP7ynXe0uCmqq5NAgAAAFpSAAAAA2gBBwoAOu_WCDi82Thpgs17VGZHQdgE2PTq0XE7xh_GPgw3xL2HpCSys4mxzF2gMgIg9WMRXKmLsBLFTe1OhMSZAsHSIOC2WHB-xcGe4IsaICfWrDwktVbGyL9PlM8C3xz8d7pRLrzuZk0uMdkndOXL5u1tOFnqY477trIWc7MH13qMhyVVhYyF9lahmtzMV8rWhJfhqE40zwCvabpKrpSDl193yeqJJ7nHJImiNLxeGprDrWJhtufcN7vHNicd3w2nPFU2wU2kzZ4jitJPwDwCEVeRh8a_06g8C-bVruAp-VGjtIxoZMmLqjbgdLWDjqhLEW-x2beIYtC-VRdY_a_YORuaai_11ma7eL8oKj9b3pPd_c76HXnUgBj7r-4osypGlVeoCFANGxeKYnky6Nw_iq2q0I62MOR9MaWIAHZ2-9H82E98D9WqM1etXAPY1yyit5OC68eRRo_JwsVXiaezajxPWWahHZaF9SGEwIVXMERGnqDM5Qb3lOdb_G9knObzBnTF3veKBuk87ibTwxEFSU83GQE7Siyz8OQTbpGcXkaRyNx2SR2wgXEHlt4jdW-UkAmEXNFZp8pk-DQZepdh7tzL4D5IB4N39jRWaIT7BEGI2gU_DxlB9CHwA9xT8paWt0UDRoRPMRv3Tb1BgJ87FWFmyM664YDw9anj6_RkiPf-9uHAM5bjOrq4FhFmaqYWEJODKL3IwzlQhAH_uegFTe6YIPwH4E-5DhfHTCTbrBb4OcXjCnbEteESbspVdVvARYJXAHQ0aSvEQFxRHo3D_W2kGa2VeY2FrEm99YRA2q_Lgj7Lxex5MEc-Z9S7f8QKMp0GM19q9MI_BOiin71eXP7JH0rTswNunVi5xQRQdHNlFgixeXr-GZcO3xkadzJU6teIvPdziW_CVDoQUtt34F4Ra7MugcOgLKMLrGdzGtS9MhMyMS861Eg0SyFBH8NRkIxEBOXPtTr5wM0SZk0LrG4S2jOXb94_EN6sJqnKy_T_pStV6Bo8WNaTX8uoOPV3XEU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.amigosecreto.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 0FBF 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 27f02e99158c4d26851b0971865ae4cdea3c338e1dc7797689cdf664577e5a1b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 51ms
49ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-J2TS8EPKY3&gtm=45je4180v878338784&_p=1704961889805&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=81466539.1704961891&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEII&sid=1704961891&sct=1&seg=0&dl=https%3A%2F%2Fwww.amigosecreto.com.br%2F&dt=O%20site%20oficial%20do%20Sorteio%20de%20Amigo%20Secreto&_s=2&tfd=7739
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J2TS8EPKY3&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.amigosecreto.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 08:31:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.amigosecreto.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

161 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.amigosecreto.com.br/	1970-01-20 17:50:06	Name: tipoAcesso Value: desktop
www.amigosecreto.com.br/	1969-12-31 23:59:59	Name: ASPSESSIONIDSSBQADDB Value: BLJGHPEDJJDDNPCADNEBOLBE
.amigosecreto.com.br/	1970-01-20 19:45:37	Name: _fbp Value: fb.2.1704961891191.925979209
.amigosecreto.com.br/	1970-01-21 03:12:01	Name: _ga_MH0ZFXE61K Value: GS1.1.1704961891.1.0.1704961891.0.0.0
.amigosecreto.com.br/	1970-01-21 03:12:01	Name: _ga Value: GA1.3.81466539.1704961891
.amigosecreto.com.br/	1970-01-20 17:37:28	Name: _gid Value: GA1.3.1621851629.1704961891
.amigosecreto.com.br/	1970-01-20 17:36:01	Name: _gat_gtag_UA_5699012_1 Value: 1
.amigosecreto.com.br/	1970-01-20 17:36:03	Name: _hjFirstSeen Value: 1
.amigosecreto.com.br/	1970-01-20 17:36:03	Name: _hjIncludedInSessionSample_2766609 Value: 0
.amigosecreto.com.br/	1970-01-20 17:36:03	Name: _hjSession_2766609 Value: eyJpZCI6Ijg4ZmFjNmM5LWYyZDgtNDkzNS1iOGFiLTM5YjI3NDA2MGJhNyIsImMiOjE3MDQ5NjE4OTE0NTYsInMiOjAsInIiOjAsInNiIjowfQ==
.amigosecreto.com.br/	1970-01-20 17:36:03	Name: _hjAbsoluteSessionInProgress Value: 0
.amigosecreto.com.br/	1970-01-21 03:12:01	Name: _ga_J2TS8EPKY3 Value: GS1.1.1704961891.1.0.1704961891.60.0.0
.doubleclick.net/	1970-01-21 02:57:37	Name: IDE Value: AHWqTUkxSv695FH71rE6J6SzwZmPDsPzNSQmnWdCuN1U9DKhUgvpMzDni7Mul2vQa60
.amigosecreto.com.br/	1970-01-21 02:57:37	Name: __gads Value: ID=cab516052fbe72cc:T=1704961891:RT=1704961891:S=ALNI_MZAicFxMe_fz5e73Lmei5W6Wb96eg
.amigosecreto.com.br/	1970-01-21 02:57:37	Name: __gpi Value: UID=00000d3f607cf40a:T=1704961891:RT=1704961891:S=ALNI_Mb7JQxffQzPg2dAoKAp6UFtl0kGyQ
.amigosecreto.com.br/	1970-01-21 02:21:37	Name: _hjSessionUser_2766609 Value: eyJpZCI6IjFmNTNmMDVkLTM3ZmYtNWVlNy04ODk1LTE3ZGUzNGVjYThmOCIsImNyZWF0ZWQiOjE3MDQ5NjE4OTE0NTUsImV4aXN0aW5nIjp0cnVlfQ==

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

39d8c44d2cc16f77222a0cf2281b3f5b.safeframe.googlesyndication.com
8b2ef45b3f554aa501ab6d2a6c3964b0.safeframe.googlesyndication.com
cdn.jsdelivr.net
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
netdna.bootstrapcdn.com
pagead2.googlesyndication.com
region1.analytics.google.com
region1.google-analytics.com
script.hotjar.com
securepubads.g.doubleclick.net
static.hotjar.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.amigosecreto.com.br
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
108.138.7.127
13.32.27.107
2001:4860:4802:32::36
2001:4860:4802:34::36
2606:4700::6810:5514
2606:4700::6812:acf
2a00:1450:4001:802::2008
2a00:1450:4001:806::2002
2a00:1450:4001:80b::200e
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:812::2003
2a00:1450:4001:81c::200e
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2002
2a00:1450:400c:c1d::9b
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
66.232.27.51
015d323035f6083e8680971eb381dc4e2a4a6426ca30fb05c0288ba525896e90
024ca5fb7792f6fa4ace20a64205bce1b182b40bc0310c9605eb9be526fbecf2
0642623fc7f39b4068725e076e3393747f3b3c2044b0350b51460de1e29dffb6
076336fdd4c5acfa3555badec27bf1d55f370ead418e5500427179c5c782c0e4
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0dc251b1b01de3b50f2bbfe46b7d63f3be83a47bb05cf04181d44655996c7de6
1440f1a09f9b2c13c4459191aa9e390b5efa998db377d60e5f88b4a1f6886805
14c2c2d31549def425126ae4d7ab7ec66cc9f103770154c1f201bc99cc74a47f
1a8c6325b0b89baa93899a73f1fac4e321f8a421a9bea8655d27de53848103ae
1cf30e59d21d4ae560af7143f5913efcc8222bcaa4fcc7508eb802b5faa9e94e
20213cf1d8f04cf20010a87b5f177112bb064b538d062ea3ab30d25c772a2183
215d630fe4e983e94be7c390a9b13a4ed9d82cc42ee9b620a940bcab24456b55
27f02e99158c4d26851b0971865ae4cdea3c338e1dc7797689cdf664577e5a1b
292c4b31226660d43c28401602552c41ee62725a14405471e49b069251908026
2ff03a27b1279e642a25b88582f99925f26ac69149a1e828ad3cc862a455b3bc
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
371ea552be761dc2a215b59fafc2213a9cf3cadfead0c6d51df7959d3be058cf
38699fdb185f665283d6d881454c2e22dd3554c4a79904305197bc5eddbd976d
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
41c09850e4b3fbbfcd444f512c222b9c9c71a2e0b41b038927cd19434472caac
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
473a782075aef21c05fb0f7d61060130a86b7f22100a4f7ddcf519d8909165cc
48645bc834b63daa7d6998fc161a75d14e9b456c2b5569f13d11a524fc55f399
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4fa1fbb70e211f5034e5e72297a70b26290c8b6851d4d9253d304add87c5216c
50b9b0f5f712db98a09b0eea971035cd3fc52c526abdea65175ad3c78a1a49b8
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5b7bda0af3dd9f5712d7b58867ae96898863dfa09ed16b1997ab6bba59a1f315
5bed93160bfdb45ba6168822f13f02378b6ad8e7e3c529879a2324bb8f542af7
5e5d7e6238432e3af5259d422eceda37eb083bd792d40c662a6f13f586348f87
5fc7c56821ed5ac0a40aecde186c558d6b846831cbd483f434ed862fd1b955c7
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
663a4813fa0b3bc5a6739f224f4b6203b2d5e9bd76390dab13a6a3ac6c809b5f
665273a9b548830b3ae7acda2d45d9dd61a2bbb5223ebeaf37e5cb12bb4ac7c3
6779927a414cbf0fe75402465415087eb51e26f9a5f466bd8c59ed2df157d9b2
69471d73fdd7c16540c41a040ee1d68b7ea09d9bc3ab236392c4e1d728d13a20
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
78674c24919c24b1047cfcb448907e28a91281d511eb2a9c75433680f5ab4cdc
79898ad55cca58e6e9ba8eecf2cc6c0b7335226fea3080497277827d26c76f9d
7a72fe46a82a96e238471bfc5f98247d714b8438862f05ccbf69bcf6d84d7aee
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7ea8703d61bfd69a2fa60a1008bcb44dc6606a9b4b44030005b11dcd2b2bfb7a
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
820104d2635b6142cd4ad4bfc096f7bd1aa757a8150380730fde125cc1bc9e43
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8354d043bdebec71c66c058e88ecc6f032f98e2dad2c9efe882a39e01619f101
83e15bac592379d6321bb5bd62f6a378a2229cc902f064c148f2032feb5bde86
862f5e7bf96f53112e8d4b35edfe9aad7f88181ecc776db926bfe3e4a515f7aa
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
88c117050986495112206cfd6fc55457c34f812f07b543eebd1554846108b6e5
8b6f18067b885df2fed8e8689343c709f653c818f7493c4081dec77dd9fdf444
8fe5ebbe44388c9f7d1e3d2924a3ebea4d110a0c430d24ecdcf06a2eb5f610c7
912b51b03f326f6f4fe7dc0798e0aa469738c1faa6763cab8bf0d5f64930005d
924590d6c568380e23b9397b8e4b7f23e4df43b6a98d9675e3eea5be3bc6834e
92b3f4acfaebc2783b3278da66519618a5dfc33d413ebcfe846a270e73eb1c1c
93abbe9a158ffb11fd2ba05dddff30ed3d7205bed155ff90160287f353cb749b
9462c4d9c42d54044fb22924e445d0dab8ac0c8a0d254fda5158138b7d9c0ec6
9f4f3402418e58a9bb4bfa86c4d94e3d54c23dd5708de74d62498a014853c5d0
a05d1383e867dd41784c6f739b31af0610e63049584066ef477e547047778de8
a318ade81739d2989dfbf8b5a0b9c03a84a5c792afb8edd411998e1b771c7aa0
a5515c53111bb4a4f45aff63d06df893ae9033dc85e82cc2ef27fc099a4d7609
a72843979d55dc4d5d9bcac65c18b3b75d753258c9fece915f49e9ad52a290b8
a937e43b9bf533a9362664051f4b4ee0bb3d62c11733890b09bd592976261e02
aa2703662797d5424d131fbaf9a935127d3258bedaa7037d049a6bb04d5a0c0c
acbdf830dd5d0d2f14535022f371beac653fae6eb4e6583b4d66360692137301
b25070c2620a132771a52c6c11decf1b70ed0f21a9a01ceee23584d00862b6b7
b32ff88a34d9c212e1574759e659f9890a64b35f19c36c7dc31326a4616266f0
b3e2621d3488907ae1ff1c956bb67960e9c0d4eabcca7db8660b80e7a7e48a7e
b625d5a8adce0e637b3263a627b65445e87da3ec1e62aff4ff86869707ed4fe7
b7fc0786acf28d7f98421dd6a445d55daad209e4fafc76d788e143dcf1c993e4
bad32c62c050489fa0a0c953824e749584e54c20ec66900b63c373b39c6b232a
bdfed152e3fe0308a592c5dab5531527d4494477bc323e328d7cd8315cbe892a
c1282be42b8d2163c8d5b170521ce2f167ebfaabecbf4cc34e63299ee61dc651
c1644925b7ca4193188ce5a6a0af394d1c1d34a9afc0cb2a671cb739ee3e1173
ca6ef142765010507ac8c344ee29295e28bf2b93a06c536f14fdd91deff6a697
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d2da9c717c6544d3681599d64e4d2d7a015b92abd6159f086b6c36df8d82d56d
d6f3358743b370d0292e2c8db3820b32eb5ea5f8f4cac004b3d3a34c6557ee7d
d7485684ab40601d4a059a0553f57645611c29e78e77c140b21327af71106c15
dd763c7ef2588bd2782997f3eddcb46418fb68760c224538a19d9affd140aff9
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de9d3939c61738ea474fe375be07232fb51b5090888351263a3498754ed8c16f
e085002d1494283a4cf4cc952c53c7e47c535104498a5d62411fa69787f74ba2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5cff0fb3482152d0924088d7535b934bfc80a58bd84b7d83bb0c2694049ec69
e8e147e15907f25cad69b2bcf060213efad4ed04e0d36374715cbca17b2afc1c
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
e947a34e3241a8fa04ba18016cd7f89c56130e69e3724f6cc242ceceb825d557
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f25e5ba6d1bebbd94a7dcaecb99dbdfa7566f53c75f7a46cbea21221fcaf84ba
f68361193d90603a25d438f72f3497c2a4c3deaf087df0e8ecac48b8a58aaf55

www.amigosecreto.com.br Open in urlscan Pro 66.232.27.51 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

125 Requests

99 %HTTPS

87 %IPv6

15 Domains

24 Subdomains

24 IPs

3 Countries

3938 kBTransfer

8554 kBSize

16 Cookies

7 Outgoing links

Page URL History

Redirected requests

125 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.amigosecreto.com.br Open in urlscan Pro
66.232.27.51 Public Scan

Screenshot
Live screenshot

Full Image

125
Requests

99 %
HTTPS

87 %
IPv6

15
Domains

24
Subdomains

24
IPs

3
Countries

3938 kB
Transfer

8554 kB
Size

16
Cookies

125 HTTP transactions
6 data transactions