beneficios.dudabasic.shop Open in urlscan Pro
144.217.224.161 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://beneficios.dudabasic.shop/
Submission: On June 07 via api (June 7th 2024, 6:38:32 pm UTC) from US — Scanned from CA

Summary HTTP 46 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 2 countries across 8 domains to perform 46 HTTP transactions. The main IP is 144.217.224.161, located in Beauharnois, Canada and belongs to OVH, FR. The main domain is beneficios.dudabasic.shop.
TLS certificate: Issued by R3 on May 27th 2024. Valid for: 3 months.

This is the only time beneficios.dudabasic.shop was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
19	144.217.224.161 144.217.224.161	16276 (OVH) (OVH)
5	2607:f8b0:400... 2607:f8b0:400d:c0b::9d	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f00... 2a03:2880:f003:c0e:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2a03:2880:f10... 2a03:2880:f103:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2607:f8b0:400... 2607:f8b0:4004:c08::84	15169 (GOOGLE) (GOOGLE)
9	2607:f8b0:400... 2607:f8b0:400d:c03::84	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c00::5f	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c0d::9d	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c06::67	15169 (GOOGLE) (GOOGLE)
46	10

19 144.217.224.161 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: ip161.ip-144-217-224.net

beneficios.dudabasic.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:400d:c0b::9d (Morganton, United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f003:c0e:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f103:83:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c08::84 (Washington, United States)

ASN15169 (GOOGLE, US)

07c1ae8c9524276bad4fdd08eed152ca.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:400d:c03::84 (Morganton, United States)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c00::5f (Morganton, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c0d::9d (Morganton, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::67 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	dudabasic.shop beneficios.dudabasic.shop	290 KB
7	googlesyndication.com 07c1ae8c9524276bad4fdd08eed152ca.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 174 pagead2.googlesyndication.com — Cisco Umbrella Rank: 135	23 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 430	104 KB
5	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 236	256 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 119	4 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 205	71 KB
1	google.com www.google.com — Cisco Umbrella Rank: 5
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 70	1 KB
46	8

	Domain	Requested by
19	beneficios.dudabasic.shop	beneficios.dudabasic.shop
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	securepubads.g.doubleclick.net	beneficios.dudabasic.shop securepubads.g.doubleclick.net
4	tpc.googlesyndication.com	beneficios.dudabasic.shop securepubads.g.doubleclick.net tpc.googlesyndication.com
4	www.facebook.com	beneficios.dudabasic.shop
2	07c1ae8c9524276bad4fdd08eed152ca.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	connect.facebook.net	beneficios.dudabasic.shop connect.facebook.net
1	www.google.com	tpc.googlesyndication.com
1	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
1	fonts.googleapis.com	securepubads.g.doubleclick.net
46	10

This site contains no links.

Subject Issuer	Validity	Valid
beneficios.dudabasic.shop R3	`2024-05-27` - `2024-08-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-03-17` - `2024-06-15`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2024-05-21` - `2024-08-13`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-05-21` - `2024-08-13`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-05-21` - `2024-08-13`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://beneficios.dudabasic.shop/
Frame ID: 9516C7EB7BC320227430AC74D598DA3A
Requests: 34 HTTP requests in this frame

Frame: https://07c1ae8c9524276bad4fdd08eed152ca.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 110A11B8CCCF1C627F210918ECBAF9B0
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012405231944000/amp4ads-v0.mjs
Frame ID: C2374F4880A3FDEC30EF96BF22E4B57E
Requests: 8 HTTP requests in this frame

Frame: https://07c1ae8c9524276bad4fdd08eed152ca.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D8AA8714BE56C9B92F295B07ADE75F80
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BFE9E91D34417D01A3588B30D40A5576
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7E920EA56F8E1D0AE2977AA12C442365
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Duda Benefícios - Benefícios sociais, cursos e oportunidades de trabalho

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

46
Requests

96 %
HTTPS

89 %
IPv6

8
Domains

10
Subdomains

10
IPs

2
Countries

750 kB
Transfer

2257 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

46 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
beneficios.dudabasic.shop/ 148 KB
45 KB 402ms
94ms Document
text/html 144.217.224.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://beneficios.dudabasic.shop/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.217.224.161 Beauharnois, Canada, ASN16276 (OVH, FR),

Reverse DNS

ip161.ip-144-217-224.net

Software

freenginx / PortoFacil.net

Resource Hash

ec7edec69a8c9ca681610acbd2fae3be59e686576c3129a19c5ad26392d34def

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 07 Jun 2024 18:38:26 GMT
link: <https://beneficios.dudabasic.shop/wp-json/>; rel="https://api.w.org/"
referrer-policy: strict-origin-when-cross-origin
server: freenginx
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-fastcgi-cache: HIT
x-frame-options: SAMEORIGIN
x-powered-by: PortoFacil.net
x-xss-protection: 1; mode=block

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 96 KB
31 KB 615ms
207ms Script
text/javascript 2607:f8b0:400d:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: beneficios.dudabasic.shop
URL: https://beneficios.dudabasic.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0b::9d Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c5c78b5896f04f492fe7e5dbde4a93900658e3dc692cb3f0d4ff5f271df24f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://beneficios.dudabasic.shop/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 18:38:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30798
x-xss-protection: 0
server: cafe
etag: 213 / 19881 / m202406030101 / config-hash: 5607819409533271415
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 07 Jun 2024 18:38:26 GMT

GET
H2 200 style.min.css
beneficios.dudabasic.shop/wp-includes/css/dist/block-library/ 111 KB
15 KB 143ms
141ms Stylesheet
text/css 144.217.224.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://beneficios.dudabasic.shop/wp-includes/css/dist/block-library/style.min.css?ver=6.5.4

Requested by

Host: beneficios.dudabasic.shop
URL: https://beneficios.dudabasic.shop/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.217.224.161 Beauharnois, Canada, ASN16276 (OVH, FR),

Reverse DNS

ip161.ip-144-217-224.net

Software

freenginx / PortoFacil.net

Resource Hash

98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://beneficios.dudabasic.shop/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 18:38:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 27 May 2024 15:43:14 GMT
server: freenginx
etag: W/"6654aa12-1bae5"
x-powered-by: PortoFacil.net
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
x-download-options: noopen
cache-control: max-age=2592000, public
x-xss-protection: 1; mode=block
expires: Sun, 07 Jul 2024 18:38:26 GMT

GET
H2 200 bootstrap-reboot.min.css
beneficios.dudabasic.shop/wp-content/themes/twint/assets/css/ 10 KB
3 KB 143ms
142ms Stylesheet
text/css 144.217.224.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://beneficios.dudabasic.shop/wp-content/themes/twint/assets/css/bootstrap-reboot.min.css?ver=2.10

Requested by

Host: beneficios.dudabasic.shop
URL: https://beneficios.dudabasic.shop/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.217.224.161 Beauharnois, Canada, ASN16276 (OVH, FR),

Reverse DNS

ip161.ip-144-217-224.net

Software

freenginx / PortoFacil.net

Resource Hash

99d4cecc79bc17f676c86514cb02535291e36ae33c21d15c850a4487bbe0e8ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://beneficios.dudabasic.shop/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 18:38:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 05 Jun 2024 13:12:13 GMT
server: freenginx
etag: W/"6660642d-2793"
x-powered-by: PortoFacil.net
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
x-download-options: noopen
cache-control: max-age=2592000, public
x-xss-protection: 1; mode=block
expires: Sun, 07 Jul 2024 18:38:26 GMT

GET
H2 200 bootstrap-grid.min.css
beneficios.dudabasic.shop/wp-content/themes/twint/assets/css/ 51 KB
6 KB 143ms
142ms Stylesheet
text/css 144.217.224.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://beneficios.dudabasic.shop/wp-content/themes/twint/assets/css/bootstrap-grid.min.css?ver=2.10

Requested by

Host: beneficios.dudabasic.shop
URL: https://beneficios.dudabasic.shop/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.217.224.161 Beauharnois, Canada, ASN16276 (OVH, FR),

Reverse DNS

ip161.ip-144-217-224.net

Software

freenginx / PortoFacil.net

Resource Hash

fdf830b529e63c3dde55f773977bab2d3e79df92d3ea23dabb6e0b24cda4f431

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://beneficios.dudabasic.shop/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 18:38:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 05 Jun 2024 13:12:13 GMT
server: freenginx
etag: W/"6660642d-ca58"
x-powered-by: PortoFacil.net
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
x-download-options: noopen
cache-control: max-age=2592000, public
x-xss-protection: 1; mode=block
expires: Sun, 07 Jul 2024 18:38:26 GMT

GET
H2 200 bootstrap-utilities.min.css
beneficios.dudabasic.shop/wp-content/themes/twint/assets/css/ 83 KB
11 KB 156ms
155ms Stylesheet
text/css 144.217.224.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://beneficios.dudabasic.shop/wp-content/themes/twint/assets/css/bootstrap-utilities.min.css?ver=2.10

Requested by

Host: beneficios.dudabasic.shop
URL: https://beneficios.dudabasic.shop/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.217.224.161 Beauharnois, Canada, ASN16276 (OVH, FR),

Reverse DNS

ip161.ip-144-217-224.net

Software

freenginx / PortoFacil.net

Resource Hash

92c107c9921f0b08482e5abff8daa0ed6ed30386ad3e38a9ad9f89fecf9f9de9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://beneficios.dudabasic.shop/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 18:38:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 05 Jun 2024 13:12:14 GMT
server: freenginx
etag: W/"6660642e-14d6d"
x-powered-by: PortoFacil.net
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
x-download-options: noopen
cache-control: max-age=2592000, public
x-xss-protection: 1; mode=block
expires: Sun, 07 Jul 2024 18:38:26 GMT

GET
H2 200 main.css
beneficios.dudabasic.shop/wp-content/themes/twint/assets/css/ 19 KB
4 KB 156ms
156ms Stylesheet
text/css 144.217.224.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://beneficios.dudabasic.shop/wp-content/themes/twint/assets/css/main.css?ver=2.10

Requested by

Host: beneficios.dudabasic.shop
URL: https://beneficios.dudabasic.shop/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.217.224.161 Beauharnois, Canada, ASN16276 (OVH, FR),

Reverse DNS

ip161.ip-144-217-224.net

Software

freenginx / PortoFacil.net

Resource Hash

53b58f6483a71ddf88a0303158fc198c57fda03646c53d96ba36a8d8391624c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://beneficios.dudabasic.shop/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 18:38:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 06 Jun 2024 14:05:24 GMT
server: freenginx
etag: W/"6661c224-4a96"
x-powered-by: PortoFacil.net
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
x-download-options: noopen
cache-control: max-age=2592000, public
x-xss-protection: 1; mode=block
expires: Sun, 07 Jul 2024 18:38:26 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 219 KB
59 KB 523ms
135ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: beneficios.dudabasic.shop
URL: https://beneficios.dudabasic.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://beneficios.dudabasic.shop/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 07 Jun 2024 18:38:26 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57975
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=15, mss=1392, tbw=2818, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: S/V/DD+4t3GOwdKJz9uLWUgiLj4AGh42p3EIbQ6Hf5+lNCMOWwgUOneg+/s8rgiRXwl+q0SUHMVj9xtyRQufcQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 default-logo.svg
beneficios.dudabasic.shop/wp-content/themes/twint/assets/img/ 3 KB
2 KB 140ms
139ms Image
image/svg+xml 144.217.224.161
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beneficios.dudabasic.shop/wp-content/themes/twint/assets/img/default-logo.svg

Requested by

Host: beneficios.dudabasic.shop
URL: https://beneficios.dudabasic.shop/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.217.224.161 Beauharnois, Canada, ASN16276 (OVH, FR),

Reverse DNS

ip161.ip-144-217-224.net

Software

freenginx / PortoFacil.net

Resource Hash

24032b87796f09ce8df79374e3d9dc5a6ebfee8652e2f37024b59987f588206c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://beneficios.dudabasic.shop/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 18:38:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 05 Jun 2024 13:12:19 GMT
server: freenginx
etag: W/"66606433-ab7"
x-powered-by: PortoFacil.net
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
x-download-options: noopen
cache-control: max-age=2592000, public
x-xss-protection: 1; mode=block
expires: Sun, 07 Jul 2024 18:38:26 GMT

GET
H2 200 jquery.min.js Show response
beneficios.dudabasic.shop/wp-content/themes/twint/assets/js/ 85 KB
30 KB 139ms
138ms Script
application/javascript 144.217.224.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://beneficios.dudabasic.shop/wp-content/themes/twint/assets/js/jquery.min.js?ver=2.10

Requested by

Host: beneficios.dudabasic.shop
URL: https://beneficios.dudabasic.shop/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.217.224.161 Beauharnois, Canada, ASN16276 (OVH, FR),

Reverse DNS

ip161.ip-144-217-224.net

Software

freenginx / PortoFacil.net

Resource Hash

99e691fae5e88eb36bafb24758b35f0f990708295f8f2abe2221891e328f776a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://beneficios.dudabasic.shop/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 18:38:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 05 Jun 2024 13:12:22 GMT
server: freenginx
etag: W/"66606436-155ed"
x-powered-by: PortoFacil.net
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
x-download-options: noopen
cache-control: max-age=2592000, public
x-xss-protection: 1; mode=block
expires: Sun, 07 Jul 2024 18:38:26 GMT

GET
H2 200 bootstrap.min.js Show response
beneficios.dudabasic.shop/wp-content/themes/twint/assets/js/ 59 KB
17 KB 139ms
139ms Script
application/javascript 144.217.224.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://beneficios.dudabasic.shop/wp-content/themes/twint/assets/js/bootstrap.min.js?ver=2.10

Requested by

Host: beneficios.dudabasic.shop
URL: https://beneficios.dudabasic.shop/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.217.224.161 Beauharnois, Canada, ASN16276 (OVH, FR),

Reverse DNS

ip161.ip-144-217-224.net

Software

freenginx / PortoFacil.net

Resource Hash

fb1e9574b097e7e8c86577ea959e36220e65553c96369fc15e98ba6414982e84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://beneficios.dudabasic.shop/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 18:38:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 05 Jun 2024 13:12:21 GMT
server: freenginx
etag: W/"66606435-eca7"
x-powered-by: PortoFacil.net
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
x-download-options: noopen
cache-control: max-age=2592000, public
x-xss-protection: 1; mode=block
expires: Sun, 07 Jul 2024 18:38:26 GMT

GET
H2 200 main.js Show response
beneficios.dudabasic.shop/wp-content/themes/twint/assets/js/ 4 KB
2 KB 140ms
139ms Script
application/javascript 144.217.224.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://beneficios.dudabasic.shop/wp-content/themes/twint/assets/js/main.js?ver=2.10

Requested by

Host: beneficios.dudabasic.shop
URL: https://beneficios.dudabasic.shop/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.217.224.161 Beauharnois, Canada, ASN16276 (OVH, FR),

Reverse DNS

ip161.ip-144-217-224.net

Software

freenginx / PortoFacil.net

Resource Hash

2855ff5c46350c3be41fbe98fe7845400a446d9247bbd9cdb48a1b64f61db296

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://beneficios.dudabasic.shop/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 18:38:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 06 Jun 2024 13:58:48 GMT
server: freenginx
etag: W/"6661c098-f2c"
x-powered-by: PortoFacil.net
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
x-download-options: noopen
cache-control: max-age=2592000, public
x-xss-protection: 1; mode=block
expires: Sun, 07 Jul 2024 18:38:26 GMT

GET
BLOB 200
OK b1a7ef9a-fbdc-477e-a7f7-637b646b892d
https://beneficios.dudabasic.shop/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://beneficios.dudabasic.shop/b1a7ef9a-fbdc-477e-a7f7-637b646b892d
Requested by: Host: beneficios.dudabasic.shop
URL: https://beneficios.dudabasic.shop/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length: 1185
Content-Type: text/javascript

POST
H2 200 admin-ajax.php Show response
beneficios.dudabasic.shop/wp-admin/ 0
431 B 153ms
152ms XHR
text/html 144.217.224.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://beneficios.dudabasic.shop/wp-admin/admin-ajax.php

Requested by

Host: beneficios.dudabasic.shop
URL: https://beneficios.dudabasic.shop/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.217.224.161 Beauharnois, Canada, ASN16276 (OVH, FR),

Reverse DNS

ip161.ip-144-217-224.net

Software

freenginx / PortoFacil.net

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://beneficios.dudabasic.shop/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 07 Jun 2024 18:38:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: PortoFacil.net
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: freenginx
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://beneficios.dudabasic.shop
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 wp-emoji-release.min.js Show response
beneficios.dudabasic.shop/wp-includes/js/ 18 KB
5 KB 132ms
132ms Script
application/javascript 144.217.224.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://beneficios.dudabasic.shop/wp-includes/js/wp-emoji-release.min.js?ver=6.5.4

Requested by

Host: beneficios.dudabasic.shop
URL: https://beneficios.dudabasic.shop/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.217.224.161 Beauharnois, Canada, ASN16276 (OVH, FR),

Reverse DNS

ip161.ip-144-217-224.net

Software

freenginx / PortoFacil.net

Resource Hash

4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://beneficios.dudabasic.shop/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 18:38:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 27 May 2024 15:43:14 GMT
server: freenginx
etag: W/"6654aa12-4926"
x-powered-by: PortoFacil.net
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
x-download-options: noopen
cache-control: max-age=2592000, public
x-xss-protection: 1; mode=block
expires: Sun, 07 Jul 2024 18:38:26 GMT

GET
H2 200 20240606-x2-360x230.webp
beneficios.dudabasic.shop/wp-content/uploads/2024/06/ 13 KB
13 KB 123ms
121ms Image
image/webp 144.217.224.161
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beneficios.dudabasic.shop/wp-content/uploads/2024/06/20240606-x2-360x230.webp

Requested by

Host: beneficios.dudabasic.shop
URL: https://beneficios.dudabasic.shop/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.217.224.161 Beauharnois, Canada, ASN16276 (OVH, FR),

Reverse DNS

ip161.ip-144-217-224.net

Software

freenginx / PortoFacil.net

Resource Hash

031e2a0e3c7f1d61ab244f67be431c47099d47aabd594421984895462e6e518c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://beneficios.dudabasic.shop/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 18:38:26 GMT
x-content-type-options: nosniff
x-powered-by: PortoFacil.net
content-length: 13110
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 06 Jun 2024 17:02:03 GMT
server: freenginx
etag: "6661eb8b-3336"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 20240604-x2-360x230.png
beneficios.dudabasic.shop/wp-content/uploads/2024/06/ 45 KB
46 KB 123ms
122ms Image
image/png 144.217.224.161
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beneficios.dudabasic.shop/wp-content/uploads/2024/06/20240604-x2-360x230.png

Requested by

Host: beneficios.dudabasic.shop
URL: https://beneficios.dudabasic.shop/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.217.224.161 Beauharnois, Canada, ASN16276 (OVH, FR),

Reverse DNS

ip161.ip-144-217-224.net

Software

freenginx / PortoFacil.net

Resource Hash

cd9c19420d56ef56c0f117c27e2c53c34473cda118aa3ed62ea450c40ec6e68d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://beneficios.dudabasic.shop/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 18:38:26 GMT
x-content-type-options: nosniff
x-powered-by: PortoFacil.net
content-length: 46520
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 05 Jun 2024 13:58:02 GMT
server: freenginx
etag: "66606eea-b5b8"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 20240606-cnh_social_rb-editada-1024x683-1-360x262.webp
beneficios.dudabasic.shop/wp-content/uploads/2024/06/ 17 KB
18 KB 123ms
122ms Image
image/webp 144.217.224.161
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beneficios.dudabasic.shop/wp-content/uploads/2024/06/20240606-cnh_social_rb-editada-1024x683-1-360x262.webp

Requested by

Host: beneficios.dudabasic.shop
URL: https://beneficios.dudabasic.shop/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.217.224.161 Beauharnois, Canada, ASN16276 (OVH, FR),

Reverse DNS

ip161.ip-144-217-224.net

Software

freenginx / PortoFacil.net

Resource Hash

0d5eff912a91d6af949e6098f27d37e4ae56863984f22a1ee3e14575b58c8cf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://beneficios.dudabasic.shop/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 18:38:26 GMT
x-content-type-options: nosniff
x-powered-by: PortoFacil.net
content-length: 17874
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 06 Jun 2024 13:52:08 GMT
server: freenginx
etag: "6661bf08-45d2"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 20240605-x2-360x230.webp
beneficios.dudabasic.shop/wp-content/uploads/2024/06/ 29 KB
29 KB 123ms
122ms Image
image/webp 144.217.224.161
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beneficios.dudabasic.shop/wp-content/uploads/2024/06/20240605-x2-360x230.webp

Requested by

Host: beneficios.dudabasic.shop
URL: https://beneficios.dudabasic.shop/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.217.224.161 Beauharnois, Canada, ASN16276 (OVH, FR),

Reverse DNS

ip161.ip-144-217-224.net

Software

freenginx / PortoFacil.net

Resource Hash

897a257cd91010b5611de23a25a26264e8192c6d6d4c2a539ce27478be8adcf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://beneficios.dudabasic.shop/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 18:38:26 GMT
x-content-type-options: nosniff
x-powered-by: PortoFacil.net
content-length: 29650
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 05 Jun 2024 15:40:48 GMT
server: freenginx
etag: "66608700-73d2"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 20240604-x2-1-360x230.png
beneficios.dudabasic.shop/wp-content/uploads/2024/06/ 41 KB
41 KB 123ms
122ms Image
image/png 144.217.224.161
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beneficios.dudabasic.shop/wp-content/uploads/2024/06/20240604-x2-1-360x230.png

Requested by

Host: beneficios.dudabasic.shop
URL: https://beneficios.dudabasic.shop/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.217.224.161 Beauharnois, Canada, ASN16276 (OVH, FR),

Reverse DNS

ip161.ip-144-217-224.net

Software

freenginx / PortoFacil.net

Resource Hash

66e8fb89239ac52484e5259fefcfc3cc43518d9498a2a5294a0ceb87f95b2dfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://beneficios.dudabasic.shop/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 18:38:26 GMT
x-content-type-options: nosniff
x-powered-by: PortoFacil.net
content-length: 42028
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 05 Jun 2024 13:58:11 GMT
server: freenginx
etag: "66606ef3-a42c"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 934753427883253 Show response
connect.facebook.net/signals/config/ 57 KB
12 KB 187ms
186ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/934753427883253?v=2.9.157&r=stable&domain=beneficios.dudabasic.shop&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e51779232bd225c517b04715e1e8f12e67baa5ca33d586be5a90b50f43911f55

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://beneficios.dudabasic.shop/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 07 Jun 2024 18:38:27 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=61, mss=1392, tbw=63526, tp=-1, tpl=-1, uplat=75, ullat=1
pragma: public
x-fb-debug: J/6wBMw2sR1wQjbMOQIgj38o7N8/cV2NQzW4OYrVtdwYueWjmL9Eq4L8WiQorPsKJMh3vG/uAmQICfyyBjlzXA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406030101/ 462 KB
144 KB 120ms
120ms Script
text/javascript 2607:f8b0:400d:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406030101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0b::9d Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

238471b5f6cdbff6ab8cf75252ac0149dd6c21b70e287580845d95d4cfb4b8ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://beneficios.dudabasic.shop/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 04:57:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49280
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 147669
x-xss-protection: 0
server: cafe
etag: 6369709055313800849
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 07 Jun 2025 04:57:06 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 511ms
138ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=934753427883253&ev=PageView&dl=https%3A%2F%2Fbeneficios.dudabasic.shop%2F&rl=&if=false&ts=1717785507119&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1717785507117.499564902470127568&ler=empty&cdl=API_unavailable&it=1717785506915&coo=false&rqm=GET

Requested by

Host: beneficios.dudabasic.shop
URL: https://beneficios.dudabasic.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://beneficios.dudabasic.shop/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=19, rtx=0, c=10, mss=1392, tbw=2850, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 07 Jun 2024 18:38:27 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 562ms
189ms Image
image/png 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=934753427883253&ev=PageView&dl=https%3A%2F%2Fbeneficios.dudabasic.shop%2F&rl=&if=false&ts=1717785507119&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1717785507117.499564902470127568&ler=empty&cdl=API_unavailable&it=1717785506915&coo=false&rqm=FGET

Requested by

Host: beneficios.dudabasic.shop
URL: https://beneficios.dudabasic.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://beneficios.dudabasic.shop/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x0c60b77a05bef401","source_keys":["1","2"]},{"key_piece":"0x45c87c44ae97f309","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Fri, 07 Jun 2024 18:38:27 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=20, rtx=0, c=12, mss=1392, tbw=3200, tp=-1, tpl=-1, uplat=29, ullat=0
pragma: no-cache
x-fb-debug: RJ6ND5hF+Mr0/uDNUarcKww80Yhf8LCz55LEMtUaQtLpiA9Y/ks8QWXs7THIezhSTP1j3j57fQtygBFR0xNHKg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
32 B 510ms
138ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=934753427883253&ev=ViewContent&dl=https%3A%2F%2Fbeneficios.dudabasic.shop%2F&rl=&if=false&ts=1717785507121&sw=1600&sh=1200&v=2.9.157&r=stable&ec=1&o=4126&fbp=fb.1.1717785507117.499564902470127568&ler=empty&cdl=API_unavailable&it=1717785506915&coo=false&rqm=GET

Requested by

Host: beneficios.dudabasic.shop
URL: https://beneficios.dudabasic.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://beneficios.dudabasic.shop/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=19, rtx=0, c=10, mss=1392, tbw=2850, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 07 Jun 2024 18:38:27 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
473 B 563ms
190ms Image
image/png 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=934753427883253&ev=ViewContent&dl=https%3A%2F%2Fbeneficios.dudabasic.shop%2F&rl=&if=false&ts=1717785507121&sw=1600&sh=1200&v=2.9.157&r=stable&ec=1&o=4126&fbp=fb.1.1717785507117.499564902470127568&ler=empty&cdl=API_unavailable&it=1717785506915&coo=false&rqm=FGET

Requested by

Host: beneficios.dudabasic.shop
URL: https://beneficios.dudabasic.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://beneficios.dudabasic.shop/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x8036a0c0b4956a00","source_keys":["1","2"]},{"key_piece":"0xe6fa94194e2fedcf","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Fri, 07 Jun 2024 18:38:27 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=20, rtx=0, c=12, mss=1392, tbw=6360, tp=-1, tpl=-1, uplat=29, ullat=0
pragma: no-cache
x-fb-debug: G82NSnTGVFk34u40IGXTnXFR3lADyD6Kq4PS2Ll83oOLC0BjWipwWzAN0zO0Y487gG1ojr7ag1snQV66SdONLA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 183 KB
52 KB 821ms
821ms Fetch
text/plain 2607:f8b0:400d:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4043061449974688&correlator=949436337265513&eid=31079957%2C31083345%2C31078668&output=ldjh&gdfp_req=1&vrg=202406030101&ptt=17&impl=fif&iu_parts=23026198936%2Cbeneficios.dudabasic.shop%2CBeneficios_WEB_Interstitial_20240527&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&fas=8&fsapi=1&sc=1&cookie_enabled=1&abxe=1&dt=1717785507379&lmt=1717785507&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTQxIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjE0MSJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjE0MSJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&url=https%3A%2F%2Fbeneficios.dudabasic.shop%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=154101011.1717785507&ga_sid=1717785507&ga_hid=2046596598&ga_fc=false&nt=1&psd=WzIsbnVsbCxudWxsLDNd&dlt=1717785506241&idt=1088&cust_params=request_uri%3D%252F&adks=3460029016&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0b::9d Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36e6d6ae4a8c6cf356c4aee5a9e1a259bda39250bc467496a51aca95355b39ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://beneficios.dudabasic.shop/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 18:38:28 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53481
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://beneficios.dudabasic.shop
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 61 KB
14 KB 490ms
490ms Fetch
text/plain 2607:f8b0:400d:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4043061449974688&correlator=949436337265513&eid=31079957%2C31083345%2C31078668&output=ldjh&gdfp_req=1&vrg=202406030101&ptt=17&impl=fif&iu_parts=23026198936%2Cbeneficios.dudabasic.shop%2CBeneficios_WEB_Anchor_20240527&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&fas=2&sc=1&cookie_enabled=1&abxe=1&dt=1717785507390&lmt=1717785507&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTQxIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjE0MSJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjE0MSJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&url=https%3A%2F%2Fbeneficios.dudabasic.shop%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=154101011.1717785507&ga_sid=1717785507&ga_hid=2046596598&ga_fc=false&nt=1&psd=WzIsbnVsbCxudWxsLDNd&dlt=1717785506241&idt=1088&cust_params=request_uri%3D%252F&adks=1861553279&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0b::9d Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1bfcb305b0b14616019bbe1b9963e8282adf82e2f9c08be588b5fab31e7f469c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://beneficios.dudabasic.shop/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 18:38:27 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14678
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://beneficios.dudabasic.shop
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
07c1ae8c9524276bad4fdd08eed152ca.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 110A 0
0 508ms
130ms Document
text/html 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://07c1ae8c9524276bad4fdd08eed152ca.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://beneficios.dudabasic.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 07 Jun 2024 18:38:27 GMT
expires: Fri, 07 Jun 2024 18:38:27 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406030101/ 47 KB
15 KB 121ms
121ms Script
text/javascript 2607:f8b0:400d:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406030101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0b::9d Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25e7064fc272c129969813106fbe4ec649453f547d22981aef48eb242d892c31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://beneficios.dudabasic.shop/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 07:44:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39216
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15238
x-xss-protection: 0
server: cafe
etag: 17731287586413674350
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 07 Jun 2025 07:44:51 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012405231944000/ Frame C237 196 KB
56 KB 612ms
149ms Script
text/javascript 2607:f8b0:400d:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012405231944000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c03::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3ef0328b9e699304f321dac58d3f7aaeae3203bfdb04f1c3c85990d4b5d1b70

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://beneficios.dudabasic.shop/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 03 Jun 2024 23:39:54 GMT
age: 327514
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56221
x-xss-protection: 0
server: sffe
etag: "4f8c718905502572"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 03 Jun 2025 23:39:54 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012405231944000/v0/ Frame C237 15 KB
5 KB 685ms
223ms Script
text/javascript 2607:f8b0:400d:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012405231944000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c03::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6254fb3bab91044c5237f2337add838f4aa853f30b4dae6725b61acd95d6b33

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://beneficios.dudabasic.shop/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 06 Jun 2024 06:08:07 GMT
age: 131421
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5215
x-xss-protection: 0
server: sffe
etag: "520f632e10627ab5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 06 Jun 2025 06:08:07 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012405231944000/v0/ Frame C237 95 KB
28 KB 721ms
259ms Script
text/javascript 2607:f8b0:400d:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012405231944000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c03::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b003c20bcde948b63be4c022ab5c4d83c1a639f6ac2d658839fdcc2a955670f6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://beneficios.dudabasic.shop/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Jun 2024 08:12:34 GMT
age: 210354
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29049
x-xss-protection: 0
server: sffe
etag: "d2ee33e5ff8fd311"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 05 Jun 2025 08:12:34 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012405231944000/v0/ Frame C237 5 KB
2 KB 688ms
226ms Script
text/javascript 2607:f8b0:400d:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012405231944000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c03::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d7f525f2da6e73de996f39ecc0d200f1a6c8e2555dbc5d9022e677f2be3d9f9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://beneficios.dudabasic.shop/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 07 Jun 2024 06:03:17 GMT
age: 45311
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1909
x-xss-protection: 0
server: sffe
etag: "bfb34e064e92ea30"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 07 Jun 2025 06:03:17 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012405231944000/v0/ Frame C237 40 KB
13 KB 689ms
228ms Script
text/javascript 2607:f8b0:400d:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012405231944000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c03::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5474849a40cebcdaf1d26ef7b09c19033284aa51a6ac0ebdb95ac7736cc59c22

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://beneficios.dudabasic.shop/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 06 Jun 2024 08:46:48 GMT
age: 121900
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12965
x-xss-protection: 0
server: sffe
etag: "35ded0b44597563f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 06 Jun 2025 08:46:48 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame C237 4 KB
1 KB 562ms
157ms Stylesheet
text/css 2607:f8b0:400d:c00::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c00::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

396bd1ab182a204c8c227c5d6aef6cbe3a3481500e816635b408da715695dfa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://beneficios.dudabasic.shop/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 07 Jun 2024 18:38:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 07 Jun 2024 17:20:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 Jun 2024 18:38:28 GMT

GET
H2 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame C237 3 KB
3 KB 555ms
149ms Image
image/png 2607:f8b0:400d:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: beneficios.dudabasic.shop
URL: https://beneficios.dudabasic.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c03::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://beneficios.dudabasic.shop/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 00:39:14 GMT
x-content-type-options: nosniff
server: cafe
age: 64754
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2886
x-xss-protection: 0
expires: Sat, 08 Jun 2024 00:39:14 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame C237 344 B
714 B 554ms
148ms Image
image/png 2607:f8b0:400d:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: beneficios.dudabasic.shop
URL: https://beneficios.dudabasic.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c03::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://beneficios.dudabasic.shop/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 10:19:23 GMT
x-content-type-options: nosniff
server: cafe
age: 29945
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Sat, 08 Jun 2024 10:19:23 GMT

GET
H2 200 container.html
07c1ae8c9524276bad4fdd08eed152ca.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D8AA 0
0 0ms
0ms Document
text/html 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://07c1ae8c9524276bad4fdd08eed152ca.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://beneficios.dudabasic.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 07 Jun 2024 18:38:27 GMT
expires: Fri, 07 Jun 2024 18:38:27 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 1020ms
601ms XHR
application/json 2607:f8b0:400d:c0d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202406030101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::9d Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b25453eaedf4b8c13297c1e1f968e617e61410dca0ae30374e5090f52a5c874c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://beneficios.dudabasic.shop/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 18:38:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12670
x-xss-protection: 0

GET
H2 200 default-favicon.svg
beneficios.dudabasic.shop/wp-content/themes/twint/assets/img/ 3 KB
2 KB 86ms
85ms Other
image/svg+xml 144.217.224.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://beneficios.dudabasic.shop/wp-content/themes/twint/assets/img/default-favicon.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.217.224.161 Beauharnois, Canada, ASN16276 (OVH, FR),

Reverse DNS

ip161.ip-144-217-224.net

Software

freenginx / PortoFacil.net

Resource Hash

24032b87796f09ce8df79374e3d9dc5a6ebfee8652e2f37024b59987f588206c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://beneficios.dudabasic.shop/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 18:38:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 05 Jun 2024 13:12:18 GMT
server: freenginx
etag: W/"66606432-ab7"
x-powered-by: PortoFacil.net
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
x-download-options: noopen
cache-control: max-age=2592000, public
x-xss-protection: 1; mode=block
expires: Sun, 07 Jul 2024 18:38:29 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 121ms
120ms Script
text/javascript 2607:f8b0:400d:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c03::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://beneficios.dudabasic.shop/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 18:38:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 07 Jun 2024 18:38:30 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BFE9 0
0 123ms
120ms Document
text/html 2607:f8b0:400d:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c03::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://beneficios.dudabasic.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 267066
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 04 Jun 2024 16:27:24 GMT
expires: Wed, 04 Jun 2025 16:27:24 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame 7E92 0
0 549ms
131ms Document
text/html 2607:f8b0:4004:c06::67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::67 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ByueORRuJ-x9HYdhupNuuA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://beneficios.dudabasic.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-ByueORRuJ-x9HYdhupNuuA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 07 Jun 2024 18:38:30 GMT
expires: Fri, 07 Jun 2024 18:38:30 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 admin-ajax.php Show response
beneficios.dudabasic.shop/wp-admin/ 0
431 B 133ms
132ms Fetch
text/html 144.217.224.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://beneficios.dudabasic.shop/wp-admin/admin-ajax.php

Requested by

Host: beneficios.dudabasic.shop
URL: https://beneficios.dudabasic.shop/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.217.224.161 Beauharnois, Canada, ASN16276 (OVH, FR),

Reverse DNS

ip161.ip-144-217-224.net

Software

freenginx / PortoFacil.net

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://beneficios.dudabasic.shop/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 07 Jun 2024 18:38:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: PortoFacil.net
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: freenginx
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://beneficios.dudabasic.shop
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202406030101&jk=4043061449974688&bg=!4-Cl4K_NAAb64txl2uI7ADQBe5WfOH0WVtxKBZxmzOtXUR6jkOH4ZjpD_K44LTDY8ryy1yhZg99t5oVTFVdrxptf0-4jAgAAAFNSAAAABmgBB34ANTe66HvQRGdjIe7lUJT3pbFgR8eNiYIXFQJrJy6i0CpB18Ck-IZEHdS7RTTNu9VjZbg4ngG-CgCEVEzmaoVwOuxlKGNNo5pfPu1A9TczSgS3cGozUBAmIvHpbuMIGBhXAcP2LBTjgGN0ed7KUwIM-wx5CO80TgfRqr-seU3snXOx9y7lcW76fgDxlmF84EQw-1tMdhSRC8TiQtjazqcTxfI6TLa5Nnxi23-RdFT7IXC-p8L0b8lGZcmyc0qGmQKjU_bbhzIZ8VUTe3Ps2wzoVkpIOumiKzzucFcBqoO7YS8K2tYlhTMdrVbxd7c-SA-FooQGkzGCfxQUeM4n3Y8Okh6w7ncAjQvKv4r0s4Rjsd-dxSfZH9CkwUuym0tMgqF_K3GNEO0csMdWB2CsCxiBBcsomt5mQ8YIdRT_yHNp0311svxsq4NlWbwpmBlqbpTbqzG6MdHSx3gVewSCC3KsVe6jZtqGU8RgJSQpBPBM8nkhks44XnpvzLlG8YMMhSvIfOcEbmadKamMxSuN_guxwvrSwidoDBpIt8MzqtLA-O3GzBV3itNgVsNYlaXQYwu9B3jq5nfyDAwV7GLp3_Phkk8JbO7P5c3IXw9XbNVaK9buO2aGyuBTNXr6t3oxZ6qWevW8WnxgvrhVT4u1xZPt0wjjUYINx7Ht1GTGx_HvfzwxR4Es1eoVVifVavJF8Nfqy-WYXubfgc-_WFotQZljWs3pUFLoIOmkXTMBoFO4uSdvxWHoggw365wvfj1RDTc6lXATJyAYwWLAccoGH_hQT2wRIPQfYhTYvFTkoKaq35U4OoPoX6TFqSfiKlTDTe99E2Phr_e7yRQ1nTJizPTV02wZ9awVqozJoWpMF-k9kTxC6o77gMgdEcPhWmYXnQKmckWtlZx4oue_lET8MhjkvHMHm1QqpfIvFlI4Ctllaw1ZMLeiEMEVUqiA37HKOhO4G8w1pZ77Wh0ZK64zj1zK4qk9aqqxXJlcNdQh2L_NgmZXe7xZ3IymzOixD1EGKgYciAASzTF7-AXP6wXpFTWU6cK7e35iZ0FvMzxm2xCLW4oVjqUWHdQWd6p2f5zkvhFyV5TpQDiYV6BxLbwOPvuHbMqQ__LV6vm0uZICJdUBzisvTLd9YWw3mVTJ9DEA6ZQF0O85

Verdicts & Comments Add Verdict or Comment

120 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.dudabasic.shop/	1970-01-20 23:19:21	Name: _fbp Value: fb.1.1717785507117.499564902470127568
.doubleclick.net/	1970-01-20 21:09:46	Name: test_cookie Value: CheckForPermission
.dudabasic.shop/	1970-01-21 06:31:21	Name: __gads Value: ID=d939e6798767d065:T=1717785507:RT=1717785507:S=ALNI_MY81n4OOa0NY37ha7Yjs2Jx8BEo8g
.dudabasic.shop/	1970-01-21 06:31:21	Name: __gpi Value: UID=00000e3b3e595a63:T=1717785507:RT=1717785507:S=ALNI_MasjnFK_PTmgWa_vIGaF_uZNUIV0A
.dudabasic.shop/	1970-01-21 01:28:57	Name: __eoi Value: ID=658e5fab82f872cf:T=1717785507:RT=1717785507:S=AA-AfjbrS2rj7GACqdHDD6LS8sFA

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://beneficios.dudabasic.shop/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://beneficios.dudabasic.shop/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

07c1ae8c9524276bad4fdd08eed152ca.safeframe.googlesyndication.com
beneficios.dudabasic.shop
cdn.ampproject.org
connect.facebook.net
fonts.googleapis.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.facebook.com
www.google.com
pagead2.googlesyndication.com
144.217.224.161
2607:f8b0:4004:c06::67
2607:f8b0:4004:c08::84
2607:f8b0:400d:c00::5f
2607:f8b0:400d:c03::84
2607:f8b0:400d:c0b::9d
2607:f8b0:400d:c0d::9d
2a03:2880:f003:c0e:face:b00c:0:3
2a03:2880:f103:83:face:b00c:0:25de
031e2a0e3c7f1d61ab244f67be431c47099d47aabd594421984895462e6e518c
0c5c78b5896f04f492fe7e5dbde4a93900658e3dc692cb3f0d4ff5f271df24f4
0d5eff912a91d6af949e6098f27d37e4ae56863984f22a1ee3e14575b58c8cf5
1bfcb305b0b14616019bbe1b9963e8282adf82e2f9c08be588b5fab31e7f469c
238471b5f6cdbff6ab8cf75252ac0149dd6c21b70e287580845d95d4cfb4b8ea
24032b87796f09ce8df79374e3d9dc5a6ebfee8652e2f37024b59987f588206c
25e7064fc272c129969813106fbe4ec649453f547d22981aef48eb242d892c31
2855ff5c46350c3be41fbe98fe7845400a446d9247bbd9cdb48a1b64f61db296
36e6d6ae4a8c6cf356c4aee5a9e1a259bda39250bc467496a51aca95355b39ea
396bd1ab182a204c8c227c5d6aef6cbe3a3481500e816635b408da715695dfa1
3d7f525f2da6e73de996f39ecc0d200f1a6c8e2555dbc5d9022e677f2be3d9f9
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
53b58f6483a71ddf88a0303158fc198c57fda03646c53d96ba36a8d8391624c1
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
5474849a40cebcdaf1d26ef7b09c19033284aa51a6ac0ebdb95ac7736cc59c22
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
66e8fb89239ac52484e5259fefcfc3cc43518d9498a2a5294a0ceb87f95b2dfc
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c
897a257cd91010b5611de23a25a26264e8192c6d6d4c2a539ce27478be8adcf2
92c107c9921f0b08482e5abff8daa0ed6ed30386ad3e38a9ad9f89fecf9f9de9
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
99d4cecc79bc17f676c86514cb02535291e36ae33c21d15c850a4487bbe0e8ea
99e691fae5e88eb36bafb24758b35f0f990708295f8f2abe2221891e328f776a
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b003c20bcde948b63be4c022ab5c4d83c1a639f6ac2d658839fdcc2a955670f6
b25453eaedf4b8c13297c1e1f968e617e61410dca0ae30374e5090f52a5c874c
cd9c19420d56ef56c0f117c27e2c53c34473cda118aa3ed62ea450c40ec6e68d
d3ef0328b9e699304f321dac58d3f7aaeae3203bfdb04f1c3c85990d4b5d1b70
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51779232bd225c517b04715e1e8f12e67baa5ca33d586be5a90b50f43911f55
ec7edec69a8c9ca681610acbd2fae3be59e686576c3129a19c5ad26392d34def
f6254fb3bab91044c5237f2337add838f4aa853f30b4dae6725b61acd95d6b33
fb1e9574b097e7e8c86577ea959e36220e65553c96369fc15e98ba6414982e84
fdf830b529e63c3dde55f773977bab2d3e79df92d3ea23dabb6e0b24cda4f431

beneficios.dudabasic.shop Open in urlscan Pro 144.217.224.161 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

46 Requests

96 %HTTPS

89 %IPv6

8 Domains

10 Subdomains

10 IPs

2 Countries

750 kBTransfer

2257 kBSize

5 Cookies

0 Outgoing links

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

beneficios.dudabasic.shop Open in urlscan Pro
144.217.224.161 Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

96 %
HTTPS

89 %
IPv6

8
Domains

10
Subdomains

10
IPs

2
Countries

750 kB
Transfer

2257 kB
Size

5
Cookies

46 HTTP transactions
0 data transactions