de8.com.br Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://jni5.lt.acemlnb.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZkZTguY29tLmJyJTJGaW52aXRlLWFic2EtZ29sZC1jYXJkJT...
Effective URL:
https://de8.com.br/invite-absa-gold-card/?utm_source=ActiveCampaign&utm_medium=email&utm_content=R+16200+is+your+ne...
Submission: On November 17 via manual (November 17th 2023, 4:28:21 pm UTC) from ZA — Scanned from DE

Summary HTTP 79 Redirects Behaviour Indicators

Summary

This website contacted 24 IPs in 6 countries across 24 domains to perform 79 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is de8.com.br.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 10th 2023. Valid for: a year.

This is the only time de8.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.0.23.141 52.0.23.141	14618 (AMAZON-AES) (AMAZON-AES)
16	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
3	34.36.196.101 34.36.196.101	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a04:4e42:400... 2a04:4e42:400::649	54113 (FASTLY) (FASTLY)
3	2606:4700:e6:... 2606:4700:e6::ac40:c70b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:e6:... 2606:4700:e6::ac40:c60b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
6	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2 2	37.157.6.237 37.157.6.237	198622 (ADFORM) (ADFORM)
2 2	213.155.156.185 213.155.156.185	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	216.52.2.16 216.52.2.16	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
3 3	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
1	185.86.139.102 185.86.139.102	201081 (SMARTADSE...) (SMARTADSERVER)
79	24

1 52.0.23.141 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-23-141.compute-1.amazonaws.com

jni5.lt.acemlnb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

de8.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.de8.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.36.196.101 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 101.196.36.34.bc.googleusercontent.com

cdn.cloud.adseleto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:e6::ac40:c70b (United States)

ASN13335 (CLOUDFLARENET, US)

analytics.spun.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e6::ac40:c60b (United States)

ASN13335 (CLOUDFLARENET, US)

push.spun.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

b2508c89406ab1dbc02d9da2cafeb1e2.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.237 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.185 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.16 (United States) 2 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.228.174.117 (United Kingdom) 3 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.102 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 b2508c89406ab1dbc02d9da2cafeb1e2.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 149	88 KB
16	de8.com.br de8.com.br cdn.de8.com.br	405 KB
11	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 cm.g.doubleclick.net — Cisco Umbrella Rank: 245	234 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	417 KB
5	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2462 www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
4	gstatic.com www.gstatic.com	268 KB
4	spun.com.br analytics.spun.com.br — Cisco Umbrella Rank: 370433 push.spun.com.br	6 KB
3	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
3	adseleto.com cdn.cloud.adseleto.com — Cisco Umbrella Rank: 843428	46 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 567	2 KB
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 683	1 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4905	651 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 599	1 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	90 KB
1	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 774	45 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1268	576 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 695	236 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 5683	552 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	64 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6862	455 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	185 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 762	31 KB
1	acemlnb.com 1 redirects jni5.lt.acemlnb.com	332 B
79	24

	Domain	Requested by
13	de8.com.br	de8.com.br
8	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com de8.com.br b2508c89406ab1dbc02d9da2cafeb1e2.safeframe.googlesyndication.com
6	cm.g.doubleclick.net	b2508c89406ab1dbc02d9da2cafeb1e2.safeframe.googlesyndication.com
6	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com de8.com.br
6	www.googletagmanager.com	de8.com.br www.googletagmanager.com
4	securepubads.g.doubleclick.net	cdn.cloud.adseleto.com securepubads.g.doubleclick.net
4	www.gstatic.com	de8.com.br b2508c89406ab1dbc02d9da2cafeb1e2.safeframe.googlesyndication.com
3	www.google.com	de8.com.br tpc.googlesyndication.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com de8.com.br
3	analytics.spun.com.br	de8.com.br analytics.spun.com.br
3	cdn.de8.com.br	de8.com.br
3	cdn.cloud.adseleto.com	de8.com.br cdn.cloud.adseleto.com
2	sync.1rx.io	2 redirects
2	ap.lijit.com	2 redirects
2	d5p.de17a.com	2 redirects
2	c1.adform.net	2 redirects
2	fonts.googleapis.com	b2508c89406ab1dbc02d9da2cafeb1e2.safeframe.googlesyndication.com de8.com.br
2	b2508c89406ab1dbc02d9da2cafeb1e2.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	region1.google-analytics.com	www.googletagmanager.com
2	connect.facebook.net	de8.com.br connect.facebook.net
1	ssbsync.smartadserver.com	b2508c89406ab1dbc02d9da2cafeb1e2.safeframe.googlesyndication.com
1	sync.targeting.unrulymedia.com	1 redirects
1	rtb.openx.net	b2508c89406ab1dbc02d9da2cafeb1e2.safeframe.googlesyndication.com
1	ads.travelaudience.com	1 redirects
1	www.googletagservices.com	de8.com.br
1	www.google.de	de8.com.br
1	www.facebook.com	de8.com.br
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	push.spun.com.br	de8.com.br
1	code.jquery.com	de8.com.br
1	jni5.lt.acemlnb.com	1 redirects
79	31

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-10` - `2024-02-09`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
cdn.cloud.adseleto.com GTS CA 1D4	`2023-10-09` - `2024-01-07`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
spun.com.br GTS CA 1P5	`2023-09-21` - `2023-12-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-26` - `2023-11-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://de8.com.br/invite-absa-gold-card/?utm_source=ActiveCampaign&utm_medium=email&utm_content=R+16200+is+your+new+absa+limit%21+%F0%9F%A5%B3&utm_campaign=JNi5-ID98_TB_e3_DEabsa_16%2F11_R
Frame ID: F0DF42E53FAB138B80DE97665CD51175
Requests: 50 HTTP requests in this frame

Frame: https://b2508c89406ab1dbc02d9da2cafeb1e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F970B8BC3365C632B493112B5B12A963
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6E6225218537BCBB9D33F1222B670A5F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5CE9BC643781AEAC192ACA2CA78204CE
Requests: 2 HTTP requests in this frame

Frame: https://b2508c89406ab1dbc02d9da2cafeb1e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DE174F5F822CA0BCACCCA7A2BB7B8C2C
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: 69E89BA650F1425AF4EC6E8096A96A50
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 776E3A3B9E1E7F247B7EE8AFE20FD84A
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/unVwOGQH9SsIcJBr4Xp3HcCvUJyc_uBy8Ir4YHk_V1Y.js
Frame ID: 1EE47C3A64EA87618096636C5CEEDB87
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Invite ABSA Gold Card - De8

Page URL History Show full URLs

https://jni5.lt.acemlnb.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZkZTguY29tLmJyJTJGaW52aXRlLW... HTTP 302
https://de8.com.br/invite-absa-gold-card/?utm_source=ActiveCampaign&utm_medium=email&utm_conten... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/(?:([\d.]+)/)?firebase(?:\.min)?\.js
/firebasejs/([\d.]+)/firebase

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

79
Requests

92 %
HTTPS

66 %
IPv6

24
Domains

31
Subdomains

24
IPs

6
Countries

1676 kB
Transfer

6003 kB
Size

17
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://jni5.lt.acemlnb.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZkZTguY29tLmJyJTJGaW52aXRlLWFic2EtZ29sZC1jYXJkJTJGJTNGdXRtX3NvdXJjZSUzREFjdGl2ZUNhbXBhaWduJTI2dXRtX21lZGl1bSUzRGVtYWlsJTI2dXRtX2NvbnRlbnQlM0RSJTJCMTYyMDAlMkJpcyUyQnlvdXIlMkJuZXclMkJhYnNhJTJCbGltaXQlMjUyMSUyQiUyNUYwJTI1OUYlMjVBNSUyNUIzJTI2dXRtX2NhbXBhaWduJTNESk5pNS1JRDk4X1RCX2UzX0RFYWJzYV8xNiUyNTJGMTFfUg==&sig=BP3pUrtmamD6Qzu3QgH88dTzNesZjHHrrG81mrKfce6U&iat=1700180365&a=%7C%7C652280855%7C%7C&account=jni5%2Eactivehosted%2Ecom&email=VUXmPkP6cwtVm41XiUCyiD0pL82y5qMQPoWJzmr9jU4Xxu2VTXkPfg%3D%3D%3AHNjmZdDDO%2FxGwPMqLSiAuSXL2sbSTWS5&s=dd162de17c75ea2b28c5c759c2e8dfee&i=14A15A1A43 HTTP 302
https://de8.com.br/invite-absa-gold-card/?utm_source=ActiveCampaign&utm_medium=email&utm_content=R+16200+is+your+new+absa+limit%21+%F0%9F%A5%B3&utm_campaign=JNi5-ID98_TB_e3_DEabsa_16%2F11_R Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 67

https://ads.travelaudience.com/google_pixel?google_gid=CAESEPFX1tHORufEF-zcRk76kis&google_cver=1&google_push=AXcoOmTgyHmJ0Ki4H5GeZZowQMWqKFgMJ3rG_kCLOeBu2_o4De22pGHNA8nHvDWKyzBpVGJ24t8-PQZfQYs3v6rS17_4gBDJCvrB HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=keyUcMXORckTtsZ1GZ3jUQ&google_push=AXcoOmTgyHmJ0Ki4H5GeZZowQMWqKFgMJ3rG_kCLOeBu2_o4De22pGHNA8nHvDWKyzBpVGJ24t8-PQZfQYs3v6rS17_4gBDJCvrB

Request Chain 68

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENLmnFsRuw-3dthEoOa2lys&google_cver=1&google_push=AXcoOmQzmc2tu-yanF3ZD-AAovOBkl5S2D59qfl_FBcyj6AkGzMQGLlLR_SgvxAuXOyA30_J0U4V1dlfWt_5N5R4SJExQTguugigWw HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESENLmnFsRuw-3dthEoOa2lys&google_cver=1&google_push=AXcoOmQzmc2tu-yanF3ZD-AAovOBkl5S2D59qfl_FBcyj6AkGzMQGLlLR_SgvxAuXOyA30_J0U4V1dlfWt_5N5R4SJExQTguugigWw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTgzMDY5Mjk0NDQxNjQ0MjI5Ng&google_push=AXcoOmQzmc2tu-yanF3ZD-AAovOBkl5S2D59qfl_FBcyj6AkGzMQGLlLR_SgvxAuXOyA30_J0U4V1dlfWt_5N5R4SJExQTguugigWw

Request Chain 69

https://d5p.de17a.com/cookies/google?google_gid=CAESEEEFnKfg30CQaucZUG6ZrbY&google_cver=1&google_push=AXcoOmQzdwKPu9Xccene9xy4AF8ix_NKb5DyTsj5pYkJCrFGYGisg2Bl6KvBc8NBi4bowayDPi4jN2dUJgN6fA9ayEj07kHhStPDpQ HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEEEFnKfg30CQaucZUG6ZrbY&google_cver=1&google_push=AXcoOmQzdwKPu9Xccene9xy4AF8ix_NKb5DyTsj5pYkJCrFGYGisg2Bl6KvBc8NBi4bowayDPi4jN2dUJgN6fA9ayEj07kHhStPDpQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQzdwKPu9Xccene9xy4AF8ix_NKb5DyTsj5pYkJCrFGYGisg2Bl6KvBc8NBi4bowayDPi4jN2dUJgN6fA9ayEj07kHhStPDpQ

Request Chain 71

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEISXNwf5HhcxkMKx0ciy2hE&google_cver=1&google_push=AXcoOmRXtoBgHmz9ssxOTHZalgawH2lykMRS_u_xtLT43Zl-CuskC0xe7blJTO4zJae_9qzjbJDjB0YNfs7yH71B8xyH9oJJknSc HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEISXNwf5HhcxkMKx0ciy2hE&google_cver=1&google_push=AXcoOmRXtoBgHmz9ssxOTHZalgawH2lykMRS_u_xtLT43Zl-CuskC0xe7blJTO4zJae_9qzjbJDjB0YNfs7yH71B8xyH9oJJknSc&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmRXtoBgHmz9ssxOTHZalgawH2lykMRS_u_xtLT43Zl-CuskC0xe7blJTO4zJae_9qzjbJDjB0YNfs7yH71B8xyH9oJJknSc&google_hm=HrBcrGZHGrgi2TP1T9ycu8pP

Request Chain 72

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEMnk8vL5Ml7WdmdOgbBcw5w&google_cver=1&google_push=AXcoOmTXBz7czAIqdT8aMPEDBnXHV52dLOUjCzCaX3bailgMnn_QL32Vtcn3Y9vVyDYEJXCTfKq9YnMJz40dQr6FBj6aCem8Tv2KTA HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmTXBz7czAIqdT8aMPEDBnXHV52dLOUjCzCaX3bailgMnn_QL32Vtcn3Y9vVyDYEJXCTfKq9YnMJz40dQr6FBj6aCem8Tv2KTA&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1700238498495 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-cf52e714-acc2-4011-991f-1e2caa7bebe9-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmTXBz7czAIqdT8aMPEDBnXHV52dLOUjCzCaX3bailgMnn_QL32Vtcn3Y9vVyDYEJXCTfKq9YnMJz40dQr6FBj6aCem8Tv2KTA%26google_hm%3DA89S5xSswkARmR8eLKp76-k HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTXBz7czAIqdT8aMPEDBnXHV52dLOUjCzCaX3bailgMnn_QL32Vtcn3Y9vVyDYEJXCTfKq9YnMJz40dQr6FBj6aCem8Tv2KTA&google_hm=A89S5xSswkARmR8eLKp76-k

79 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
de8.com.br/invite-absa-gold-card/
Redirect Chain

https://jni5.lt.acemlnb.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZkZTguY29tLmJyJTJGaW52aXRlLWFic2EtZ29sZC1jYXJkJTJGJTNGdXRtX3NvdXJjZSUzREFjdGl2ZUNhbXBhaWduJTI2dXRtX21lZGl1bSUzRGVtYWlsJTI...
https://de8.com.br/invite-absa-gold-card/?utm_source=ActiveCampaign&utm_medium=email&utm_content=R+16200+is+your+new+absa+limit%21+%F0%9F%A5%B3&utm_campaign=JNi5-ID98_TB_e3_DEabsa_16%2F11_R

46 KB
12 KB

4924ms
4871ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://de8.com.br/invite-absa-gold-card/?utm_source=ActiveCampaign&utm_medium=email&utm_content=R+16200+is+your+new+absa+limit%21+%F0%9F%A5%B3&utm_campaign=JNi5-ID98_TB_e3_DEabsa_16%2F11_R

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.33

Resource Hash

803e1a7425460d06cf50f1773cc42aafd0d03b24b668219ce64a3d4bd563b34c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82795868acb95d8c-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 17 Nov 2023 16:28:15 GMT
link: <https://de8.com.br/wp-json/>; rel="https://api.w.org/" <https://de8.com.br/wp-json/wp/v2/pages/10015227>; rel="alternate"; type="application/json" <https://de8.com.br/?p=10015227>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2BAWQJO1j%2BOTdUGvpdyP%2BsmKga2lShVRmCHFL76KWiMfbMJA0Ziz9EUMOTymH6x5qGszija1MZo6l50agfBnrKWHPhPZwJVkxkKag8WU%2FF8SVuZqocuSNkBCv8EgNwjic6EYLFbduDhC"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-cache-status: EXPIRED
x-content-type-options: nosniff
x-powered-by: PHP/7.4.33

Redirect headers

content-length: 0
content-type: application/json
date: Fri, 17 Nov 2023 16:28:10 GMT
location: https://de8.com.br/invite-absa-gold-card/?utm_source=ActiveCampaign&utm_medium=email&utm_content=R+16200+is+your+new+absa+limit%21+%F0%9F%A5%B3&utm_campaign=JNi5-ID98_TB_e3_DEabsa_16%2F11_R
x-amz-apigw-id: OjQoPGOBoAMEDDg=
x-amzn-requestid: d05e2218-26fb-46d7-8fb9-9557a9509f34
x-amzn-trace-id: Root=1-6557949a-444d398328c4939844a1293a;Sampled=0;lineage=12ce62b2:0

GET
H2 200 de8-logo.png
de8.com.br/wp-content/uploads/2023/09/ 12 KB
12 KB 26ms
23ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://de8.com.br/wp-content/uploads/2023/09/de8-logo.png

Requested by

Host: de8.com.br
URL: https://de8.com.br/invite-absa-gold-card/?utm_source=ActiveCampaign&utm_medium=email&utm_content=R+16200+is+your+new+absa+limit%21+%F0%9F%A5%B3&utm_campaign=JNi5-ID98_TB_e3_DEabsa_16%2F11_R

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58d05df3665d86e0831e00f97e0635a2af93efd31514ba6f43f675e24a7c1995

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de8.com.br/invite-absa-gold-card/?utm_source=ActiveCampaign&utm_medium=email&utm_content=R+16200+is+your+new+absa+limit%21+%F0%9F%A5%B3&utm_campaign=JNi5-ID98_TB_e3_DEabsa_16%2F11_R
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 16:28:15 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 870814
alt-svc: h3=":443"; ma=86400
content-length: 12064
last-modified: Tue, 19 Sep 2023 16:34:46 GMT
server: cloudflare
etag: "6509cda6-2f20"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ft7%2Bn36MV%2F4jnvz0rJuU%2BEGpPBynr7rYFBsbBG9jHSLn4kY%2F2rB1fMyCc4rC6B7YWovE5IySfeA1tJ75XzAswbHVz6GZ1h6IH0kWyqgsl0SnB4ShP4GJFY5qLUmJA05m8%2B1Y%2BW205MLo"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 827958873eee5d8c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 loftloader.min.css
de8.com.br/wp-content/plugins/loftloader-pro/assets/css/ 70 KB
8 KB 21ms
18ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://de8.com.br/wp-content/plugins/loftloader-pro/assets/css/loftloader.min.css?ver=2022112801

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c9191eb92e1d928ebdd542fc9c073c8b8298191549c27f73468c500dcdf3e5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de8.com.br/invite-absa-gold-card/?utm_source=ActiveCampaign&utm_medium=email&utm_content=R+16200+is+your+new+absa+limit%21+%F0%9F%A5%B3&utm_campaign=JNi5-ID98_TB_e3_DEabsa_16%2F11_R
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 16:28:15 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 543918
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 01 Nov 2023 17:03:37 GMT
server: cloudflare
etag: W/"654284e9-1183e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XrZpmNNozMuD5PZOkI0CwhlL3j9b%2FbP1N6UHOswUuDGefIojJQ11fWicYBHkpQorWxodCr8I58vGeYrVujZLNMxbPObhi3JYvMad%2BsCyRga56TqOUOvP1XpOKYj%2F7fJGTfJvJkdntR0O"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 827958873ee55d8c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.min.css
de8.com.br/wp-includes/css/dist/block-library/ 107 KB
15 KB 29ms
27ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://de8.com.br/wp-includes/css/dist/block-library/style.min.css?ver=6.4.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de8.com.br/invite-absa-gold-card/?utm_source=ActiveCampaign&utm_medium=email&utm_content=R+16200+is+your+new+absa+limit%21+%F0%9F%A5%B3&utm_campaign=JNi5-ID98_TB_e3_DEabsa_16%2F11_R
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 16:28:15 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 182132
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 12 Nov 2023 03:09:47 GMT
server: cloudflare
etag: W/"655041fb-1add3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w4ek%2BZxO4hnfDy4uw88io%2Bw5vskqPk6Q36SefS26raiEVs%2B5ff%2Bt9RBRPTkIpnYjJb2HJnjm8BwVHW1KM4lrhkZXz%2B04cKtC7C6Y%2BRn0gEF9baG1aMDRx7vLZFI7P5Uae3DPJ03hnpPc"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 827958873ee75d8c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pagenavi-css.css
de8.com.br/wp-content/plugins/wp-pagenavi/ 374 B
532 B 21ms
19ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://de8.com.br/wp-content/plugins/wp-pagenavi/pagenavi-css.css?ver=2.70

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2711e9edc60964dcb5aada1bfa59c2d68d3d9dc1baf4a5ee058b4c1bd32c3eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de8.com.br/invite-absa-gold-card/?utm_source=ActiveCampaign&utm_medium=email&utm_content=R+16200+is+your+new+absa+limit%21+%F0%9F%A5%B3&utm_campaign=JNi5-ID98_TB_e3_DEabsa_16%2F11_R
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 16:28:15 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 163347
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 11 Nov 2023 23:45:52 GMT
server: cloudflare
etag: W/"65501230-176"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RAli7GJaix83GR1hJv%2BFknmRUxxa%2Bz9OE0HjMgv0BI4HqqmDkCdfJNTJ6pdgZt6ThAhUe6DmNoXBPpzoVn1KcoXzWd3oZlL1PQotxylFO7kNUQGVoaj68DcO2j9xz9r0RP9CEPn1aZtU"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 827958873eea5d8c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.min.css
de8.com.br/wp-content/themes/hello-elementor/ 6 KB
2 KB 22ms
20ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://de8.com.br/wp-content/themes/hello-elementor/style.min.css?ver=2.9.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c3c0ebe37e4fd4187131a0a8d039064a9014215c4b83199d909e7e0b2d7f450

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de8.com.br/invite-absa-gold-card/?utm_source=ActiveCampaign&utm_medium=email&utm_content=R+16200+is+your+new+absa+limit%21+%F0%9F%A5%B3&utm_campaign=JNi5-ID98_TB_e3_DEabsa_16%2F11_R
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 16:28:15 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 163347
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 12 Nov 2023 03:01:23 GMT
server: cloudflare
etag: W/"65504003-167c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=udXorWsh4agqn%2F4df2vrAHz14x2duxLXYPwgA%2FUSVKxcUIHyRs6oUXBC8qv5xqlMLqOT0QR96tNmGxV0lNQajO7sTZfBAnJ3NJ5%2Buuu47Sov5aDcR9IszeORcpwsQb1I6GEsU%2B6o4xeJ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 827958873eeb5d8c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 theme.min.css
de8.com.br/wp-content/themes/hello-elementor/ 12 KB
3 KB 21ms
20ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://de8.com.br/wp-content/themes/hello-elementor/theme.min.css?ver=2.9.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f9d3a91d5bbc09131900b7dc64ba4328bab03dc7221c5c2773397cb656bca18

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de8.com.br/invite-absa-gold-card/?utm_source=ActiveCampaign&utm_medium=email&utm_content=R+16200+is+your+new+absa+limit%21+%F0%9F%A5%B3&utm_campaign=JNi5-ID98_TB_e3_DEabsa_16%2F11_R
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 16:28:15 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 182134
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 12 Nov 2023 03:01:23 GMT
server: cloudflare
etag: W/"65504003-3097"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wbQIBZxyNLM9DLYb1jK9zFxHolwtnILLL1kVwxXZU7ol9FmuLXx0K20SXHCLthmQINGz10zfzvDq%2FVLmSwka5Zb2LgFBpdhrDnuU59ydwOOdEGCoc4DQz6rlPGuFXdK4K2EfItE%2BXhUv"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 827958873eec5d8c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 261 KB
89 KB 57ms
24ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1FXB7HTS7V

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5561dd68db23d5ee4f44162a1ae159eb10d02083271d6b33ae225791f42ef922

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de8.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 16:28:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90720
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 17 Nov 2023 16:28:15 GMT

GET
H2 200 as_de8.js Show response
cdn.cloud.adseleto.com/ 696 B
1 KB 1283ms
1244ms Script
application/javascript 34.36.196.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cloud.adseleto.com/as_de8.js
Requested by: Host: de8.com.br
URL: https://de8.com.br/invite-absa-gold-card/?utm_source=ActiveCampaign&utm_medium=email&utm_content=R+16200+is+your+new+absa+limit%21+%F0%9F%A5%B3&utm_campaign=JNi5-ID98_TB_e3_DEabsa_16%2F11_R
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.36.196.101 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.196.36.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f92ffa5278ace8b3ab991309beb0663c12a27889dc3b674ca420a3f8f1bfec01

Request headers

Referer: https://de8.com.br/
Origin: https://de8.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 16:28:16 GMT
x-guploader-uploadid: ABPtcPoqslyA0Yo15kR4iEKw-8QyorjN_8JY19KBavOMLX0T0MFy0ccuwYXULAAg_d2aFVMo-Nk
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 696
last-modified: Fri, 17 Nov 2023 13:41:18 GMT
server: UploadServer
etag: "e48b8b743906d4a4d7ff1a1ab7dd42fa"
x-goog-generation: 1700228478621593
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=YnlAvQ==, md5=5IuLdDkG1KTX/xoat91C+g==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=3600
x-goog-stored-content-length: 696
accept-ranges: bytes

GET
H2 200 nicepage.css
cdn.de8.com.br/p2-card/ 1 MB
108 KB 201ms
29ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.de8.com.br/p2-card/nicepage.css?v=1233234

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ebf98859d8ed94257e8c151cfec740a348f3011e2b582752a1a2cf237fa03c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de8.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 16:28:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 812095
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 19 Apr 2023 05:56:41 GMT
server: cloudflare
etag: W/"643f8299-1618b5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WrhJ0ZUWu8kImOohTWjt3tJbHi2qLuqXk24O3%2F8UW9IBGDYV9Cm2tGnnWcLUYalfh%2B%2FjmJJxE8EVmbey%2BgEyn5DDC2qEgw2mDRzMbNn1qV%2FBDIXZZrDoR2dNsAOu%2FtRFmiCmRtRSPCh1vRjxPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 8279588848295d8c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 home-app.css
cdn.de8.com.br/p2-card/ 9 KB
2 KB 191ms
19ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.de8.com.br/p2-card/home-app.css?v=1333

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87da15ffe4c4ddf8581169b47faed836addcb49669b8292ef4bae95d697e06a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de8.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 16:28:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 159086
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 19 Apr 2023 05:56:41 GMT
server: cloudflare
etag: W/"643f8299-224b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QUcjcLc2gfXYWEzbnEeMm3g9yYfHy0n1Jtk%2FU3nWlb0OFkOEGhMCJDFaYIpI3XlTFfi462kU%2F79gCdbRWZWBCy6pyJ%2BgzQFHHn60TP%2FbrapZtCSYXCUX48nke2SMF7U6wD8IszlT3nuvtlR38A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 82795888482c5d8c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-3.6.3.min.js Show response
code.jquery.com/ 88 KB
31 KB 82ms
28ms Script
application/javascript 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.3.min.js
Requested by: Host: de8.com.br
URL: https://de8.com.br/invite-absa-gold-card/?utm_source=ActiveCampaign&utm_medium=email&utm_content=R+16200+is+your+new+absa+limit%21+%F0%9F%A5%B3&utm_campaign=JNi5-ID98_TB_e3_DEabsa_16%2F11_R
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

Request headers

Referer: https://de8.com.br/
Origin: https://de8.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 16:28:15 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 3178825
x-cache: HIT, HIT
content-length: 31046
x-served-by: cache-lga13623-LGA, cache-fra-eddf8230040-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1700238496.958439,VS0,VE0
etag: W/"28feccc0-15f5b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 3, 101637

GET
H2 200 nicepage.js Show response
cdn.de8.com.br/p2-card/ 291 KB
89 KB 182ms
45ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.de8.com.br/p2-card/nicepage.js?v=1333

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d46421a072e5578f941d11f129e4e3d21293ee6eb7be07552dbc01564cdf0092

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de8.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 16:28:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 159085
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 19 Apr 2023 05:56:41 GMT
server: cloudflare
etag: W/"643f8299-48a90"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WDyvErjMSj8t%2BEhmr8j52CMoLDuLK3PCBCI9N0XJpDJv%2B459kAv2n3bduyVqv5rZY0JupClNKhCIRnigyumBljFdHSv%2FPK7JMdoNLVxrbggjb4WD9Sf51XGQZKfJL87XJb0jyJsBzb9zuBRF4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 82795888482e5d8c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 bce3ef53-design-sem-nome-25-1-442x332-1.png
de8.com.br/wp-content/uploads/2023/05/ 102 KB
103 KB 897ms
895ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://de8.com.br/wp-content/uploads/2023/05/bce3ef53-design-sem-nome-25-1-442x332-1.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c6835d7f6030101735d0968d5362627c373d1bd11a5e0c9d561da87f59d33c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de8.com.br/invite-absa-gold-card/?utm_source=ActiveCampaign&utm_medium=email&utm_content=R+16200+is+your+new+absa+limit%21+%F0%9F%A5%B3&utm_campaign=JNi5-ID98_TB_e3_DEabsa_16%2F11_R
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 16:28:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 104852
last-modified: Tue, 02 May 2023 01:32:08 GMT
server: cloudflare
etag: "64506818-19994"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=21qGeeC7kBbAdEtqvcX%2B1C7S8TqrCZmFGQnN37ugZ0FFAJciyvl4ezqULYFXfqbsjp8zpUGrugTvIzCZzvhLWjBoUnAZFvaAPSz4kdr3Y%2B%2F0XHuiln9qxvzkMG2wpAJqEIIT4hmdoLTF"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 827958877934b7a0-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 stats.js Show response
analytics.spun.com.br/ 6 KB
2 KB 73ms
24ms Script
application/javascript 2606:4700:e6::ac40:c70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.spun.com.br/stats.js?v=3.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e6::ac40:c70b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fad6aa0e88445e4500549a704cd44f63beddbf73b6c096fd0163986bd741907

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de8.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 16:28:15 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3021
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 23 Sep 2023 19:48:04 GMT
server: cloudflare
etag: W/"650f40f4-17ce"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e0LfvqVoujxTgi4MsAo%2FpVu7vybjEBQdGXbLP%2FQjAiO0D6KZMiNzrdD6x9%2F4F%2BB4RAbSf7LtmTDCnTccCBlwRKWKie60w867v2PFXX5YEieLNvTf6hhu%2FSAJU34fF0nYd0DvEjq8siXl%2BDXLFAogXNm67iQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 82795887bcf3690d-FRA

GET
H2 200 firebase.js Show response
www.gstatic.com/firebasejs/8.10.1/ 875 KB
252 KB 46ms
12ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.10.1/firebase.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bccad1b7bad6e60365f8cea0e26ed1ec535b295658acec12be669d7eb4999a78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de8.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 12:08:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 534002
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 257236
x-xss-protection: 0
last-modified: Fri, 28 Jan 2022 20:19:12 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 10 Nov 2024 12:08:13 GMT

GET
H2 200 push-131.js Show response
push.spun.com.br/ 7 KB
3 KB 112ms
22ms Script
application/javascript 2606:4700:e6::ac40:c60b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://push.spun.com.br/push-131.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e6::ac40:c60b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.33

Resource Hash

96ba58abe9f562546a030f3709a03c6c62347a9b41ae69f66ec471ceb7a2860c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de8.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 16:28:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3793
x-powered-by: PHP/7.4.33
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 17 Nov 2023 15:25:03 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f99%2BjmxKBP9RU0eUtBqQguiwgtbx8zZ02c%2B95Pv3y%2FhCJ9nLFjHzyEIp9MylP9sNWDTKw7U3EoopMFXj6iXkyFPaLZHX1688pfxP85pXkYhz2%2FxE0rLnTwT447ku1e%2Bmsz4QPrSz7KZtWS4RelHl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 82795887f92099ab-CDG

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 186 KB
68 KB 54ms
23ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-225565835-6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

409fb2991641ebdd8fbb8aee5b38943fb3d9c44d9e2e3d3b27a72b78f34f5b06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de8.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 16:28:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68760
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 17 Nov 2023 16:28:15 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 194 KB
71 KB 65ms
34ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10803691071

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0e917513727e1a99af591d808995c110e4bee462c3d41b9cdc9af1247bc91f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de8.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 16:28:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72312
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 17 Nov 2023 16:28:15 GMT

GET
H3 200 jquery.min.js Show response
de8.com.br/wp-includes/js/jquery/ 86 KB
31 KB 49ms
45ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://de8.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de8.com.br/invite-absa-gold-card/?utm_source=ActiveCampaign&utm_medium=email&utm_content=R+16200+is+your+new+absa+limit%21+%F0%9F%A5%B3&utm_campaign=JNi5-ID98_TB_e3_DEabsa_16%2F11_R
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 16:28:15 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 306894
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 12 Nov 2023 03:09:49 GMT
server: cloudflare
etag: W/"655041fd-15601"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ud6jRsSF1B02qOjxHgzXZeDM5RW7nC2prl3imLCAhS%2BD264fgCuozgf2LDXqs3GIlAfyogQL8EyYS1jmAyuWvrHT0pHLjoWKyWFD0tBW1M8FzL5TFL2TwmHbZshGalXEPBBnQ%2FbSSwhu"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 827958877935b7a0-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 jquery-migrate.min.js Show response
de8.com.br/wp-includes/js/jquery/ 13 KB
5 KB 31ms
27ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://de8.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de8.com.br/invite-absa-gold-card/?utm_source=ActiveCampaign&utm_medium=email&utm_content=R+16200+is+your+new+absa+limit%21+%F0%9F%A5%B3&utm_campaign=JNi5-ID98_TB_e3_DEabsa_16%2F11_R
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 16:28:15 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 380089
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 12 Nov 2023 03:09:49 GMT
server: cloudflare
etag: W/"655041fd-3509"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZUK%2BfUFCoPHXbSmqn56Q2m8wR53ZoYM5BVMhx3CWVSCqFMv1DpirnVozv5YxJ5VR1uhkC13WbaNj%2F%2BNQNLvr16yA5FIg6uW%2BxmwGNlyc%2Bo2PlMmvzvybo7djAKvlI%2F0imnkL9OzjZlV6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 827958877937b7a0-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 jquery.waitformedias.min.js Show response
de8.com.br/wp-content/plugins/loftloader-pro/assets/js/ 4 KB
2 KB 82ms
79ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://de8.com.br/wp-content/plugins/loftloader-pro/assets/js/jquery.waitformedias.min.js?ver=2022112801

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73dd589de1dcdaf44b319dae77c4f0ff2ce7c987285c1c92da85582b7a8c116c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de8.com.br/invite-absa-gold-card/?utm_source=ActiveCampaign&utm_medium=email&utm_content=R+16200+is+your+new+absa+limit%21+%F0%9F%A5%B3&utm_campaign=JNi5-ID98_TB_e3_DEabsa_16%2F11_R
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 16:28:15 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 380089
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 01 Nov 2023 17:03:37 GMT
server: cloudflare
etag: W/"654284e9-117d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bmN7zZOUbUq0R55uZcLe8oy27bjto9Q7s8LBFtM0M0cYRVQYb4K%2FqfLYO5aatFN0PKAnMdbFWhXpfBabFNsT%2Blejm%2BD%2FvdxBuFj6STWVOGZFXF0VGp%2Fva2jEwvo4lgXErrR3IVFHtSY4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 827958877938b7a0-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 loftloader.js Show response
de8.com.br/wp-content/plugins/loftloader-pro/assets/js/ 25 KB
7 KB 31ms
28ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://de8.com.br/wp-content/plugins/loftloader-pro/assets/js/loftloader.js?ver=2022112801

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb40432759e5c69f92b318f36f687745f0dc549113ddcad1b87d71550d9c8779

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de8.com.br/invite-absa-gold-card/?utm_source=ActiveCampaign&utm_medium=email&utm_content=R+16200+is+your+new+absa+limit%21+%F0%9F%A5%B3&utm_campaign=JNi5-ID98_TB_e3_DEabsa_16%2F11_R
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 16:28:15 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 380089
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 01 Nov 2023 17:03:37 GMT
server: cloudflare
etag: W/"654284e9-6579"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8LKb09MAslPi16a8Nj4cZfx71948bPiEa9L1jxHZ303iQ4z2oQ9AUxLgj%2FX2W%2BXxYw3sVffMaXg5Uxcm14vKq%2F9f416PX47Cs4%2Ft3W5W7aR2TiMDFz9CvLa32IuQIBIAFFVqEORltK4f"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 82795887793ab7a0-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
BLOB 200
OK 1de43dee-b3ed-45c4-bdb0-c709fade016b
https://de8.com.br/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://de8.com.br/1de43dee-b3ed-45c4-bdb0-c709fade016b
Requested by: Host: de8.com.br
URL: https://de8.com.br/invite-absa-gold-card/?utm_source=ActiveCampaign&utm_medium=email&utm_content=R+16200+is+your+new+absa+limit%21+%F0%9F%A5%B3&utm_campaign=JNi5-ID98_TB_e3_DEabsa_16%2F11_R
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 72ms
9ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de8.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 17 Nov 2023 16:28:15 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: k7HYNBs8xvf+SnrPzqxJ5fwvYpeccYRJkloVVhx5qxyTzAA5HGsCbxZOfTI0NK41yG4YlhAKqWOg4ABxEjurKg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 186 KB
67 KB 25ms
24ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-225565835-6&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1FXB7HTS7V

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fe9a906b4e9b45d9c507304d1586e617cecec741f3cd34d2a15627b319a4e659

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de8.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 16:28:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68854
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 17 Nov 2023 16:28:16 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
250 B 49ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-1FXB7HTS7V&gtm=45je3b81v882880514&_p=1700238495898&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&gdid=dZTNiMT&cid=1453188784.1700238496&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1700238496&sct=1&seg=0&dl=https%3A%2F%2Fde8.com.br%2Finvite-absa-gold-card%2F%3Futm_source%3DActiveCampaign%26utm_medium%3Demail%26utm_content%3DR%2B16200%2Bis%2Byour%2Bnew%2Babsa%2Blimit%2521%2B%25F0%259F%25A5%25B3%26utm_campaign%3DJNi5-ID98_TB_e3_DEabsa_16%252F11_R&dt=Invite%20ABSA%20Gold%20Card%20-%20De8&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=5506
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1FXB7HTS7V
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de8.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 16:28:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://de8.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1190333645097869 Show response
connect.facebook.net/signals/config/ 139 KB
36 KB 149ms
146ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1190333645097869?v=2.9.138&r=stable&domain=de8.com.br

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0ed4fdcbc2e13855995c8156b660e53c6b15ede976a9d04258ec28a7283cb792

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de8.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 17 Nov 2023 16:28:16 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: KpkF3hHu60P8x1aPa2jX4UdZFNyN0bwht9/iC8V5uQvq7xoi9NTZgSfSsourjQeGwCYyw11kYEkLPVYMh7p4xA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 60ms
31ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-225565835-6&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de8.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 17 Nov 2023 15:16:44 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4292
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 17 Nov 2023 17:16:44 GMT

POST
H3 200 / Show response
analytics.spun.com.br/site-stats/ 0
547 B 78ms
46ms XHR
text/html 2606:4700:e6::ac40:c70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.spun.com.br/site-stats/

Requested by

Host: analytics.spun.com.br
URL: https://analytics.spun.com.br/stats.js?v=3.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:e6::ac40:c70b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.33

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://de8.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarydN0BmYxVoLJZbAGi

Response headers

date: Fri, 17 Nov 2023 16:28:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vb3DjX36NI%2BDKxKybq0NzbkvAC9t1J6ub79bWf1WcvJIdDZXqa48ndS4Z43dTWCrR69H6lkNDauXZq28tbAisGWOX1qsuAtyLIXUzvaLcdg6g3Nkazr3%2BuSALHrn2SP3F1C3RBraCcqwdsbntY7J6MHsQv4%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: text/html; charset=UTF-8
cf-ray: 8279588a1e709238-FRA
alt-svc: h3=":443"; ma=86400

POST
H3 200 / Show response
analytics.spun.com.br/site-pageview/ 5 B
522 B 75ms
47ms XHR
text/html 2606:4700:e6::ac40:c70b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.spun.com.br/site-pageview/

Requested by

Host: analytics.spun.com.br
URL: https://analytics.spun.com.br/stats.js?v=3.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:e6::ac40:c70b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.33

Resource Hash

8137cf1870430460999ec4cc7e954e08a00d126721af5d6954c4b8bba59e5754

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://de8.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarykOnVtSi4DviPX3R6

Response headers

date: Fri, 17 Nov 2023 16:28:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oxvlHWlaUEStWGTxLaehROshRHvmvarwIdRcg9fzBkY%2BxKtx1Wt7O%2F14xuz9sfMfm7gGPxo2Y4CfP88vHfL8N%2BIGUMrP9zobiEQ%2Fjdw2VQAID5U%2BL2X5EKvBH4KSEjycFf2KEQYzafUytMS0aLEDRaYV8AY%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: text/html; charset=UTF-8
cf-ray: 8279588a1e6f9238-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 138 KB
52 KB 27ms
27ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K8332CC

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

07b87cc400c30ccb5b2cd2c7ca00b42a6f90b2301a7fcc7c8387573b86c8ad04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de8.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 16:28:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53591
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 17 Nov 2023 16:28:16 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 194 KB
71 KB 31ms
31ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10803691071&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1FXB7HTS7V

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

46ef045855340b8e15200c249c6f34fef13dcb329674934feb996494d0e92faf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de8.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 16:28:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72322
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 17 Nov 2023 16:28:16 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10803691071/ 3 KB
2 KB 54ms
21ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10803691071/?random=1700238496396&cv=11&fst=1700238496396&bg=ffffff&guid=ON&async=1&gtm=45be3b81&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fde8.com.br%2Finvite-absa-gold-card%2F%3Futm_source%3DActiveCampaign%26utm_medium%3Demail%26utm_content%3DR%2B16200%2Bis%2Byour%2Bnew%2Babsa%2Blimit%2521%2B%25F0%259F%25A5%25B3%26utm_campaign%3DJNi5-ID98_TB_e3_DEabsa_16%252F11_R&hn=www.googleadservices.com&frm=0&tiba=Invite%20ABSA%20Gold%20Card%20-%20De8&did=dZTNiMT&gdid=dZTNiMT&auid=282065360.1700238496&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10803691071

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3451e76c3040ea56ebe4b7760093c1abae1be4287cbf7ac6412e174ae2c32668

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de8.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 16:28:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1408
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
140 B 18ms
16ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1452842321&t=pageview&_s=1&dl=https%3A%2F%2Fde8.com.br%2Finvite-absa-gold-card%2F%3Futm_source%3DActiveCampaign%26utm_medium%3Demail%26utm_content%3DR%2B16200%2Bis%2Byour%2Bnew%2Babsa%2Blimit%2521%2B%25F0%259F%25A5%25B3%26utm_campaign%3DJNi5-ID98_TB_e3_DEabsa_16%252F11_R&ul=en-us&de=UTF-8&dt=Invite%20ABSA%20Gold%20Card%20-%20De8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAACAAI~&jid=18797170&gjid=1443737090&cid=1453188784.1700238496&tid=UA-225565835-6&_gid=1679476946.1700238496&_r=1&gtm=457e3b81z8882880514&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=394810679

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://de8.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 16:28:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://de8.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 8ms
7ms Image
image/gif 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1452842321&t=pageview&_s=2&dl=https%3A%2F%2Fde8.com.br%2Finvite-absa-gold-card%2F%3Futm_source%3DActiveCampaign%26utm_medium%3Demail%26utm_content%3DR%2B16200%2Bis%2Byour%2Bnew%2Babsa%2Blimit%2521%2B%25F0%259F%25A5%25B3%26utm_campaign%3DJNi5-ID98_TB_e3_DEabsa_16%252F11_R&ul=en-us&de=UTF-8&dt=Invite%20ABSA%20Gold%20Card%20-%20De8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAACAAI~&jid=&gjid=&cid=1453188784.1700238496&tid=UA-225565835-6&_gid=1679476946.1700238496&gtm=457e3b81&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&did=dZTNiMT&gdid=dZTNiMT&z=1120039868

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de8.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 07:11:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 33400
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 48ms
8ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1190333645097869&ev=PageView&dl=https%3A%2F%2Fde8.com.br%2Finvite-absa-gold-card%2F%3Futm_source%3DActiveCampaign%26utm_medium%3Demail%26utm_content%3DR%2B16200%2Bis%2Byour%2Bnew%2Babsa%2Blimit%2521%2B%25F0%259F%25A5%25B3%26utm_campaign%3DJNi5-ID98_TB_e3_DEabsa_16%252F11_R&rl=&if=false&ts=1700238496448&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.2.1700238496444.1061181710&cs_est=true&ler=empty&it=1700238496095&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de8.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 17 Nov 2023 16:28:16 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/10803691071/ 42 B
455 B 61ms
20ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10803691071/?random=1700238496396&cv=11&fst=1700236800000&bg=ffffff&guid=ON&async=1&gtm=45be3b81&u_w=1600&u_h=1200&url=https%3A%2F%2Fde8.com.br%2Finvite-absa-gold-card%2F%3Futm_source%3DActiveCampaign%26utm_medium%3Demail%26utm_content%3DR%2B16200%2Bis%2Byour%2Bnew%2Babsa%2Blimit%2521%2B%25F0%259F%25A5%25B3%26utm_campaign%3DJNi5-ID98_TB_e3_DEabsa_16%252F11_R&frm=0&tiba=Invite%20ABSA%20Gold%20Card%20-%20De8&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNMYz1gyFfBvXYsLbZ3O8omNHjkwcDWQ&random=1121003163&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de8.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 16:28:16 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/10803691071/ 42 B
455 B 58ms
29ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10803691071/?random=1700238496396&cv=11&fst=1700236800000&bg=ffffff&guid=ON&async=1&gtm=45be3b81&u_w=1600&u_h=1200&url=https%3A%2F%2Fde8.com.br%2Finvite-absa-gold-card%2F%3Futm_source%3DActiveCampaign%26utm_medium%3Demail%26utm_content%3DR%2B16200%2Bis%2Byour%2Bnew%2Babsa%2Blimit%2521%2B%25F0%259F%25A5%25B3%26utm_campaign%3DJNi5-ID98_TB_e3_DEabsa_16%252F11_R&frm=0&tiba=Invite%20ABSA%20Gold%20Card%20-%20De8&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNMYz1gyFfBvXYsLbZ3O8omNHjkwcDWQ&random=1121003163&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de8.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 16:28:16 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adseleto-wrapper.min.js Show response
cdn.cloud.adseleto.com/ 38 KB
38 KB 10ms
9ms Script
application/javascript 34.36.196.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cloud.adseleto.com/adseleto-wrapper.min.js
Requested by: Host: de8.com.br
URL: https://de8.com.br/invite-absa-gold-card/?utm_source=ActiveCampaign&utm_medium=email&utm_content=R+16200+is+your+new+absa+limit%21+%F0%9F%A5%B3&utm_campaign=JNi5-ID98_TB_e3_DEabsa_16%2F11_R
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.36.196.101 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.196.36.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 93683bb035f3cd30dbd965fddbdfea81ddd0472d6478d58d70ceaeedfb1c117f

Request headers

Referer: https://cdn.cloud.adseleto.com/as_de8.js
Origin: https://de8.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 16:12:14 GMT
age: 963
x-guploader-uploadid: ABPtcPqbkYxSh--McvIPxqvVeroxuFHPRmPl9NqnF-2kYvuA7deR_OidZHNiAmrsWQ3b0W2DV9Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38681
last-modified: Fri, 17 Nov 2023 13:55:14 GMT
server: UploadServer
etag: "fedbe5be88b3cdd417be3b303b9a8ef0"
x-goog-generation: 1700229314853713
x-goog-hash: crc32c=dRYyvg==, md5=/tvlvoizzdQXvjswO5qO8A==
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=3600
x-goog-stored-content-length: 38681
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 100 KB
31 KB 133ms
92ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.cloud.adseleto.com
URL: https://cdn.cloud.adseleto.com/adseleto-wrapper.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f6fa554cd3118ecd6548b18c26242b00417fa84be7ed6cf87760b7a46e81375

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de8.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 16:28:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31395
x-xss-protection: 0
server: cafe
etag: 106 / 19678 / 31079657 / config-hash: 16204867678510254442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 17 Nov 2023 16:28:17 GMT

GET
H3 200 as_de8.json Show response
cdn.cloud.adseleto.com/pr/ 7 KB
7 KB 636ms
635ms Fetch
application/json 34.36.196.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cloud.adseleto.com/pr/as_de8.json
Requested by: Host: cdn.cloud.adseleto.com
URL: https://cdn.cloud.adseleto.com/adseleto-wrapper.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.36.196.101 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.196.36.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 768545bbf0e0b1c26148cc91df029eab9ff8adc0c827b1b09354d12f3ab91783

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de8.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 16:28:17 GMT
x-guploader-uploadid: ABPtcPpz-J0MAeiJNZwARus30fudJduA0Npp-pTsupHZMpU8dYyZZU-xm0P3WVILYtB4LNl2ixFv2mLQ5Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7276
last-modified: Fri, 17 Nov 2023 13:41:19 GMT
server: UploadServer
etag: "d44ff05f62781055704631416a2af186"
x-goog-generation: 1700228479543746
content-type: application/json
access-control-allow-origin: *
x-goog-hash: crc32c=Lgkqtg==, md5=1E/wX2J4EFVwRjFBairxhg==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=3600
x-goog-stored-content-length: 7276
accept-ranges: bytes

GET
H3 200 wp-emoji-release.min.js Show response
de8.com.br/wp-includes/js/ 18 KB
5 KB 24ms
23ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://de8.com.br/wp-includes/js/wp-emoji-release.min.js?ver=6.4.1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de8.com.br/invite-absa-gold-card/?utm_source=ActiveCampaign&utm_medium=email&utm_content=R+16200+is+your+new+absa+limit%21+%F0%9F%A5%B3&utm_campaign=JNi5-ID98_TB_e3_DEabsa_16%2F11_R
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 16:28:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 381173
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 12 Nov 2023 03:09:49 GMT
server: cloudflare
etag: W/"655041fd-4904"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LOdxAw5kmgkDQENRx2bsqewNuTae%2F8NFQ5jfYP3nK6cnOLzQA4jqguZRxHhqeM2qsvizXRD2afj2HckP9jrn%2FI46CnwF2UWLu%2BN7AicV8jCp%2FA2zXhnZGEdT7F%2Bvcx74dyD0Bq3oh%2BwO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 8279588f892fb7a0-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ 429 KB
135 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de8.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 17:37:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82268
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137535
x-xss-protection: 0
server: cafe
etag: 18342593356503948095
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 15 Nov 2024 17:37:09 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 185 KB
51 KB 469ms
468ms Fetch
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2942571423487489&correlator=455275146233590&eid=31079666%2C31079674%2C31079657%2C31079527&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&iu_parts=22705810042%2Cas_de8_desk_interstitial&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1700238497842&lmt=1700238497&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fde8.com.br%2Finvite-absa-gold-card%2F%3Futm_source%3DActiveCampaign%26utm_medium%3Demail%26utm_content%3DR%2B16200%2Bis%2Byour%2Bnew%2Babsa%2Blimit%2521%2B%25F0%259F%25A5%25B3%26utm_campaign%3DJNi5-ID98_TB_e3_DEabsa_16%252F11_R&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1453188784.1700238496&ga_sid=1700238498&ga_hid=1452842321&ga_fc=true&dlt=1700238495861&idt=1506&prev_scp=adseleto_price_floor%3D4.00&cust_params=utm_source%3Dactivecampaign%26utm_campaign%3DJNi5-ID98_TB_e3_DEabsa_16%252F11_R%26utm_medium%3Demail%26utm_content%3DR%252016200%2520is%2520your%2520new%2520absa%2520limit!%2520%25F0%259F%25A5%25B3&adks=3457155616&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

363d2b4410199c5b01cc8edf4d2486019aa3eeb838a72548d387b1d7e4355c31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de8.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 16:28:18 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52576
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://de8.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 98ms
60ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311090101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba10ffe2fc5b2b778d445e36a45cc17bcd106bdd8b93943eb82fa3e503b91c82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de8.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 16:28:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12245
x-xss-protection: 0

GET
H2 200 container.html Show response
b2508c89406ab1dbc02d9da2cafeb1e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F970 6 KB
3 KB 109ms
43ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b2508c89406ab1dbc02d9da2cafeb1e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://de8.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 16:28:17 GMT
expires: Sat, 16 Nov 2024 16:28:17 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ 39 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl_page_level_ads.js?cb=31079657

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e329117bbdc12ee0649ed6654138a9ba8e600eaddf9138752631a50d236d135a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de8.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 17:37:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82261
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13750
x-xss-protection: 0
server: cafe
etag: 15254217830347453119
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 15 Nov 2024 17:37:16 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 95ms
63ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de8.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 16:28:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 17 Nov 2023 16:28:18 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6E62 13 KB
5 KB 9ms
7ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://de8.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5494
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 14:56:44 GMT
expires: Sat, 16 Nov 2024 14:56:44 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5CE9 829 B
981 B 24ms
22ms Document
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

efa42d3eeb3a42263bbb178af61b7d2c4739815aa421559d63f223363f1efc73

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lJ9FoB2hu2_kJCfbDaO-mA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://de8.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-lJ9FoB2hu2_kJCfbDaO-mA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 16:28:18 GMT
expires: Fri, 17 Nov 2023 16:28:18 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 6E62 39 KB
15 KB 24ms
9ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 09:24:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25406
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 09:24:52 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5CE9 0
0 47ms
42ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311090101&jk=2942571423487489&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6E62 0
10 B 12ms
7ms Image
text/plain 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?J3aFSQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 16:28:18 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 container.html Show response
b2508c89406ab1dbc02d9da2cafeb1e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DE17 6 KB
3 KB 12ms
10ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b2508c89406ab1dbc02d9da2cafeb1e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://de8.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 16:28:17 GMT
expires: Sat, 16 Nov 2024 16:28:17 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame DE17 4 KB
1 KB 51ms
25ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: b2508c89406ab1dbc02d9da2cafeb1e2.safeframe.googlesyndication.com
URL: https://b2508c89406ab1dbc02d9da2cafeb1e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b2508c89406ab1dbc02d9da2cafeb1e2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 17 Nov 2023 16:28:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 15:42:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Nov 2023 16:28:18 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 69E8 6 KB
779 B 42ms
28ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b2508c89406ab1dbc02d9da2cafeb1e2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 17 Nov 2023 16:28:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 15:46:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Nov 2023 16:28:18 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 69E8 2 KB
822 B 10ms
10ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b2508c89406ab1dbc02d9da2cafeb1e2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 09:24:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25409
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 09:24:49 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 69E8 23 KB
9 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b2508c89406ab1dbc02d9da2cafeb1e2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 09:24:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25409
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 09:24:49 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 69E8 3 KB
1 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b2508c89406ab1dbc02d9da2cafeb1e2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:28:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7164
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 14:28:54 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 776E 1 KB
643 B 25ms
24ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b2508c89406ab1dbc02d9da2cafeb1e2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 25383
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 09:25:15 GMT
etag: 48472445140208031
expires: Sat, 18 Nov 2023 09:25:15 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 69E8 20 KB
8 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b2508c89406ab1dbc02d9da2cafeb1e2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 09:24:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25410
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 09:24:48 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 69E8 0
0 32ms
30ms Image
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTJy5rwq8trhhoo724dFO44RzkeuOXl--0YgxcA8SOki9EGLtbujb4J8ouYXw8JbhXLM5SPj5TZGyghj9Jn5jJTR2Sl4A
Requested by: Host: de8.com.br
URL: https://de8.com.br/invite-absa-gold-card/?utm_source=ActiveCampaign&utm_medium=email&utm_content=R+16200+is+your+new+absa+limit%21+%F0%9F%A5%B3&utm_campaign=JNi5-ID98_TB_e3_DEabsa_16%2F11_R
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b2508c89406ab1dbc02d9da2cafeb1e2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 69E8 203 KB
64 KB 120ms
61ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b2508c89406ab1dbc02d9da2cafeb1e2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 16:28:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 16:28:18 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 69E8 37 KB
15 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b2508c89406ab1dbc02d9da2cafeb1e2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:47:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 304838
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 13:20:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 12 Feb 2024 03:47:40 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame DE17 21 KB
9 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: b2508c89406ab1dbc02d9da2cafeb1e2.safeframe.googlesyndication.com
URL: https://b2508c89406ab1dbc02d9da2cafeb1e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b2508c89406ab1dbc02d9da2cafeb1e2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 17:53:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81310
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8781
x-xss-protection: 0
server: cafe
etag: 9666818975682992898
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 17:53:08 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame DE17 205 B
500 B 18ms
14ms Image
image/png 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: b2508c89406ab1dbc02d9da2cafeb1e2.safeframe.googlesyndication.com
URL: https://b2508c89406ab1dbc02d9da2cafeb1e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b2508c89406ab1dbc02d9da2cafeb1e2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 13:09:15 GMT
x-content-type-options: nosniff
age: 11943
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 16 Nov 2024 13:09:15 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame DE17 604 B
697 B 19ms
15ms Image
image/png 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: b2508c89406ab1dbc02d9da2cafeb1e2.safeframe.googlesyndication.com
URL: https://b2508c89406ab1dbc02d9da2cafeb1e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b2508c89406ab1dbc02d9da2cafeb1e2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 21:53:46 GMT
x-content-type-options: nosniff
age: 153272
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 14 Nov 2024 21:53:46 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 776E
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEPFX1tHORufEF-zcRk76kis&google_cver=1&google_push=AXcoOmTgyHmJ0Ki4H5GeZZowQMWqKFgMJ3rG_kCLOeBu2_o4De22pGHNA8nHvDWKyzBpVGJ24t8-PQZfQYs3v6rS...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=keyUcMXORckTtsZ1GZ3jUQ&google_push=AXcoOmTgyHmJ0Ki4H5GeZZowQMWqKFgMJ3rG_kCLOeBu2_o4De22pGHNA8nHvDWKyzBpVGJ24t8-PQZfQYs3v6rS17_4gBDJCvrB

170 B
329 B

22ms
21ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=keyUcMXORckTtsZ1GZ3jUQ&google_push=AXcoOmTgyHmJ0Ki4H5GeZZowQMWqKFgMJ3rG_kCLOeBu2_o4De22pGHNA8nHvDWKyzBpVGJ24t8-PQZfQYs3v6rS17_4gBDJCvrB

Requested by

Host: b2508c89406ab1dbc02d9da2cafeb1e2.safeframe.googlesyndication.com
URL: https://b2508c89406ab1dbc02d9da2cafeb1e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 16:28:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 17 Nov 2023 16:28:18 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=keyUcMXORckTtsZ1GZ3jUQ&google_push=AXcoOmTgyHmJ0Ki4H5GeZZowQMWqKFgMJ3rG_kCLOeBu2_o4De22pGHNA8nHvDWKyzBpVGJ24t8-PQZfQYs3v6rS17_4gBDJCvrB
x-host: tde-deliveryengine-production-bb588bf9-tprqp
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 776E
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENLmnFsRuw-3dthEoOa2lys&google_cver=1&google_push=AXcoOmQzmc2tu-yanF3ZD-AAovOBkl5S2D59qfl_FBcyj6AkGzMQGLlLR_SgvxAuXOyA30_J0U4V1dlf...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESENLmnFsRuw-3dthEoOa2lys&google_cver=1&google_push=AXcoOmQzmc2tu-yanF3ZD-AAovOBkl5S2D59qfl_FBcyj6AkGzMQGLlLR_SgvxAuXOyA30_J0U4...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTgzMDY5Mjk0NDQxNjQ0MjI5Ng&google_push=AXcoOmQzmc2tu-yanF3ZD-AAovOBkl5S2D59qfl_FBcyj6AkGzMQGLlLR_SgvxAuXOyA30_J0U4V1d...

170 B
232 B

18ms
17ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTgzMDY5Mjk0NDQxNjQ0MjI5Ng&google_push=AXcoOmQzmc2tu-yanF3ZD-AAovOBkl5S2D59qfl_FBcyj6AkGzMQGLlLR_SgvxAuXOyA30_J0U4V1dlfWt_5N5R4SJExQTguugigWw

Requested by

Host: b2508c89406ab1dbc02d9da2cafeb1e2.safeframe.googlesyndication.com
URL: https://b2508c89406ab1dbc02d9da2cafeb1e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 16:28:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 16:28:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTgzMDY5Mjk0NDQxNjQ0MjI5Ng&google_push=AXcoOmQzmc2tu-yanF3ZD-AAovOBkl5S2D59qfl_FBcyj6AkGzMQGLlLR_SgvxAuXOyA30_J0U4V1dlfWt_5N5R4SJExQTguugigWw
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 776E
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEEEFnKfg30CQaucZUG6ZrbY&google_cver=1&google_push=AXcoOmQzdwKPu9Xccene9xy4AF8ix_NKb5DyTsj5pYkJCrFGYGisg2Bl6KvBc8NBi4bowayDPi4jN2dUJgN6fA9ayEj07kH...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEEEFnKfg30CQaucZUG6ZrbY&google_cver=1&google_push=AXcoOmQzdwKPu9Xccene9xy4AF8ix_NKb5DyTsj5pYkJCrFGYGisg2Bl6KvBc8NBi4bowayDPi4jN2dUJgN6fA9ayEj07...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQzdwKPu9Xccene9xy4AF8ix_NKb5DyTsj5pYkJCrFGYGisg2Bl6KvBc8NBi4bowayDPi4jN2dUJgN6fA9ayEj07kHhStPDpQ

170 B
188 B

19ms
19ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQzdwKPu9Xccene9xy4AF8ix_NKb5DyTsj5pYkJCrFGYGisg2Bl6KvBc8NBi4bowayDPi4jN2dUJgN6fA9ayEj07kHhStPDpQ

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 16:28:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQzdwKPu9Xccene9xy4AF8ix_NKb5DyTsj5pYkJCrFGYGisg2Bl6KvBc8NBi4bowayDPi4jN2dUJgN6fA9ayEj07kHhStPDpQ
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 dds
rtb.openx.net/sync/ Frame 776E 43 B
236 B 83ms
17ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESENZ6mwwSHWF_Hti3Y5QuJ3Q&google_cver=1&google_push=AXcoOmSJg_lgSap596JRwevVxI92UsJ3ECXB-QutBDlLUDDEHAGKZCC9l_3t5TyPbrbrKOWnPb2ZbYy_aOQtva1-XrUZbsGRj2Vy
Requested by: Host: b2508c89406ab1dbc02d9da2cafeb1e2.safeframe.googlesyndication.com
URL: https://b2508c89406ab1dbc02d9da2cafeb1e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 16:28:18 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 776E
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEISXNwf5HhcxkMKx0ciy2hE&google_cver=1&google_push=AXcoOmRXtoBgHmz9ssxOTHZalgawH2lykMRS_u_xtLT43Zl-CuskC0xe7blJTO4zJae_9qzjbJDjB0YNfs7yH71B8...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEISXNwf5HhcxkMKx0ciy2hE&google_cver=1&google_push=AXcoOmRXtoBgHmz9ssxOTHZalgawH2lykMRS_u_xtLT43Zl-CuskC0xe7blJTO4zJae_9qzjbJDjB0YNfs7yH71B8...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmRXtoBgHmz9ssxOTHZalgawH2lykMRS_u_xtLT43Zl-CuskC0xe7blJTO4zJae_9qzjbJDjB0YNfs7yH71B8xyH9oJJknSc&google_hm=HrBcrGZHGrgi2TP1T9ycu8pP

170 B
232 B

19ms
18ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmRXtoBgHmz9ssxOTHZalgawH2lykMRS_u_xtLT43Zl-CuskC0xe7blJTO4zJae_9qzjbJDjB0YNfs7yH71B8xyH9oJJknSc&google_hm=HrBcrGZHGrgi2TP1T9ycu8pP

Requested by

Host: b2508c89406ab1dbc02d9da2cafeb1e2.safeframe.googlesyndication.com
URL: https://b2508c89406ab1dbc02d9da2cafeb1e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 16:28:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 17 Nov 2023 16:28:18 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmRXtoBgHmz9ssxOTHZalgawH2lykMRS_u_xtLT43Zl-CuskC0xe7blJTO4zJae_9qzjbJDjB0YNfs7yH71B8xyH9oJJknSc&google_hm=HrBcrGZHGrgi2TP1T9ycu8pP
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 776E
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEM...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmTXBz7czAIqdT8aMPEDBnXHV52dLOUjCzCaX3bailgMnn_QL32Vtcn3Y9vVyDYEJXCTfKq9YnMJz40dQr6FBj6aCem8Tv2KTA&redir=https%3A%2F%2Fcm.g.dou...
https://sync.targeting.unrulymedia.com/csync/RX-cf52e714-acc2-4011-991f-1e2caa7bebe9-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmTXBz7czAIqdT8aMPEDB...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTXBz7czAIqdT8aMPEDBnXHV52dLOUjCzCaX3bailgMnn_QL32Vtcn3Y9vVyDYEJXCTfKq9YnMJz40dQr6FBj6aCem8Tv2KTA&google_hm=A89S5xSswkARmR8eLKp76-k

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTXBz7czAIqdT8aMPEDBnXHV52dLOUjCzCaX3bailgMnn_QL32Vtcn3Y9vVyDYEJXCTfKq9YnMJz40dQr6FBj6aCem8Tv2KTA&google_hm=A89S5xSswkARmR8eLKp76-k

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 16:28:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTXBz7czAIqdT8aMPEDBnXHV52dLOUjCzCaX3bailgMnn_QL32Vtcn3Y9vVyDYEJXCTfKq9YnMJz40dQr6FBj6aCem8Tv2KTA&google_hm=A89S5xSswkARmR8eLKp76-k
date: Fri, 17 Nov 2023 16:28:18 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXcf52e714acc24011991f1e2caa7bebe9003
content-type: text/html

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame 776E 0
45 B 144ms
19ms Image
text/plain 185.86.139.102
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESENxbIXkR7r0HMLXZUHoUeq8&google_cver=1&google_push=AXcoOmQbF4lqOUc3EK7VBSbqd-EoqOGzHdX8ixuVamw5wnsvjD-ggX1W0w467aYb8oU4mV9oYbBjixBy7k61ysEFQjaZ_U9ihCD1Hw
Requested by: Host: b2508c89406ab1dbc02d9da2cafeb1e2.safeframe.googlesyndication.com
URL: https://b2508c89406ab1dbc02d9da2cafeb1e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 16:28:17 GMT
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 776E 0
139 B 63ms
15ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I15k6jYtXUDr9SAQN6xSpvHWiZRfZtOb9QEDUs_CSfoLB8HyhDFs2A8eN4KyjCpayaSHFg

Requested by

Host: b2508c89406ab1dbc02d9da2cafeb1e2.safeframe.googlesyndication.com
URL: https://b2508c89406ab1dbc02d9da2cafeb1e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 16:28:18 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 unVwOGQH9SsIcJBr4Xp3HcCvUJyc_uBy8Ir4YHk_V1Y.js Show response
pagead2.googlesyndication.com/bg/ Frame 1EE4 38 KB
15 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/unVwOGQH9SsIcJBr4Xp3HcCvUJyc_uBy8Ir4YHk_V1Y.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba7570386407f52b0870906be17a771dc0af509c9cfee072f08af860793f5756

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b2508c89406ab1dbc02d9da2cafeb1e2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:03:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 95060
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14990
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 14:03:58 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 44ms
44ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311090101&jk=2942571423487489&bg=!lJell9jNAAZxrfrxUa07ADQBe5WfODvPsS6kZXFgjRa1EHItPiSJp4JWfVGQ8f8Rz8jFG9aMBJPYzG7tqAnJdpXHFB-IAgAAAIFSAAAABGgBBwoATpK1Xre5dxLYkxFtxvWZ6doC_nIPNTIKO1YEqBzmqwqdrBLCav7wI1-jZ-_TKF_eIFI8e3mWwkMXeMAYQV-2BghznT3IgaTPsCCtBeOHKZkCrsV5edMBSBkIzx71m-i_xjsZcmOjl7KNPpF5DGeKI33CMvxiTOHZdKo2le96d0pRsGWFUYDunZxc5p_lXij7TuyM4aEVFZo9RZM37lysvUVgKCi5Tb5_WcvQgfsgVhDEqXAw8xyOMbVhdGYPIMUFIPJ15BCLVQjZvtE5wQtyhgm6uz68Eov26s4Hb5gGkxTRrSaIYloqUTyBKj4pYbll5mdPeiFBA6Q0JMH9hGiANqHOr6rkSQGn22gBsZts5gp4Op-XPPvhFl41woG8iwRLEzKQMX5qoYVm1IrRtkRu0HGCIgvk06WK0Pmp7_0MjVYEqfKC7RY-R5539f9dFJssCdh0OsM3DILNeTBtTqwBfQyzXbew0IQGuAV-qsvC4-sCCghkbtHTZ2LLuBV7TvEOS3Z-SOsE8LD6rgO9LFzhsaFRVQkcpxY4OQZgwj5zvG7B33ohBBReYY2psFMSI4StguHmoDJV3NzLHtfMj0ZlgHB304xzF-lCvhqZUnMoXCUOB44jxLhRZc68SPk2lYWa1oL7hJTfqHb6COcOG-xlvcwqy_2cuPVbQjs7M26cZquiIE0fh1h55LgTj5n9mUF8j0I_Qn0sDH9jh0Rq8YM0xH8_Btl6YDZkcubUO7Qgm6DTgyrnLBwzkTgGWczAgKWsx7rvLntMLhDptsqpcn1qRrueGQEnbDpGy2BYu4CXRdmip5Nr4dDLl1c9Da3p7tG6ZugiGMgPf7UzIXeCSd_j0M8ZwEbD3T6mbsvtDtKJJVWqYu_NkIuHk_gJYa7rGkzD98FtIyrmihSUULbqxnz1-SuEbnBKv-Y7V6uQ12Io10_X3aeRae1X6pUMKpcqq7tRl7BebEt_Ji5RbDKISLoL9T9QsjnRuurLIcMtA-UbB3Rh24GXQTc9kSD8AvQZvjsH
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de8.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 15ms
15ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-1FXB7HTS7V&gtm=45je3b81v882880514&_p=1700238495898&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&gdid=dZTNiMT&cid=1453188784.1700238496&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEA&_s=2&sid=1700238496&sct=1&seg=0&dl=https%3A%2F%2Fde8.com.br%2Finvite-absa-gold-card%2F%3Futm_source%3DActiveCampaign%26utm_medium%3Demail%26utm_content%3DR%2B16200%2Bis%2Byour%2Bnew%2Babsa%2Blimit%2521%2B%25F0%259F%25A5%25B3%26utm_campaign%3DJNi5-ID98_TB_e3_DEabsa_16%252F11_R&dt=Invite%20ABSA%20Gold%20Card%20-%20De8&en=scroll&epn.percent_scrolled=90&_et=19&tfd=10528
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1FXB7HTS7V
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de8.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 16:28:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://de8.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

98 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.de8.com.br/	1970-01-21 01:53:18	Name: _ga_1FXB7HTS7V Value: GS1.1.1700238496.1.0.1700238496.0.0.0
de8.com.br/	1970-01-21 01:02:54	Name: __SPUN_ID Value: P3nqSRP631sOgjX2
.de8.com.br/	1970-01-20 18:26:54	Name: _gcl_au Value: 1.1.282065360.1700238496
.de8.com.br/	1970-01-21 01:53:18	Name: _ga Value: GA1.3.1453188784.1700238496
.de8.com.br/	1970-01-20 16:18:44	Name: _gid Value: GA1.3.1679476946.1700238496
.de8.com.br/	1970-01-20 16:17:18	Name: _gat_gtag_UA_225565835_6 Value: 1
.de8.com.br/	1970-01-20 18:26:54	Name: _fbp Value: fb.2.1700238496444.1061181710
.doubleclick.net/	1970-01-21 01:38:54	Name: IDE Value: AHWqTUmVN_QlkIdRAHljl4lxI86T34ny4NEQEoHG4jMrPpNzVlV20KF1CU84LL2u6Cg
.de8.com.br/	1970-01-21 01:38:54	Name: __gads Value: ID=7a1ba975e9a1ef71:T=1700238497:RT=1700238497:S=ALNI_Mb2XBHIAgfF2twVPPwTsWx0L7sDvw
.de8.com.br/	1970-01-21 01:38:54	Name: __gpi Value: UID=00000ccb5e085db0:T=1700238497:RT=1700238497:S=ALNI_MZcM9c5eq3XkV858KIOJiCsvMnWuw
.travelaudience.com/	1970-01-21 01:47:32	Name: _tracker Value: %7B%22UUID%22%3A%2291EC9470-C5CE-45C9-13B6-C675199DE351%22%7D
.lijit.com/	1970-01-21 01:02:54	Name: ljt_reader Value: HrBcrGZHGrgi2TP1T9ycu8pP
.1rx.io/	1970-01-21 01:02:54	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-cf52e714-acc2-4011-991f-1e2caa7bebe9-003%22%7D
.adform.net/	1970-01-20 17:00:30	Name: C Value: 1
.de17a.com/	1970-01-21 00:55:42	Name: guid Value: 1.4096765254582077472
.adform.net/	1970-01-20 17:43:42	Name: uid Value: 5830692944416442296
.targeting.unrulymedia.com/	1970-01-21 01:02:54	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-cf52e714-acc2-4011-991f-1e2caa7bebe9-003%22%7D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.travelaudience.com
analytics.spun.com.br
ap.lijit.com
b2508c89406ab1dbc02d9da2cafeb1e2.safeframe.googlesyndication.com
c1.adform.net
cdn.cloud.adseleto.com
cdn.de8.com.br
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
d5p.de17a.com
de8.com.br
fonts.googleapis.com
googleads.g.doubleclick.net
jni5.lt.acemlnb.com
pagead2.googlesyndication.com
push.spun.com.br
region1.google-analytics.com
rtb.openx.net
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
sync.1rx.io
sync.targeting.unrulymedia.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
142.250.186.66
185.86.139.102
2001:4860:4802:34::36
213.155.156.185
216.52.2.16
2606:4700:e6::ac40:c60b
2606:4700:e6::ac40:c70b
2a00:1450:4001:803::2002
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2004
2a00:1450:4001:812::200e
2a00:1450:4001:828::200a
2a00:1450:4001:829::2008
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:400::649
2a06:98c1:3121::3
34.36.196.101
35.186.253.211
35.190.0.66
37.157.6.237
46.228.174.117
52.0.23.141
07b87cc400c30ccb5b2cd2c7ca00b42a6f90b2301a7fcc7c8387573b86c8ad04
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0e917513727e1a99af591d808995c110e4bee462c3d41b9cdc9af1247bc91f44
0ebf98859d8ed94257e8c151cfec740a348f3011e2b582752a1a2cf237fa03c6
0ed4fdcbc2e13855995c8156b660e53c6b15ede976a9d04258ec28a7283cb792
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3451e76c3040ea56ebe4b7760093c1abae1be4287cbf7ac6412e174ae2c32668
363d2b4410199c5b01cc8edf4d2486019aa3eeb838a72548d387b1d7e4355c31
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
3c3c0ebe37e4fd4187131a0a8d039064a9014215c4b83199d909e7e0b2d7f450
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
409fb2991641ebdd8fbb8aee5b38943fb3d9c44d9e2e3d3b27a72b78f34f5b06
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46ef045855340b8e15200c249c6f34fef13dcb329674934feb996494d0e92faf
4c6835d7f6030101735d0968d5362627c373d1bd11a5e0c9d561da87f59d33c6
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5561dd68db23d5ee4f44162a1ae159eb10d02083271d6b33ae225791f42ef922
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58d05df3665d86e0831e00f97e0635a2af93efd31514ba6f43f675e24a7c1995
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5f9d3a91d5bbc09131900b7dc64ba4328bab03dc7221c5c2773397cb656bca18
5fad6aa0e88445e4500549a704cd44f63beddbf73b6c096fd0163986bd741907
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c9191eb92e1d928ebdd542fc9c073c8b8298191549c27f73468c500dcdf3e5c
73dd589de1dcdaf44b319dae77c4f0ff2ce7c987285c1c92da85582b7a8c116c
768545bbf0e0b1c26148cc91df029eab9ff8adc0c827b1b09354d12f3ab91783
803e1a7425460d06cf50f1773cc42aafd0d03b24b668219ce64a3d4bd563b34c
8137cf1870430460999ec4cc7e954e08a00d126721af5d6954c4b8bba59e5754
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87da15ffe4c4ddf8581169b47faed836addcb49669b8292ef4bae95d697e06a4
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
8f6fa554cd3118ecd6548b18c26242b00417fa84be7ed6cf87760b7a46e81375
93683bb035f3cd30dbd965fddbdfea81ddd0472d6478d58d70ceaeedfb1c117f
96ba58abe9f562546a030f3709a03c6c62347a9b41ae69f66ec471ceb7a2860c
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
ba10ffe2fc5b2b778d445e36a45cc17bcd106bdd8b93943eb82fa3e503b91c82
ba7570386407f52b0870906be17a771dc0af509c9cfee072f08af860793f5756
bccad1b7bad6e60365f8cea0e26ed1ec535b295658acec12be669d7eb4999a78
c2711e9edc60964dcb5aada1bfa59c2d68d3d9dc1baf4a5ee058b4c1bd32c3eb
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d46421a072e5578f941d11f129e4e3d21293ee6eb7be07552dbc01564cdf0092
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e329117bbdc12ee0649ed6654138a9ba8e600eaddf9138752631a50d236d135a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa42d3eeb3a42263bbb178af61b7d2c4739815aa421559d63f223363f1efc73
f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e
f92ffa5278ace8b3ab991309beb0663c12a27889dc3b674ca420a3f8f1bfec01
fb40432759e5c69f92b318f36f687745f0dc549113ddcad1b87d71550d9c8779
fe9a906b4e9b45d9c507304d1586e617cecec741f3cd34d2a15627b319a4e659

de8.com.br Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

79 Requests

92 %HTTPS

66 %IPv6

24 Domains

31 Subdomains

24 IPs

6 Countries

1676 kBTransfer

6003 kBSize

17 Cookies

0 Outgoing links

Page URL History

Redirected requests

79 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

de8.com.br Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

79
Requests

92 %
HTTPS

66 %
IPv6

24
Domains

31
Subdomains

24
IPs

6
Countries

1676 kB
Transfer

6003 kB
Size

17
Cookies

79 HTTP transactions
0 data transactions