Submitted URL: https://www.lovenoronha.com.br.metodoaprovacaoimediata.com/
Effective URL: https://lovenoronha.com.br/
Submission Tags: @phishunt_io
Submission: On June 10 via api from DE — Scanned from DE

Summary

This website contacted 60 IPs in 8 countries across 49 domains to perform 167 HTTP transactions. The main IP is 162.241.62.70, located in United States and belongs to OIS1, US. The main domain is lovenoronha.com.br.
TLS certificate: Issued by R3 on June 10th 2022. Valid for: 3 months.
This is the only time lovenoronha.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 35 162.241.62.70 26337 (OIS1)
1 2606:4700::68... 13335 (CLOUDFLAR...)
23 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 162.159.128.61 13335 (CLOUDFLAR...)
5 151.101.114.109 54113 (FASTLY)
1 162.159.138.60 13335 (CLOUDFLAR...)
2 34.120.202.204 396982 (GOOGLE-CL...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:440... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 35.186.220.184 15169 (GOOGLE)
2 34.199.45.141 14618 (AMAZON-AES)
2 4 142.250.185.162 15169 (GOOGLE)
1 2 142.250.185.70 15169 (GOOGLE)
1 2a02:26f0:ef:... 20940 (AKAMAI-ASN1)
3 2a03:2880:f01... 32934 (FACEBOOK)
1 5 185.184.10.30 203690 (RTB-HOUSE...)
17 23.36.163.241 20940 (AKAMAI-ASN1)
4 13.225.84.64 16509 (AMAZON-02)
2 2 2620:1ec:22::14 8068 (MICROSOFT...)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.43.14 8068 (MICROSOFT...)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a03:2880:f11... 32934 (FACEBOOK)
1 3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 35.223.116.65 15169 (GOOGLE)
1 2a02:2638::3 44788 (ASN-CRITE...)
3 4 2a02:2638::1c 44788 (ASN-CRITE...)
1 1 185.184.8.90 204995 (RTB-HOUSE...)
1 178.250.0.157 44788 (ASN-CRITE...)
1 1 178.250.0.163 44788 (ASN-CRITE...)
1 74.119.119.150 19750 (AS-CRITEO)
1 34.68.90.188 15169 (GOOGLE)
4 4 37.252.172.38 29990 (ASN-APPNEX)
3 178.250.2.151 44788 (ASN-CRITE...)
2 3 185.33.221.119 29990 (ASN-APPNEX)
1 3 3.120.99.209 16509 (AMAZON-02)
1 185.255.84.153 200271 (IGUANE-)
1 2 23.35.228.247 16625 (AKAMAI-AS)
1 2 54.155.185.156 16509 (AMAZON-02)
1 35.244.174.68 15169 (GOOGLE)
1 2.18.235.93 16625 (AKAMAI-AS)
1 3.120.22.117 16509 (AMAZON-02)
1 64.202.112.223 22075 (AS-OUTBRAIN)
1 104.36.113.107 62713 (AS-PUBMATIC)
1 69.173.144.138 26667 (RUBICONPR...)
1 18.158.161.157 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
1 185.86.137.110 201081 (SMARTADSE...)
1 141.226.228.48 200478 (TABOOLA-AS)
1 104.111.242.245 16625 (AKAMAI-AS)
1 13.248.245.213 16509 (AMAZON-02)
1 2 18.193.50.241 16509 (AMAZON-02)
2 2a00:1288:80:... 203220 (YAHOO-DEB)
1 2 18.156.0.31 16509 (AMAZON-02)
2 96.16.132.239 16625 (AKAMAI-AS)
2 54.194.230.185 16509 (AMAZON-02)
1 2 34.253.148.205 16509 (AMAZON-02)
167 60
Apex Domain
Subdomains
Transfer
34 lovenoronha.com.br
lovenoronha.com.br
6 MB
23 sympla.com.br
www.sympla.com.br — Cisco Umbrella Rank: 471536
354 KB
17 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 1000
86 KB
10 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 381
mug.criteo.com — Cisco Umbrella Rank: 2914
sslwidget.criteo.com — Cisco Umbrella Rank: 1589
widget.us.criteo.com — Cisco Umbrella Rank: 16956
dis.criteo.com — Cisco Umbrella Rank: 717
19 KB
7 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 231
secure.adnxs.com — Cisco Umbrella Rank: 399
7 KB
7 doubleclick.net
11359555.fls.doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 48
cm.g.doubleclick.net — Cisco Umbrella Rank: 206
5 KB
7 vimeocdn.com
i.vimeocdn.com — Cisco Umbrella Rank: 2945
f.vimeocdn.com — Cisco Umbrella Rank: 3083
fresnel.vimeocdn.com — Cisco Umbrella Rank: 2969
241 KB
6 creativecdn.com
us.creativecdn.com — Cisco Umbrella Rank: 3504
cm.creativecdn.com — Cisco Umbrella Rank: 8671
ash.creativecdn.com — Cisco Umbrella Rank: 10007
fledge-usa.creativecdn.com — Cisco Umbrella Rank: 10256
3 KB
5 gstatic.com
fonts.gstatic.com
303 KB
4 yahoo.com
ads.yahoo.com — Cisco Umbrella Rank: 1078
ups.analytics.yahoo.com — Cisco Umbrella Rank: 290
717 B
4 google.de
www.google.de — Cisco Umbrella Rank: 5859
adservice.google.de — Cisco Umbrella Rank: 8201
2 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 97
564 B
4 google.com
adservice.google.com — Cisco Umbrella Rank: 82
www.google.com — Cisco Umbrella Rank: 4
2 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 315
www.linkedin.com — Cisco Umbrella Rank: 482
px4.ads.linkedin.com — Cisco Umbrella Rank: 5732
3 KB
4 cloudfront.net
d335luupugsy2.cloudfront.net
60 KB
4 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 294
fonts.googleapis.com — Cisco Umbrella Rank: 55
33 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 286
1 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 152
194 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 194
2 KB
2 yieldmo.com
sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 1897
439 B
2 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 3325
1 KB
2 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 474
599 B
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 642
851 B
2 casalemedia.com
r.casalemedia.com — Cisco Umbrella Rank: 1518
2 KB
2 rdstation.com.br
pageview-notify.rdstation.com.br — Cisco Umbrella Rank: 88551
popups.rdstation.com.br — Cisco Umbrella Rank: 64668
769 B
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 127
16 KB
2 igodigital.com
534001996.collect.igodigital.com
nova.collect.igodigital.com — Cisco Umbrella Rank: 4348
3 KB
2 px-cloud.net
collector-pxnjo03l5c.px-cloud.net
1 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 80
164 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 47
21 KB
2 vimeo.com
player.vimeo.com — Cisco Umbrella Rank: 1723
vimeo.com — Cisco Umbrella Rank: 1591
10 KB
1 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 387
140 B
1 teads.tv
criteo-sync.teads.tv — Cisco Umbrella Rank: 1690
172 B
1 taboola.com
sync-t1.taboola.com — Cisco Umbrella Rank: 1209
99 B
1 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 615
163 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 736
238 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 600
262 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 321
239 B
1 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 607
577 B
1 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 730
476 B
1 mediavine.com
exchange.mediavine.com — Cisco Umbrella Rank: 1355
40 B
1 media.net
contextual.media.net — Cisco Umbrella Rank: 519
783 B
1 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 317
98 B
1 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 1481
235 B
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 613
14 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 775
3 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1254
5 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 223
11 KB
1 metodoaprovacaoimediata.com
www.lovenoronha.com.br.metodoaprovacaoimediata.com
122 B
167 49
Domain Requested by
34 lovenoronha.com.br lovenoronha.com.br
23 www.sympla.com.br lovenoronha.com.br
www.sympla.com.br
static.cloudflareinsights.com
17 analytics.tiktok.com lovenoronha.com.br
analytics.tiktok.com
5 fonts.gstatic.com lovenoronha.com.br
fonts.googleapis.com
4 ib.adnxs.com 4 redirects
4 gum.criteo.com 3 redirects static.criteo.net
4 www.facebook.com www.sympla.com.br
4 d335luupugsy2.cloudfront.net www.googletagmanager.com
d335luupugsy2.cloudfront.net
3 x.bidswitch.net 1 redirects
3 secure.adnxs.com 2 redirects
3 dis.criteo.com
3 www.google.de www.sympla.com.br
3 www.google.com 1 redirects www.sympla.com.br
3 googleads.g.doubleclick.net 1 redirects www.googleadservices.com
3 us.creativecdn.com 1 redirects www.googletagmanager.com
3 connect.facebook.net lovenoronha.com.br
connect.facebook.net
3 fonts.googleapis.com www.sympla.com.br
3 f.vimeocdn.com player.vimeo.com
2 dpm.demdex.net 1 redirects
2 sync-criteo.ads.yieldmo.com
2 ad.yieldlab.net
2 ups.analytics.yahoo.com 1 redirects
2 ads.yahoo.com
2 pixel.advertising.com 1 redirects
2 ad.360yield.com 1 redirects
2 r.casalemedia.com 1 redirects
2 cm.g.doubleclick.net 2 redirects
2 px.ads.linkedin.com 2 redirects
2 11359555.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 www.googleadservices.com www.googletagmanager.com
www.googleadservices.com
2 collector-pxnjo03l5c.px-cloud.net www.sympla.com.br
2 www.googletagmanager.com www.sympla.com.br
www.googletagmanager.com
2 www.google-analytics.com www.sympla.com.br
www.google-analytics.com
2 fresnel.vimeocdn.com f.vimeocdn.com
2 i.vimeocdn.com player.vimeo.com
1 eb2.3lift.com
1 criteo-sync.teads.tv
1 sync-t1.taboola.com
1 rtb-csync.smartadserver.com
1 s.ad.smaato.net
1 match.sharethrough.com
1 pixel.rubiconproject.com
1 simage2.pubmatic.com
1 sync.outbrain.com
1 exchange.mediavine.com
1 contextual.media.net
1 idsync.rlcdn.com
1 visitor.omnitagjs.com
1 popups.rdstation.com.br d335luupugsy2.cloudfront.net
1 widget.us.criteo.com
1 sslwidget.criteo.com 1 redirects
1 mug.criteo.com
1 fledge-usa.creativecdn.com us.creativecdn.com
1 ash.creativecdn.com us.creativecdn.com
1 cm.creativecdn.com 1 redirects
1 static.criteo.net www.googletagmanager.com
1 pageview-notify.rdstation.com.br d335luupugsy2.cloudfront.net
1 nova.collect.igodigital.com www.sympla.com.br
1 adservice.google.de adservice.google.com
1 adservice.google.com 11359555.fls.doubleclick.net
1 px4.ads.linkedin.com www.sympla.com.br
1 www.linkedin.com 1 redirects
1 snap.licdn.com www.googletagmanager.com
1 534001996.collect.igodigital.com www.googletagmanager.com
1 static.cloudflareinsights.com www.sympla.com.br
1 vimeo.com f.vimeocdn.com
1 player.vimeo.com lovenoronha.com.br
1 ajax.googleapis.com lovenoronha.com.br
1 cdnjs.cloudflare.com lovenoronha.com.br
1 www.lovenoronha.com.br.metodoaprovacaoimediata.com 1 redirects
167 70

This site contains links to these domains. Also see Links.

Domain
www.lovenoronha.com.br
spotify.link
api.whatsapp.com
clubmetropole.fun
Subject Issuer Validity Valid
www.lovenoronha.com.br.metodoaprovacaoimediata.com
R3
2022-06-10 -
2022-09-08
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-09-21 -
2022-09-20
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-05-25 -
2022-08-17
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-05-25 -
2022-08-17
3 months crt.sh
*.vimeocdn.com
GlobalSign Atlas R3 DV TLS CA 2022 Q2
2022-05-17 -
2023-06-18
a year crt.sh
vimeo.com
Cloudflare Inc ECC CA-3
2022-03-18 -
2023-03-17
a year crt.sh
fresnel.vimeocdn.com
GTS CA 1D4
2022-06-07 -
2022-09-05
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-05-25 -
2022-08-17
3 months crt.sh
*.px-cloud.net
Sectigo RSA Domain Validation Secure Server CA
2021-09-01 -
2022-09-30
a year crt.sh
*.collect.igodigital.com
Amazon
2022-01-13 -
2023-02-11
a year crt.sh
www.googleadservices.com
GTS CA 1C3
2022-05-25 -
2022-08-17
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2022-05-25 -
2022-08-17
3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA
2022-03-01 -
2023-03-01
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-03-19 -
2022-06-17
3 months crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2022-03-17 -
2023-04-12
a year crt.sh
*.tiktok.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2021-12-13 -
2023-01-13
a year crt.sh
*.cloudfront.net
Amazon
2022-02-01 -
2023-01-31
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-05-25 -
2022-08-17
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2022-05-25 -
2022-08-17
3 months crt.sh
*.google.com
GTS CA 1C3
2022-05-25 -
2022-08-17
3 months crt.sh
www.google.com
GTS CA 1C3
2022-05-09 -
2022-08-01
3 months crt.sh
www.google.de
GTS CA 1C3
2022-05-09 -
2022-08-01
3 months crt.sh
*.google.de
GTS CA 1C3
2022-05-25 -
2022-08-17
3 months crt.sh
*.rdstation.com.br
Sectigo RSA Domain Validation Secure Server CA
2020-06-04 -
2022-09-06
2 years crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-04-11 -
2022-07-13
3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-04-11 -
2022-07-07
3 months crt.sh
popups.rdstation.com.br
R3
2022-04-18 -
2022-07-17
3 months crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA
2021-05-24 -
2022-06-23
a year crt.sh
*.media.net
DigiCert SHA2 Secure Server CA
2022-02-20 -
2023-02-22
a year crt.sh
exchange.mediavine.com
Amazon
2021-08-05 -
2022-09-03
a year crt.sh
*.outbrain.com
Thawte RSA CA 2018
2021-10-24 -
2022-11-24
a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2021-08-04 -
2022-09-04
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2022-03-08 -
2023-04-04
a year crt.sh
*.sharethrough.com
Amazon
2021-08-13 -
2022-09-11
a year crt.sh
s.ad.smaato.net
Amazon
2021-09-21 -
2022-10-20
a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-01-25 -
2023-01-25
a year crt.sh
*.taboola.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2021-11-28 -
2022-12-29
a year crt.sh
teads.tv
R3
2022-06-01 -
2022-08-30
3 months crt.sh
*.3lift.com
Amazon
2022-05-13 -
2023-06-11
a year crt.sh
ui.aps.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-06-06 -
2022-07-27
2 months crt.sh
*.yieldlab.net
DigiCert SHA2 Secure Server CA
2022-01-14 -
2023-01-13
a year crt.sh
*.ads.yieldmo.com
Amazon
2022-06-02 -
2023-07-01
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2022-02-11 -
2023-03-14
a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2022-04-05 -
2023-05-04
a year crt.sh

This page contains 11 frames:

Primary Page: https://lovenoronha.com.br/
Frame ID: 026AFBB21FA439AC0D9C02BF175182CE
Requests: 41 HTTP requests in this frame

Frame: https://www.sympla.com.br/tickets-grid-widget?eid=1380392&lang=pt
Frame ID: B88B818E63FC06C0A88E9CEF00A637C7
Requests: 79 HTTP requests in this frame

Frame: https://player.vimeo.com/video/679124339?color=EA0303&autopause=0&loop=0&muted=0&title=0&portrait=0&byline=0&h=113771cdfc
Frame ID: AC67B9D375C14F784050CC9055433BDE
Requests: 9 HTTP requests in this frame

Frame: https://11359555.fls.doubleclick.net/activityi;dc_pre=CMzx9-7aovgCFeAbBgAd1zYOhw;src=11359555;type=sympl0;cat=babel0;ord=7760886358714;gtm=2wg680;~oref=https%3A%2F%2Fwww.sympla.com.br%2Ftickets-grid-widget%3Feid%3D1380392%26lang%3Dpt
Frame ID: EAEC61D17C2692D168E7E61F154FB88C
Requests: 1 HTTP requests in this frame

Frame: https://us.creativecdn.com/tags?id=pr_03HBRjBnVKoBxajxcU4s&ncm=1&tc=1
Frame ID: E9A464B80EFAF7494828D18393F46928
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CMzx9-7aovgCFeAbBgAd1zYOhw;src=11359555;type=sympl0;cat=babel0;ord=7760886358714;gtm=2wg680;~oref=https%3A%2F%2Fwww.sympla.com.br%2Ftickets-grid-widget%3Feid%3D1380392%26lang%3Dpt
Frame ID: FB529F1AE79A94BCAF86E10FC5171866
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CMzx9-7aovgCFeAbBgAd1zYOhw;src=11359555;type=sympl0;cat=babel0;ord=7760886358714;gtm=2wg680;~oref=https%3A%2F%2Fwww.sympla.com.br%2Ftickets-grid-widget%3Feid%3D1380392%26lang%3Dpt
Frame ID: 8EA6ACC46A6451CF78AA4BC1EA8D6C7A
Requests: 1 HTTP requests in this frame

Frame: https://us.creativecdn.com/tags?id=pr_03HBRjBnVKoBxajxcU4s_offer_1380392
Frame ID: A565403CE129F582A02FC6A744C53134
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=lovenoronha.com.br&origin=onetag
Frame ID: CC212144D02AAC543493596E3E6F542C
Requests: 2 HTTP requests in this frame

Frame: https://fledge-usa.creativecdn.com/fledge-igmembership?ntk=hcCawA0OuhoZxaziOkh9JzZrjislagP5k3Aq-k-vAcxqYcRxcqGiJ5UrpmlDEQP6pYaS2O8hIHk-J60NXoI5Og
Frame ID: A0652C2A920AAFF9DEC7A9FC763942F5
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3771749925733465598
Frame ID: D19F141FFE4D41065A193B008A45C1CF
Requests: 30 HTTP requests in this frame

Screenshot

Page Title

Festival Love Noronha – O Maior Festival de Turiso LGBTQIA+

Page URL History Show full URLs

  1. https://www.lovenoronha.com.br.metodoaprovacaoimediata.com/ HTTP 301
    https://lovenoronha.com.br/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • //static\.criteo\.net/js/ld/ld\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • d335luupugsy2\.cloudfront\.net/js/loader-scripts/.*-loader\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

167
Requests

91 %
HTTPS

34 %
IPv6

49
Domains

70
Subdomains

60
IPs

8
Countries

8163 kB
Transfer

13457 kB
Size

50
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.lovenoronha.com.br.metodoaprovacaoimediata.com/ HTTP 301
    https://lovenoronha.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 82
  • https://11359555.fls.doubleclick.net/activityi;src=11359555;type=sympl0;cat=babel0;ord=7760886358714;gtm=2wg680;~oref=https%3A%2F%2Fwww.sympla.com.br%2Ftickets-grid-widget%3Feid%3D1380392%26lang%3Dpt HTTP 302
  • https://11359555.fls.doubleclick.net/activityi;dc_pre=CMzx9-7aovgCFeAbBgAd1zYOhw;src=11359555;type=sympl0;cat=babel0;ord=7760886358714;gtm=2wg680;~oref=https%3A%2F%2Fwww.sympla.com.br%2Ftickets-grid-widget%3Feid%3D1380392%26lang%3Dpt
Request Chain 85
  • https://us.creativecdn.com/tags?id=pr_03HBRjBnVKoBxajxcU4s&ncm=1 HTTP 302
  • https://us.creativecdn.com/tags?id=pr_03HBRjBnVKoBxajxcU4s&ncm=1&tc=1
Request Chain 90
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3958321&time=1654858109890&url=https%3A%2F%2Flovenoronha.com.br%2F HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3958321%26time%3D1654858109890%26url%3Dhttps%253A%252F%252Flovenoronha.com.br%252F%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3958321&time=1654858109890&url=https%3A%2F%2Flovenoronha.com.br%2F&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3958321&time=1654858109890&url=https%3A%2F%2Flovenoronha.com.br%2F&liSync=true&e_ipv6=AQLkS8drHMf5AAAAAYFNOtqBlHnkVDSYEX4gWU0BE5sAFt-Ey5AgQTYLaPM8Ovtv
Request Chain 108
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/388744662/?random=144128640&cv=9&fst=1654858109896&num=1&value=0&label=_gCLCPLQgIwDENaLr7kB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg680&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fwww.sympla.com.br%2Ftickets-grid-widget%3Feid%3D1380392%26lang%3Dpt&ref=https%3A%2F%2Flovenoronha.com.br%2F&tiba=Sympla%20Widget%20-%20LOVE%20NORONHA%202022&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=fyGjYvX4DvyR9fgPsKKhmAM&sscte=1&crd=&eitems=ChAI8NeLlQYQx_Gc1vzm3P1pEh0Ap_IpXn-vOsV5QMvOPXJf_usH1rWxwfrwiCeobw HTTP 302
  • https://www.google.com/pagead/1p-conversion/388744662/?random=144128640&cv=9&fst=1654858109896&num=1&value=0&label=_gCLCPLQgIwDENaLr7kB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg680&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fwww.sympla.com.br%2Ftickets-grid-widget%3Feid%3D1380392%26lang%3Dpt&ref=https%3A%2F%2Flovenoronha.com.br%2F&tiba=Sympla%20Widget%20-%20LOVE%20NORONHA%202022&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=fyGjYvX4DvyR9fgPsKKhmAM&cid=CAQSKQCNIrLMIGCOXM-Nrh_KO_1T-hozHY1eD_5JoaFnPk6_Rz-gFqNUm8NE&eitems=ChAI8NeLlQYQx_Gc1vzm3P1pEh0Ap_IpXnQgtZRYflrGrF9gfyvT_ZCzPq_-iJREsg&random=2693627345&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/388744662/?random=144128640&cv=9&fst=1654858109896&num=1&value=0&label=_gCLCPLQgIwDENaLr7kB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg680&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fwww.sympla.com.br%2Ftickets-grid-widget%3Feid%3D1380392%26lang%3Dpt&ref=https%3A%2F%2Flovenoronha.com.br%2F&tiba=Sympla%20Widget%20-%20LOVE%20NORONHA%202022&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=fyGjYvX4DvyR9fgPsKKhmAM&cid=CAQSKQCNIrLMIGCOXM-Nrh_KO_1T-hozHY1eD_5JoaFnPk6_Rz-gFqNUm8NE&eitems=ChAI8NeLlQYQx_Gc1vzm3P1pEh0Ap_IpXnQgtZRYflrGrF9gfyvT_ZCzPq_-iJREsg&random=2693627345&resp=GooglemKTybQhCsO&ipr=y&prhg=0
Request Chain 131
  • https://cm.g.doubleclick.net/pixel?google_nid=rtb_house&google_cm&google_sc&google_ula=5153224&google_hm=OFhzUldXbTRKdnJrd3NxTUJoTE0%3D&pi=adx&tdc=ash&chain= HTTP 302
  • https://cm.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ash&chain=&google_gid=CAESECvCr4v9ptfHIga8f6JK_Go&google_cver=1&google_ula=5153224,0 HTTP 302
  • https://ash.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ash&chain=&google_gid=CAESECvCr4v9ptfHIga8f6JK_Go&google_cver=1&google_ula=5153224,0
Request Chain 133
  • https://gum.criteo.com/sid/json?origin=onetag&domain=www.sympla.com.br&sn=ChromeSyncframe&so=0&topUrl=lovenoronha.com.br&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=SU0wtnxKdXg3ajc4NzdjanVqOWpwcDJOM0duSFZBT3RaamlGTGV0Vks1Yys4aC8zcC9iZkh5eStIcU9QaTBiYjdPcURQTERpTjhFQkpKamVvT3VIc3J0dXUwRTVXbGI0d0tQckxVR1NGcjFyalBEdVZOR0JHWlg1ejFtV0ZTUU5HTWlVcldybjFVaDFkWW1nZmxUY0NNd0xrWkk4QkIva29nOWU4bGlQY3ZRWU9zdlJ4RENycmJ1aVJUZnErNW8zcDdCZDJpRmNMc2gzZVJ1RG9mRDFoVndqM0NzT1MveHhNZFVhc3IvTUl6YTErcnFaa3A1bS9vTEpXVXZsM2VsSzVvbnp5YXFTcTI1YnNHSTd6VGVJZ3pYUnVJa1c3WTYwMHVrN3RzTWpLMEhGeHYvRT18&cppv=2
Request Chain 134
  • https://sslwidget.criteo.com/event?a=31969&v=5.11.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dm%26ref%3Dhttps%253A%252F%252Flovenoronha.com.br&p2=e%3Dvp%26p%3D1380392&p3=e%3Ddis&bundle=taaAHV9paU5GQUdmU1Q4OVRGTXlueWFBRXBTZ1pLRUJpMTFkbnBSVmtwSWVxRTFvY1RQd09Obk5xZkFxekolMkZ1c2NpRzVBb2VIV1JWb0pFR2dXbUY4VHQlMkJzJTJCUklzJTJCNElLWTBRdGg2MmpEJTJCdnEybjNRTzh4bWxlVzFRbFElMkJPZUNtYlNEQnplbDZRODZGSTNmdVdSMkFzZjIlMkJDTiUyRiUyRmFrc0ppd3hNVFBRblpORkMyUkElM0Q&tld=www.sympla.com.br&fu=https%3A%2F%2Flovenoronha.com.br&pu=https%3A%2F%2Flovenoronha.com.br&dtycbr=37743 HTTP 302
  • https://widget.us.criteo.com/event?a=31969&v=5.11.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dm%26ref%3Dhttps%253A%252F%252Flovenoronha.com.br&p2=e%3Dvp%26p%3D1380392&p3=e%3Ddis&bundle=taaAHV9paU5GQUdmU1Q4OVRGTXlueWFBRXBTZ1pLRUJpMTFkbnBSVmtwSWVxRTFvY1RQd09Obk5xZkFxekolMkZ1c2NpRzVBb2VIV1JWb0pFR2dXbUY4VHQlMkJzJTJCUklzJTJCNElLWTBRdGg2MmpEJTJCdnEybjNRTzh4bWxlVzFRbFElMkJPZUNtYlNEQnplbDZRODZGSTNmdVdSMkFzZjIlMkJDTiUyRiUyRmFrc0ppd3hNVFBRblpORkMyUkElM0Q&tld=www.sympla.com.br&fu=https%3A%2F%2Flovenoronha.com.br&pu=https%3A%2F%2Flovenoronha.com.br&dtycbr=37743
Request Chain 137
  • https://ib.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D95287%26redir%3Dhttps%253A%252F%252Fib.adnxs.com%252Fgetuid%253Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fappnexus%252Fcookiematch.aspx%253Fappnxsid%253D%2524UID HTTP 302
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3771749925733465598
Request Chain 138
  • https://secure.adnxs.com/seg?add=1005440&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D1005440%26redir%3Dhttps%253A%252F%252Fib.adnxs.com%252Fgetuid%253Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fappnexus%252Fcookiematch.aspx%253Fappnxsid%253D%2524UID HTTP 302
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3771749925733465598
Request Chain 139
  • https://x.bidswitch.net/sync?dsp_id=46&user_id=k-lqdP_tF26TtiyI1X2lsbUSKy49rNN6qFSyt6sg&expires=30 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-lqdP_tF26TtiyI1X2lsbUSKy49rNN6qFSyt6sg&expires=30
Request Chain 140
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-9R9B0NF26TtiyI1X2lsbUSKy49qJV2Cw7Ms_Qg&google_cm&google_hm=ay05UjlCME5GMjZUdGl5STFYMmxzYlVTS3k0OXFKVjJDdzdNc19RZw HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-9R9B0NF26TtiyI1X2lsbUSKy49qJV2Cw7Ms_Qg&google_gid=CAESECrkbeupBOe96y4eE6M-w4M&google_cver=1&google_ula=913071,0
Request Chain 142
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-jRL82NF26TtiyI1X2lsbUSKy49p1lHHX0oL-rQ HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-jRL82NF26TtiyI1X2lsbUSKy49p1lHHX0oL-rQ&C=1
Request Chain 143
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-iMbiddF26TtiyI1X2lsbUSKy49rVSx981QIOfQ HTTP 302
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-iMbiddF26TtiyI1X2lsbUSKy49rVSx981QIOfQ
Request Chain 144
  • https://gum.criteo.com/sync?c=6&r=1&k=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40 HTTP 302
  • https://idsync.rlcdn.com/397596.gif?partner_uid=YshQkuyIm84C-wIullzvXQuAcQaMauGu
Request Chain 156
  • https://pixel.advertising.com/ups/55945/sync?uid=k-A4wO9dF26TtiyI1X2lsbUSKy49pEC500dTPY6g&_origin=1 HTTP 302
  • https://pixel.advertising.com/ups/55945/sync?uid=k-A4wO9dF26TtiyI1X2lsbUSKy49pEC500dTPY6g&_origin=1&verify=true
Request Chain 158
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-_ehLxNF26TtiyI1X2lsbUSKy49qM6BpKT0yTgA HTTP 302
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-_ehLxNF26TtiyI1X2lsbUSKy49qM6BpKT0yTgA&verify=true
Request Chain 161
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=bpnx0FeUr6uq8GpmBq6LylLTiYddsLaf HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=bpnx0FeUr6uq8GpmBq6LylLTiYddsLaf

167 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
lovenoronha.com.br/
Redirect Chain
  • https://www.lovenoronha.com.br.metodoaprovacaoimediata.com/
  • https://lovenoronha.com.br/
86 KB
15 KB
Document
General
Full URL
https://lovenoronha.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.62.70 , United States, ASN26337 (OIS1, US),
Reverse DNS
162-241-62-70.unifiedlayer.com
Software
Apache /
Resource Hash
685d97c9d10a862d532d5873e2fa98feb3ed38be2d71c3d3fddbebfb0e286ecc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 10 Jun 2022 10:48:28 GMT
last-modified
Thu, 09 Jun 2022 15:19:55 GMT
server
Apache
wpo-cache-status
cached

Redirect headers

cache-control
no-cache
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 10 Jun 2022 10:48:28 GMT
location
https://lovenoronha.com.br/
server
Apache
x-redirect-by
WordPress
wpo-minify-header-08de198a.min.css
lovenoronha.com.br/wp-content/cache/wpo-minify/1654787369/assets/
95 KB
17 KB
Stylesheet
General
Full URL
https://lovenoronha.com.br/wp-content/cache/wpo-minify/1654787369/assets/wpo-minify-header-08de198a.min.css
Requested by
Host: lovenoronha.com.br
URL: https://lovenoronha.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.62.70 , United States, ASN26337 (OIS1, US),
Reverse DNS
162-241-62-70.unifiedlayer.com
Software
Apache /
Resource Hash
07d0ada1547cb7996fd32198b0b72cb691c928d54f4748deea65a5119c649f05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lovenoronha.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:29 GMT
content-encoding
gzip
last-modified
Thu, 09 Jun 2022 15:19:54 GMT
server
Apache
accept-ranges
bytes
vary
Accept-Encoding
content-type
text/css
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/
58 KB
11 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Requested by
Host: lovenoronha.com.br
URL: https://lovenoronha.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://lovenoronha.com.br/
Origin
https://lovenoronha.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
145989
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10462
timing-allow-origin
*
last-modified
Mon, 13 Sep 2021 19:10:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"613fa20b-28de"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c8y8ADIcSRQuPfvSGgKp0GQ8EHmBUFmflS9FG%2FWRvixmFSXqlGtIerlekOe0754Xej9g5tx1V%2B42HjdrYY6JOJU3psnsRtbXkbpWVOCcsLn44gMgT2h93oC3xu6ZgMDWwTlJRnisPRK6JDslRdb717nk"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
719188ed6f735ba4-FRA
expires
Wed, 31 May 2023 10:48:29 GMT
wpo-minify-header-62ca12fc.min.css
lovenoronha.com.br/wp-content/cache/wpo-minify/1654787369/assets/
716 KB
146 KB
Stylesheet
General
Full URL
https://lovenoronha.com.br/wp-content/cache/wpo-minify/1654787369/assets/wpo-minify-header-62ca12fc.min.css
Requested by
Host: lovenoronha.com.br
URL: https://lovenoronha.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.62.70 , United States, ASN26337 (OIS1, US),
Reverse DNS
162-241-62-70.unifiedlayer.com
Software
Apache /
Resource Hash
7bd5d613da696603bdb7cb06dd5ea555a03724724fda75cac7055c1bb88d2083

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lovenoronha.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:29 GMT
content-encoding
gzip
last-modified
Thu, 09 Jun 2022 15:19:54 GMT
server
Apache
accept-ranges
bytes
vary
Accept-Encoding
content-type
text/css
wpo-minify-header-f9c84b0e.min.css
lovenoronha.com.br/wp-content/cache/wpo-minify/1654787369/assets/
297 KB
55 KB
Stylesheet
General
Full URL
https://lovenoronha.com.br/wp-content/cache/wpo-minify/1654787369/assets/wpo-minify-header-f9c84b0e.min.css
Requested by
Host: lovenoronha.com.br
URL: https://lovenoronha.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.62.70 , United States, ASN26337 (OIS1, US),
Reverse DNS
162-241-62-70.unifiedlayer.com
Software
Apache /
Resource Hash
6126b94f9f412aff6c80c539ab820d6a71df0062e81e09fe513cc68246d4cccb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lovenoronha.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:29 GMT
content-encoding
gzip
last-modified
Thu, 09 Jun 2022 15:19:54 GMT
server
Apache
accept-ranges
bytes
vary
Accept-Encoding
content-type
text/css
wpo-minify-header-51fe108d.min.js
lovenoronha.com.br/wp-content/cache/wpo-minify/1654787369/assets/
113 KB
48 KB
Script
General
Full URL
https://lovenoronha.com.br/wp-content/cache/wpo-minify/1654787369/assets/wpo-minify-header-51fe108d.min.js
Requested by
Host: lovenoronha.com.br
URL: https://lovenoronha.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.62.70 , United States, ASN26337 (OIS1, US),
Reverse DNS
162-241-62-70.unifiedlayer.com
Software
Apache /
Resource Hash
459c5646380feca92e9229cd81019f233f14253f6cccb421da6140c95ad4bea8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lovenoronha.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:29 GMT
content-encoding
gzip
last-modified
Thu, 09 Jun 2022 15:19:54 GMT
server
Apache
accept-ranges
bytes
vary
Accept-Encoding
content-type
application/javascript
1380392
www.sympla.com.br/js/sympla.widget-pt.js/
2 KB
1 KB
Script
General
Full URL
https://www.sympla.com.br/js/sympla.widget-pt.js/1380392
Requested by
Host: lovenoronha.com.br
URL: https://lovenoronha.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1ed2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a21d3c6f4fcb4c1e463866a1cf15d1cec042fa62f92c80a303cd32f67cbc8d7
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lovenoronha.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:29 GMT
via
kong/2.3.2, 1.1 8ea75fde43c768e7e1d041f8b7a07bd6.cloudfront.net (CloudFront)
cf-cache-status
MISS
x-amz-cf-pop
ARN56-P1
x-kong-proxy-latency
0
x-cache
Miss from cloudfront
x-kong-upstream-latency
163
x_server
sympla-node-web-asg
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
last-modified
Fri, 10 Jun 2022 10:48:29 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
public, max-age=14400
cf-ray
719188ed8a1a9025-FRA
x-amz-cf-id
sxoiRgUdwD-DtDAMWn8McxZql0C0r53MV0Ewg0kVAoOTipsyN4xXag==
expires
Fri, 10 Jun 2022 14:48:29 GMT
WhatsApp-Image-2022-04-16-at-15.40.37-1-240x300.jpeg
lovenoronha.com.br/wp-content/uploads/2022/04/
14 KB
14 KB
Image
General
Full URL
https://lovenoronha.com.br/wp-content/uploads/2022/04/WhatsApp-Image-2022-04-16-at-15.40.37-1-240x300.jpeg
Requested by
Host: lovenoronha.com.br
URL: https://lovenoronha.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.62.70 , United States, ASN26337 (OIS1, US),
Reverse DNS
162-241-62-70.unifiedlayer.com
Software
Apache /
Resource Hash
bcac9c6f96098b03c349a15ab7a6ce7501aabdcab70ba245179afe2b83ce977c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lovenoronha.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:29 GMT
last-modified
Mon, 18 Apr 2022 23:26:02 GMT
server
Apache
accept-ranges
bytes
content-length
13848
content-type
image/jpeg
WhatsApp-Image-2022-04-16-at-15.40.37-2-240x300.jpeg
lovenoronha.com.br/wp-content/uploads/2022/04/
15 KB
15 KB
Image
General
Full URL
https://lovenoronha.com.br/wp-content/uploads/2022/04/WhatsApp-Image-2022-04-16-at-15.40.37-2-240x300.jpeg
Requested by
Host: lovenoronha.com.br
URL: https://lovenoronha.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.62.70 , United States, ASN26337 (OIS1, US),
Reverse DNS
162-241-62-70.unifiedlayer.com
Software
Apache /
Resource Hash
e797c34ebce4b2656cebd0c920534fbc7f9875ad91f1f1c358a660a9de4c7550

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lovenoronha.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:29 GMT
last-modified
Mon, 18 Apr 2022 23:26:04 GMT
server
Apache
accept-ranges
bytes
content-length
15444
content-type
image/jpeg
WhatsApp-Image-2022-04-16-at-15.40.37-3-240x300.jpeg
lovenoronha.com.br/wp-content/uploads/2022/04/
12 KB
13 KB
Image
General
Full URL
https://lovenoronha.com.br/wp-content/uploads/2022/04/WhatsApp-Image-2022-04-16-at-15.40.37-3-240x300.jpeg
Requested by
Host: lovenoronha.com.br
URL: https://lovenoronha.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.62.70 , United States, ASN26337 (OIS1, US),
Reverse DNS
162-241-62-70.unifiedlayer.com
Software
Apache /
Resource Hash
1ab42ad05bdcf088a3312ccee0267158d29dc6582f71cb1453466d9eb57263c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lovenoronha.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:29 GMT
last-modified
Mon, 18 Apr 2022 23:26:05 GMT
server
Apache
accept-ranges
bytes
content-length
12765
content-type
image/jpeg
WhatsApp-Image-2022-04-16-at-15.40.37-4-240x300.jpeg
lovenoronha.com.br/wp-content/uploads/2022/04/
15 KB
15 KB
Image
General
Full URL
https://lovenoronha.com.br/wp-content/uploads/2022/04/WhatsApp-Image-2022-04-16-at-15.40.37-4-240x300.jpeg
Requested by
Host: lovenoronha.com.br
URL: https://lovenoronha.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.62.70 , United States, ASN26337 (OIS1, US),
Reverse DNS
162-241-62-70.unifiedlayer.com
Software
Apache /
Resource Hash
61a9183f0b3e33b46a8280e047905f5e5639ac7f61e7efdd82ae78e5b5593fa9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lovenoronha.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:29 GMT
last-modified
Mon, 18 Apr 2022 23:26:07 GMT
server
Apache
accept-ranges
bytes
content-length
15699
content-type
image/jpeg
WhatsApp-Image-2022-04-16-at-15.40.37-5-240x300.jpeg
lovenoronha.com.br/wp-content/uploads/2022/04/
19 KB
19 KB
Image
General
Full URL
https://lovenoronha.com.br/wp-content/uploads/2022/04/WhatsApp-Image-2022-04-16-at-15.40.37-5-240x300.jpeg
Requested by
Host: lovenoronha.com.br
URL: https://lovenoronha.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.62.70 , United States, ASN26337 (OIS1, US),
Reverse DNS
162-241-62-70.unifiedlayer.com
Software
Apache /
Resource Hash
a49bff187c2ebfba7ee24be6e2422a24775e6698494ae76a669f88c50abcdec7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lovenoronha.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:29 GMT
last-modified
Mon, 18 Apr 2022 23:26:08 GMT
server
Apache
accept-ranges
bytes
content-length
19550
content-type
image/jpeg
WhatsApp-Image-2022-04-16-at-15.40.37-6-240x300.jpeg
lovenoronha.com.br/wp-content/uploads/2022/04/
17 KB
17 KB
Image
General
Full URL
https://lovenoronha.com.br/wp-content/uploads/2022/04/WhatsApp-Image-2022-04-16-at-15.40.37-6-240x300.jpeg
Requested by
Host: lovenoronha.com.br
URL: https://lovenoronha.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.62.70 , United States, ASN26337 (OIS1, US),
Reverse DNS
162-241-62-70.unifiedlayer.com
Software
Apache /
Resource Hash
e02a7ea5c3ea2bd8fe3d797a95f5da2ac3997be7d632acdd75905454e8f88e81

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lovenoronha.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:29 GMT
last-modified
Mon, 18 Apr 2022 23:26:10 GMT
server
Apache
accept-ranges
bytes
content-length
16966
content-type
image/jpeg
WhatsApp-Image-2022-04-16-at-15.40.37-240x300.jpeg
lovenoronha.com.br/wp-content/uploads/2022/04/
17 KB
17 KB
Image
General
Full URL
https://lovenoronha.com.br/wp-content/uploads/2022/04/WhatsApp-Image-2022-04-16-at-15.40.37-240x300.jpeg
Requested by
Host: lovenoronha.com.br
URL: https://lovenoronha.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.62.70 , United States, ASN26337 (OIS1, US),
Reverse DNS
162-241-62-70.unifiedlayer.com
Software
Apache /
Resource Hash
17bcee624014c5087e09159733be8153d4fd75692a11b3a7a1abd6183b8d1e3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lovenoronha.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:30 GMT
last-modified
Mon, 18 Apr 2022 23:26:13 GMT
server
Apache
accept-ranges
bytes
content-length
17273
content-type
image/jpeg
pexels-thiago-japyassu-4404577.jpg
lovenoronha.com.br/wp-content/uploads/2022/04/
1 MB
1 MB
Image
General
Full URL
https://lovenoronha.com.br/wp-content/uploads/2022/04/pexels-thiago-japyassu-4404577.jpg
Requested by
Host: lovenoronha.com.br
URL: https://lovenoronha.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.62.70 , United States, ASN26337 (OIS1, US),
Reverse DNS
162-241-62-70.unifiedlayer.com
Software
Apache /
Resource Hash
9757f11f2037ed49cd46b38548f6973f7090a30600317c52f1822b9bffbbbc49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lovenoronha.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:30 GMT
last-modified
Mon, 11 Apr 2022 12:07:21 GMT
server
Apache
accept-ranges
bytes
content-length
1530395
content-type
image/jpeg
pexels-thiago-japyassu-4490334-1024x768.jpg
lovenoronha.com.br/wp-content/uploads/2022/04/
218 KB
219 KB
Image
General
Full URL
https://lovenoronha.com.br/wp-content/uploads/2022/04/pexels-thiago-japyassu-4490334-1024x768.jpg
Requested by
Host: lovenoronha.com.br
URL: https://lovenoronha.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.62.70 , United States, ASN26337 (OIS1, US),
Reverse DNS
162-241-62-70.unifiedlayer.com
Software
Apache /
Resource Hash
c406d1aca57e9a5725a41d36e9bbcf393638aae2ae0d34a8802eac202aeea684

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lovenoronha.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:30 GMT
last-modified
Mon, 11 Apr 2022 12:08:22 GMT
server
Apache
accept-ranges
bytes
content-length
223669
content-type
image/jpeg
Love-Noronha-2022-17.png
lovenoronha.com.br/wp-content/uploads/2022/03/
571 KB
571 KB
Image
General
Full URL
https://lovenoronha.com.br/wp-content/uploads/2022/03/Love-Noronha-2022-17.png
Requested by
Host: lovenoronha.com.br
URL: https://lovenoronha.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.62.70 , United States, ASN26337 (OIS1, US),
Reverse DNS
162-241-62-70.unifiedlayer.com
Software
Apache /
Resource Hash
29af7329aaaa6991679a65ceb64a13f7a3d92178e4f51a5acdb7e2d482d7569f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lovenoronha.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:30 GMT
last-modified
Wed, 16 Mar 2022 17:30:12 GMT
server
Apache
accept-ranges
bytes
content-length
584735
content-type
image/png
Love-Noronha-2022-18-1.png
lovenoronha.com.br/wp-content/uploads/2022/03/
523 KB
524 KB
Image
General
Full URL
https://lovenoronha.com.br/wp-content/uploads/2022/03/Love-Noronha-2022-18-1.png
Requested by
Host: lovenoronha.com.br
URL: https://lovenoronha.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.62.70 , United States, ASN26337 (OIS1, US),
Reverse DNS
162-241-62-70.unifiedlayer.com
Software
Apache /
Resource Hash
8845153cbafa3d0b8c11ff907cab806838e00170e98939c8bd79cd90d49c4f6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lovenoronha.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:30 GMT
last-modified
Wed, 16 Mar 2022 19:06:55 GMT
server
Apache
accept-ranges
bytes
content-length
535786
content-type
image/png
Love-Noronha-2022-19.png
lovenoronha.com.br/wp-content/uploads/2022/03/
484 KB
484 KB
Image
General
Full URL
https://lovenoronha.com.br/wp-content/uploads/2022/03/Love-Noronha-2022-19.png
Requested by
Host: lovenoronha.com.br
URL: https://lovenoronha.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.62.70 , United States, ASN26337 (OIS1, US),
Reverse DNS
162-241-62-70.unifiedlayer.com
Software
Apache /
Resource Hash
021c5e5cb2f2cc1a9faefeb8be7ca1f79a00d045c990118a6c35c3c0186f3606

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lovenoronha.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:30 GMT
last-modified
Wed, 16 Mar 2022 19:06:57 GMT
server
Apache
accept-ranges
bytes
content-length
495395
content-type
image/png
Love-Noronha-2022-20.png
lovenoronha.com.br/wp-content/uploads/2022/03/
552 KB
553 KB
Image
General
Full URL
https://lovenoronha.com.br/wp-content/uploads/2022/03/Love-Noronha-2022-20.png
Requested by
Host: lovenoronha.com.br
URL: https://lovenoronha.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.62.70 , United States, ASN26337 (OIS1, US),
Reverse DNS
162-241-62-70.unifiedlayer.com
Software
Apache /
Resource Hash
63a349975ae27dc85273c48112334319dab68f07678d6aa98f6a0091c3eab64d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lovenoronha.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:30 GMT
last-modified
Wed, 16 Mar 2022 19:07:00 GMT
server
Apache
accept-ranges
bytes
content-length
565406
content-type
image/png
Love-Noronha-2022-21.png
lovenoronha.com.br/wp-content/uploads/2022/03/
517 KB
517 KB
Image
General
Full URL
https://lovenoronha.com.br/wp-content/uploads/2022/03/Love-Noronha-2022-21.png
Requested by
Host: lovenoronha.com.br
URL: https://lovenoronha.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.62.70 , United States, ASN26337 (OIS1, US),
Reverse DNS
162-241-62-70.unifiedlayer.com
Software
Apache /
Resource Hash
6a580037e2958e0ac4fc813beb67ff33b0ae621eadfe766db211b7d5deb9673e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lovenoronha.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:30 GMT
last-modified
Wed, 16 Mar 2022 19:07:02 GMT
server
Apache
accept-ranges
bytes
content-length
529192
content-type
image/png
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/
87 KB
31 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: lovenoronha.com.br
URL: https://lovenoronha.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lovenoronha.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 20:50:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
50269
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31021
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Jun 2023 20:50:40 GMT
wpo-minify-footer-6fe40e49.min.css
lovenoronha.com.br/wp-content/cache/wpo-minify/1654787369/assets/
193 KB
39 KB
Stylesheet
General
Full URL
https://lovenoronha.com.br/wp-content/cache/wpo-minify/1654787369/assets/wpo-minify-footer-6fe40e49.min.css
Requested by
Host: lovenoronha.com.br
URL: https://lovenoronha.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.62.70 , United States, ASN26337 (OIS1, US),
Reverse DNS
162-241-62-70.unifiedlayer.com
Software
Apache /
Resource Hash
49f77251d8aeae4264b67b662667a7bbdebeecad96cb428ef661f4da78d326ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lovenoronha.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:29 GMT
content-encoding
gzip
last-modified
Thu, 09 Jun 2022 15:19:55 GMT
server
Apache
accept-ranges
bytes
vary
Accept-Encoding
content-type
text/css
wpo-minify-footer-5f724066.min.js
lovenoronha.com.br/wp-content/cache/wpo-minify/1654787369/assets/
2 MB
600 KB
Script
General
Full URL
https://lovenoronha.com.br/wp-content/cache/wpo-minify/1654787369/assets/wpo-minify-footer-5f724066.min.js
Requested by
Host: lovenoronha.com.br
URL: https://lovenoronha.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.62.70 , United States, ASN26337 (OIS1, US),
Reverse DNS
162-241-62-70.unifiedlayer.com
Software
Apache /
Resource Hash
10ecbe22bdb1537837da30c3460b8c89fce6f7f552574cfde6d2f840054b7097

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lovenoronha.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:29 GMT
content-encoding
gzip
last-modified
Thu, 09 Jun 2022 15:19:54 GMT
server
Apache
accept-ranges
bytes
vary
Accept-Encoding
content-type
application/javascript
wpo-minify-footer-0b9d0e58.min.js
lovenoronha.com.br/wp-content/cache/wpo-minify/1654787369/assets/
79 KB
31 KB
Script
General
Full URL
https://lovenoronha.com.br/wp-content/cache/wpo-minify/1654787369/assets/wpo-minify-footer-0b9d0e58.min.js
Requested by
Host: lovenoronha.com.br
URL: https://lovenoronha.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.62.70 , United States, ASN26337 (OIS1, US),
Reverse DNS
162-241-62-70.unifiedlayer.com
Software
Apache /
Resource Hash
dbfc749ce89e5cf6ab17d04650afba674003f8ef794cecd8bf99e56b9c83b745

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lovenoronha.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:29 GMT
content-encoding
gzip
last-modified
Thu, 09 Jun 2022 15:19:55 GMT
server
Apache
accept-ranges
bytes
vary
Accept-Encoding
content-type
application/javascript
wpo-minify-footer-3ae00fb2.min.js
lovenoronha.com.br/wp-content/cache/wpo-minify/1654787369/assets/
90 KB
33 KB
Script
General
Full URL
https://lovenoronha.com.br/wp-content/cache/wpo-minify/1654787369/assets/wpo-minify-footer-3ae00fb2.min.js
Requested by
Host: lovenoronha.com.br
URL: https://lovenoronha.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.62.70 , United States, ASN26337 (OIS1, US),
Reverse DNS
162-241-62-70.unifiedlayer.com
Software
Apache /
Resource Hash
53feec6f07008d069934b9819970d5772a3de3da3def79841120b81b0d62f21b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lovenoronha.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:29 GMT
content-encoding
gzip
last-modified
Thu, 09 Jun 2022 15:19:55 GMT
server
Apache
accept-ranges
bytes
vary
Accept-Encoding
content-type
application/javascript
Inter-upright-var.woff2
lovenoronha.com.br/wp-content/themes/twentytwenty/assets/fonts/inter/
219 KB
220 KB
Font
General
Full URL
https://lovenoronha.com.br/wp-content/themes/twentytwenty/assets/fonts/inter/Inter-upright-var.woff2
Requested by
Host: lovenoronha.com.br
URL: https://lovenoronha.com.br/wp-content/cache/wpo-minify/1654787369/assets/wpo-minify-header-62ca12fc.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.62.70 , United States, ASN26337 (OIS1, US),
Reverse DNS
162-241-62-70.unifiedlayer.com
Software
Apache /
Resource Hash
e03c2df7ef439d2708bbc168a21c0a00da63e5664d286120c994c39644addd03

Request headers

Referer
https://lovenoronha.com.br/wp-content/cache/wpo-minify/1654787369/assets/wpo-minify-header-62ca12fc.min.css
Origin
https://lovenoronha.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:29 GMT
last-modified
Wed, 23 Oct 2019 02:57:08 GMT
server
Apache
accept-ranges
bytes
content-length
223892
content-type
font/woff2
KFOlCnqEu92Fr1MmWUlvAA.woff
fonts.gstatic.com/s/roboto/v30/
64 KB
65 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlvAA.woff
Requested by
Host: lovenoronha.com.br
URL: https://lovenoronha.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b588388326a9d3d30442904afd354fbb2f1feeb88ffca342e1c2f0391a692910
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lovenoronha.com.br/
Origin
https://lovenoronha.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 11:36:46 GMT
x-content-type-options
nosniff
age
342703
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65556
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 06 Jun 2023 11:36:46 GMT
pxiEyp8kv8JHgFVrFJM.woff
fonts.gstatic.com/s/poppins/v20/
65 KB
65 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrFJM.woff
Requested by
Host: lovenoronha.com.br
URL: https://lovenoronha.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c68e1edb2e2414da9f1a46a81131ceeb09e082363d20c8605d5edb929a1bf648
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lovenoronha.com.br/
Origin
https://lovenoronha.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 23:36:00 GMT
x-content-type-options
nosniff
age
126749
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
66572
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Jun 2023 23:36:00 GMT
fa-solid-900.woff2
lovenoronha.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/
76 KB
77 KB
Font
General
Full URL
https://lovenoronha.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
Requested by
Host: lovenoronha.com.br
URL: https://lovenoronha.com.br/wp-content/cache/wpo-minify/1654787369/assets/wpo-minify-header-f9c84b0e.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.62.70 , United States, ASN26337 (OIS1, US),
Reverse DNS
162-241-62-70.unifiedlayer.com
Software
Apache /
Resource Hash
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Request headers

Referer
https://lovenoronha.com.br/wp-content/cache/wpo-minify/1654787369/assets/wpo-minify-header-f9c84b0e.min.css
Origin
https://lovenoronha.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:29 GMT
last-modified
Wed, 13 Apr 2022 18:00:38 GMT
server
Apache
accept-ranges
bytes
content-length
78196
content-type
font/woff2
Love-Noronha-Marca-Branca-png-300x212.png
lovenoronha.com.br/wp-content/uploads/2022/04/
14 KB
14 KB
Image
General
Full URL
https://lovenoronha.com.br/wp-content/uploads/2022/04/Love-Noronha-Marca-Branca-png-300x212.png
Requested by
Host: lovenoronha.com.br
URL: https://lovenoronha.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.62.70 , United States, ASN26337 (OIS1, US),
Reverse DNS
162-241-62-70.unifiedlayer.com
Software
Apache /
Resource Hash
cbcd3507ee13179d78517c3790b7475c3e99f734f8ae33a31805e99017a59792

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lovenoronha.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:29 GMT
last-modified
Mon, 11 Apr 2022 11:35:28 GMT
server
Apache
accept-ranges
bytes
content-length
14693
content-type
image/png
Love-Noronha-2022-01.png
lovenoronha.com.br/wp-content/uploads/2022/03/
620 KB
622 KB
Image
General
Full URL
https://lovenoronha.com.br/wp-content/uploads/2022/03/Love-Noronha-2022-01.png
Requested by
Host: lovenoronha.com.br
URL: https://lovenoronha.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.62.70 , United States, ASN26337 (OIS1, US),
Reverse DNS
162-241-62-70.unifiedlayer.com
Software
Apache /
Resource Hash
d04c4194788569076d6ae50d31c252f7a1685c7ffad2f964495aa7001b69b844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lovenoronha.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:29 GMT
last-modified
Wed, 16 Mar 2022 17:29:46 GMT
server
Apache
accept-ranges
bytes
content-length
635106
content-type
image/png
tickets-grid-widget
www.sympla.com.br/ Frame B88B
38 KB
8 KB
Document
General
Full URL
https://www.sympla.com.br/tickets-grid-widget?eid=1380392&lang=pt
Requested by
Host: www.sympla.com.br
URL: https://www.sympla.com.br/js/sympla.widget-pt.js/1380392
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1ed2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b63430aa85f49cd6f5f498f2b44be7511dd16796feaec551a589f5f9f7946a0

Request headers

Referer
https://lovenoronha.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
719188f2091a9025-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 10 Jun 2022 10:48:30 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
via
kong/2.3.2, 1.1 b34d5d8e5954d0b7b46d5f0eb534c166.cloudfront.net (CloudFront)
x-amz-cf-id
vQ_2NB7fY8jmFVlhSBWGPbfWSyPrFjqZk-uFV5GDzv9FsNgxWerzMg==
x-amz-cf-pop
ARN56-P1
x-cache
Miss from cloudfront
x-kong-proxy-latency
1
x-kong-upstream-latency
264
x_server
sympla-node-web-asg
679124339
player.vimeo.com/video/ Frame AC67
15 KB
9 KB
Document
General
Full URL
https://player.vimeo.com/video/679124339?color=EA0303&autopause=0&loop=0&muted=0&title=0&portrait=0&byline=0&h=113771cdfc
Requested by
Host: lovenoronha.com.br
URL: https://lovenoronha.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.159.128.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd6384d926b3feb8abc31a9ce7c35b6080f2e02df6d37eaf63c5f9993c1910b9
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://lovenoronha.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
0
CF-Cache-Status
DYNAMIC
CF-RAY
719188f27fae91f9-FRA
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Fri, 10 Jun 2022 10:48:29 GMT
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Cache
MISS
X-Cache-Hits
0
X-Player-Backend
p
X-Served-By
cache-hhn4020-HHN
X-Timer
S1654858110.845252,VS0,VE131
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy
script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
expires
Fri, 10 Jun 2022 10:51:41 GMT
link
<https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
p3p
CP="This is not a P3P policy! See https://vimeo.com/privacy"
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish, 1.1 varnish
x-backend-proxy
playproxy4
x-bapp-server
player-v101-tm7zq
x-content-type-options
nosniff
x-host
player-v101-tm7zq
x-varnish-cache
1
x-vserver
playproxy-prod-varnish-3
x-xss-protection
1; mode=block
pxiByp8kv8JHgFVrLDz8V1g.woff
fonts.gstatic.com/s/poppins/v20/
65 KB
65 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8V1g.woff
Requested by
Host: lovenoronha.com.br
URL: https://lovenoronha.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
df04639997df53ab626f3fb35fc6bd9a5bbf81f1d809b943554076c185a9026f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lovenoronha.com.br/
Origin
https://lovenoronha.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 23:37:17 GMT
x-content-type-options
nosniff
age
126672
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
66448
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:15:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Jun 2023 23:37:17 GMT
fa-brands-400.woff2
lovenoronha.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/
75 KB
75 KB
Font
General
Full URL
https://lovenoronha.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
Requested by
Host: lovenoronha.com.br
URL: https://lovenoronha.com.br/wp-content/cache/wpo-minify/1654787369/assets/wpo-minify-header-f9c84b0e.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.62.70 , United States, ASN26337 (OIS1, US),
Reverse DNS
162-241-62-70.unifiedlayer.com
Software
Apache /
Resource Hash
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af

Request headers

Referer
https://lovenoronha.com.br/wp-content/cache/wpo-minify/1654787369/assets/wpo-minify-header-f9c84b0e.min.css
Origin
https://lovenoronha.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:29 GMT
last-modified
Wed, 13 Apr 2022 18:00:38 GMT
server
Apache
accept-ranges
bytes
content-length
76764
content-type
font/woff2
eicons.woff2
lovenoronha.com.br/wp-content/plugins/elementor/assets/lib/eicons/fonts/
90 KB
90 KB
Font
General
Full URL
https://lovenoronha.com.br/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2
Requested by
Host: lovenoronha.com.br
URL: https://lovenoronha.com.br/wp-content/cache/wpo-minify/1654787369/assets/wpo-minify-header-f9c84b0e.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.62.70 , United States, ASN26337 (OIS1, US),
Reverse DNS
162-241-62-70.unifiedlayer.com
Software
Apache /
Resource Hash
1525cd3ea05d1c00e4b385e781749c3bac5c01570b5800198bec0a252bb6c715

Request headers

Referer
https://lovenoronha.com.br/wp-content/cache/wpo-minify/1654787369/assets/wpo-minify-header-f9c84b0e.min.css
Origin
https://lovenoronha.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:29 GMT
last-modified
Wed, 13 Apr 2022 18:00:38 GMT
server
Apache
accept-ranges
bytes
content-length
92444
content-type
font/woff2
1376212141-5b4b81ce16ae7424dbfe90c914c85bef6f5a6dee0046b073b3007fbcd7fc3bfa-d.jpg
i.vimeocdn.com/video/ Frame AC67
1 KB
2 KB
Image
General
Full URL
https://i.vimeocdn.com/video/1376212141-5b4b81ce16ae7424dbfe90c914c85bef6f5a6dee0046b073b3007fbcd7fc3bfa-d.jpg?mw=80&q=85
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/679124339?color=EA0303&autopause=0&loop=0&muted=0&title=0&portrait=0&byline=0&h=113771cdfc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
029d9bb05cb0f0cb639305169006c89d1140c4076cdd8f55a2c02cee95cc41d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:30 GMT
via
vvarnish, 1.1 varnish, 1.1 varnish
age
832246
x-viewmaster-lossless-format
lossy
x-cache
miss, HIT, HIT
x-backend-server
varnish
content-length
1230
viewmaster-server
viewmaster-us-central1-j61k
x-served-by
cache-dfw18656-DFW, cache-hhn4040-HHN
x-timer
S1654858110.109865,VS0,VE1
etag
aa8d643274bc4b55abe2c6c2233ed991
access-control-max-age
86400
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-Viewmaster-Status
cache-control
public, max-age=2592000
accept-ranges
bytes
x-cache-hits
1, 1
player.de-DE.js
f.vimeocdn.com/p/4.3.0/js/ Frame AC67
842 KB
199 KB
Script
General
Full URL
https://f.vimeocdn.com/p/4.3.0/js/player.de-DE.js
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/679124339?color=EA0303&autopause=0&loop=0&muted=0&title=0&portrait=0&byline=0&h=113771cdfc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e1f0f32bc0ab122771bd346c443b7f3cd8dcf0740c755d53efdcc3bfc24ef962

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:30 GMT
via
1.1 varnish, 1.1 varnish
age
150041
x-served-by
cache-iad-kjyo7100064-IAD, cache-hhn4075-HHN
vary
Accept-Encoding,x-http-method-override
x-cache
MISS, HIT
content-type
application/javascript
content-encoding
br
cache-control
max-age=1209600
accept-ranges
bytes
x-timer
S1654858110.098625,VS0,VE0
content-length
203649
x-cache-hits
0, 48405
player.css
f.vimeocdn.com/p/4.3.0/css/ Frame AC67
212 KB
20 KB
Stylesheet
General
Full URL
https://f.vimeocdn.com/p/4.3.0/css/player.css
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/679124339?color=EA0303&autopause=0&loop=0&muted=0&title=0&portrait=0&byline=0&h=113771cdfc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8e8d9aced1e2fd62ec01eb14bb123b45d12d4359491817ef48df8010fabb6ace

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:30 GMT
via
1.1 varnish, 1.1 varnish
age
150041
x-served-by
cache-iad-kcgs7200036-IAD, cache-hhn4075-HHN
vary
Accept-Encoding,x-http-method-override
x-cache
MISS, HIT
content-type
text/css
access-control-allow-origin
*
content-encoding
br
cache-control
max-age=1209600
accept-ranges
bytes
x-timer
S1654858110.098647,VS0,VE0
content-length
20769
x-cache-hits
0, 119986
vuid.min.js
f.vimeocdn.com/js_opt/modules/utils/ Frame AC67
2 KB
1 KB
Script
General
Full URL
https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/679124339?color=EA0303&autopause=0&loop=0&muted=0&title=0&portrait=0&byline=0&h=113771cdfc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:30 GMT
via
1.1 varnish, 1.1 varnish
age
144729
x-timer
S1654858110.098639,VS0,VE0
x-served-by
cache-iad-kjyo7100090-IAD, cache-hhn4075-HHN
vary
Accept-Encoding,x-http-method-override
x-cache
HIT, HIT
content-type
application/javascript
content-encoding
gzip
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
997
x-cache-hits
1, 85889
vuid
vimeo.com/ablincoln/ Frame AC67
0
990 B
Ping
General
Full URL
https://vimeo.com/ablincoln/vuid?pid=ae4bfb434a1fb9d7c4b4a5d0b4ffe4758da572cc1654858109
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Fri, 10 Jun 2022 10:48:30 GMT
Via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
CF-Cache-Status
DYNAMIC
content-security-policy-report-only
default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp
X-Cache
MISS, MISS
Connection
keep-alive
Vary
User-Agent
x-xss-protection
1; mode=block
X-Served-By
cache-iad-kcgs7200158-IAD, cache-fra19146-FRA
x-vimeo-device
d
Server
cloudflare
X-Timer
S1654858110.281548,VS0,VE142
x-frame-options
sameorigin
x-backend-proxy
webproxy5
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
expires
Thu, 09 Jun 2022 22:48:30 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-bapp-server
pweb-v1479-7mhj5
x-ua-compatible
IE=edge
Accept-Ranges
bytes
CF-RAY
719188f52e8e915c-FRA
X-Cache-Hits
0, 0
text-editor.289ae80d76f0c5abea44.bundle.min.js
lovenoronha.com.br/wp-content/plugins/elementor/assets/js/
1 KB
700 B
Script
General
Full URL
https://lovenoronha.com.br/wp-content/plugins/elementor/assets/js/text-editor.289ae80d76f0c5abea44.bundle.min.js
Requested by
Host: lovenoronha.com.br
URL: https://lovenoronha.com.br/wp-content/cache/wpo-minify/1654787369/assets/wpo-minify-footer-5f724066.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.62.70 , United States, ASN26337 (OIS1, US),
Reverse DNS
162-241-62-70.unifiedlayer.com
Software
Apache /
Resource Hash
5c9a3c46d13cda847a391df63f9682ab531be301e12b6b64d191797c8c6fb054

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lovenoronha.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:30 GMT
content-encoding
gzip
last-modified
Wed, 13 Apr 2022 18:00:38 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
668
accordion.1840403ce81de408c749.bundle.min.js
lovenoronha.com.br/wp-content/plugins/elementor/assets/js/
4 KB
2 KB
Script
General
Full URL
https://lovenoronha.com.br/wp-content/plugins/elementor/assets/js/accordion.1840403ce81de408c749.bundle.min.js
Requested by
Host: lovenoronha.com.br
URL: https://lovenoronha.com.br/wp-content/cache/wpo-minify/1654787369/assets/wpo-minify-footer-5f724066.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.62.70 , United States, ASN26337 (OIS1, US),
Reverse DNS
162-241-62-70.unifiedlayer.com
Software
Apache /
Resource Hash
60fbfa9f6a187c349e777aa277654ac2c3db69b757926cc12f4b9f5fee09b4d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lovenoronha.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:30 GMT
content-encoding
gzip
last-modified
Wed, 13 Apr 2022 18:00:38 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
1530
image-carousel.db284b09c0f8a8f1c44d.bundle.min.js
lovenoronha.com.br/wp-content/plugins/elementor/assets/js/
3 KB
1 KB
Script
General
Full URL
https://lovenoronha.com.br/wp-content/plugins/elementor/assets/js/image-carousel.db284b09c0f8a8f1c44d.bundle.min.js
Requested by
Host: lovenoronha.com.br
URL: https://lovenoronha.com.br/wp-content/cache/wpo-minify/1654787369/assets/wpo-minify-footer-5f724066.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.62.70 , United States, ASN26337 (OIS1, US),
Reverse DNS
162-241-62-70.unifiedlayer.com
Software
Apache /
Resource Hash
db8906c97fca018189220d4aefdb6235060f442afd36f4a2bf2ca4a4ba5b3b65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lovenoronha.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:30 GMT
content-encoding
gzip
last-modified
Wed, 13 Apr 2022 18:00:38 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
1268
video.d86bfd0676264945e968.bundle.min.js
lovenoronha.com.br/wp-content/plugins/elementor/assets/js/
3 KB
2 KB
Script
General
Full URL
https://lovenoronha.com.br/wp-content/plugins/elementor/assets/js/video.d86bfd0676264945e968.bundle.min.js
Requested by
Host: lovenoronha.com.br
URL: https://lovenoronha.com.br/wp-content/cache/wpo-minify/1654787369/assets/wpo-minify-footer-5f724066.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.62.70 , United States, ASN26337 (OIS1, US),
Reverse DNS
162-241-62-70.unifiedlayer.com
Software
Apache /
Resource Hash
ed965ef7026b736436fc03697c7f29977fcde1e510b0ee2ecdff0d354442cf81

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lovenoronha.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:30 GMT
content-encoding
gzip
last-modified
Wed, 13 Apr 2022 18:00:38 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
1508
player-test-impression
fresnel.vimeocdn.com/add/ Frame AC67
0
142 B
Ping
General
Full URL
https://fresnel.vimeocdn.com/add/player-test-impression?beacon=1
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.3.0/js/player.de-DE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
204.202.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://player.vimeo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://player.vimeo.com
date
Fri, 10 Jun 2022 10:48:30 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
1376212141-5b4b81ce16ae7424dbfe90c914c85bef6f5a6dee0046b073b3007fbcd7fc3bfa-d
i.vimeocdn.com/video/ Frame AC67
18 KB
18 KB
Image
General
Full URL
https://i.vimeocdn.com/video/1376212141-5b4b81ce16ae7424dbfe90c914c85bef6f5a6dee0046b073b3007fbcd7fc3bfa-d?mw=900&mh=507
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/679124339?color=EA0303&autopause=0&loop=0&muted=0&title=0&portrait=0&byline=0&h=113771cdfc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0efaa5de2210f5429bed0133442be571eedef1bb39dfaf75ef98c0b714365851

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:30 GMT
via
vvarnish, 1.1 varnish, 1.1 varnish
age
255354
x-viewmaster-lossless-format
automatic
x-cache
miss, HIT, MISS
access-control-max-age
86400
x-backend-server
varnish
content-length
18426
viewmaster-server
viewmaster-us-central1-bvkg
x-served-by
cache-dfw18659-DFW, cache-hhn4040-HHN
x-timer
S1654858110.400435,VS0,VE118
etag
afed1f294a54b481005367552b790899
vary
Accept
content-type
image/avif
access-control-allow-origin
*
access-control-expose-headers
X-Viewmaster-Status
cache-control
public, max-age=2592000
accept-ranges
bytes
x-cache-hits
1, 0
player-stats
fresnel.vimeocdn.com/add/ Frame AC67
0
40 B
Ping
General
Full URL
https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=ae4bfb434a1fb9d7c4b4a5d0b4ffe4758da572cc1654858109
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.3.0/js/player.de-DE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
204.202.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://player.vimeo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://player.vimeo.com
date
Fri, 10 Jun 2022 10:48:30 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
CVMTiu6s9HYYNf6oFcj3KXI210c.js
www.sympla.com.br/cdn-cgi/apps/head/ Frame B88B
4 KB
2 KB
Script
General
Full URL
https://www.sympla.com.br/cdn-cgi/apps/head/CVMTiu6s9HYYNf6oFcj3KXI210c.js
Requested by
Host: www.sympla.com.br
URL: https://www.sympla.com.br/tickets-grid-widget?eid=1380392&lang=pt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1ed2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b82334d29e7e760f3e84f9c7d9a9d78143a4cb4f5855d5cc5a05e23495cd9992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sympla.com.br/tickets-grid-widget?eid=1380392&lang=pt
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:30 GMT
content-encoding
gzip
cf-cache-status
HIT
age
562378
cf-ray
719188f72a585c56-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1342
x-amz-id-2
z0fAKjsUPRG+u46LTw4kFUrifBuf+djFR0hcVRcWaXXwMDla8TW5LAUMa2vx1wRHAptirzOZ3Pk=
last-modified
Wed, 26 Aug 2020 19:48:08 GMT
server
cloudflare
etag
"0af1ea80b219e43c63c14e331854039c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
P3K6TGKXP3GFQHMV
cache-control
public, max-age=31536000
x-amz-version-id
8G0BUumbYmxqTevXrIMKKOLKifH0M4nh
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
expires
Sat, 10 Jun 2023 10:48:30 GMT
jquery.min.js
www.sympla.com.br/assets/bae2309b/ Frame B88B
91 KB
33 KB
Script
General
Full URL
https://www.sympla.com.br/assets/bae2309b/jquery.min.js
Requested by
Host: www.sympla.com.br
URL: https://www.sympla.com.br/tickets-grid-widget?eid=1380392&lang=pt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1ed2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sympla.com.br/tickets-grid-widget?eid=1380392&lang=pt
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:30 GMT
content-encoding
gzip
cf-cache-status
HIT
age
562282
x-kong-proxy-latency
0
x-cache
Miss from cloudfront
x-kong-upstream-latency
10
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33430
last-modified
Wed, 24 Jul 2019 14:21:07 GMT
server
cloudflare
etag
"16dc4-58e6e052154d6-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
via
kong/2.3.2, 1.1 59f8f1060194dd517bfadeea0eee2a32.cloudfront.net (CloudFront)
cache-control
public, max-age=14400
x-amz-cf-pop
TXL50-P3
accept-ranges
bytes
cf-ray
719188f72a5b5c56-FRA
x-amz-cf-id
88SjCcBhWsJdxbIC7f4RBuRBUlxSy5ZpUnt38xs9pVwHg8uAOeadxQ==
expires
Fri, 10 Jun 2022 14:48:30 GMT
sympla.helper.js
www.sympla.com.br/js/ Frame B88B
1 KB
1 KB
Script
General
Full URL
https://www.sympla.com.br/js/sympla.helper.js
Requested by
Host: www.sympla.com.br
URL: https://www.sympla.com.br/tickets-grid-widget?eid=1380392&lang=pt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1ed2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
726b99b6ce566ab33391f2c151870bcdd7a43f524f62e360bc3ac48f7df3d2a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sympla.com.br/tickets-grid-widget?eid=1380392&lang=pt
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:30 GMT
via
kong/2.3.2, 1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
561812
cf-polished
origSize=2842
x-cache
Miss from cloudfront
x-kong-proxy-latency
0
x-kong-upstream-latency
5
cf-bgj
minify
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 24 Jul 2019 14:15:38 GMT
server
cloudflare
etag
W/"b1a-58e6df18f34cb-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=14400
x-amz-cf-pop
FRA56-P5
cf-ray
719188f72a605c56-FRA
x-amz-cf-id
7ILhjrLrOSMsANPnB8elIt3Gf7mSLeP9hHKocyRCiR_pqhzO4Oxo3g==
expires
Fri, 10 Jun 2022 14:48:30 GMT
bootstrap.css
www.sympla.com.br/css/public/ Frame B88B
96 KB
17 KB
Stylesheet
General
Full URL
https://www.sympla.com.br/css/public/bootstrap.css
Requested by
Host: www.sympla.com.br
URL: https://www.sympla.com.br/tickets-grid-widget?eid=1380392&lang=pt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1ed2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d958df679652278f4ecc64d3d8755ab238d61123a0048d8a0def7542602d5ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sympla.com.br/tickets-grid-widget?eid=1380392&lang=pt
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:30 GMT
via
kong/2.3.2, 1.1 9b182fbbf070d660a2561c354cfc9980.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
562282
cf-polished
origSize=119733
x-cache
Miss from cloudfront
x-kong-proxy-latency
1
x-kong-upstream-latency
11
cf-bgj
minify
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 24 Jul 2019 14:15:15 GMT
server
cloudflare
etag
W/"1d3b5-58e6df02468c8-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
x-amz-cf-pop
TXL50-P3
cf-ray
719188f72a685c56-FRA
x-amz-cf-id
Px_TzljUSr4q8n6z8Zk-TzW29HhrSafkSvPYuurMQk_eWQXFFnp1iA==
expires
Fri, 10 Jun 2022 14:48:30 GMT
font-awesome.css
www.sympla.com.br/css/fa/css/ Frame B88B
30 KB
7 KB
Stylesheet
General
Full URL
https://www.sympla.com.br/css/fa/css/font-awesome.css
Requested by
Host: www.sympla.com.br
URL: https://www.sympla.com.br/tickets-grid-widget?eid=1380392&lang=pt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1ed2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82b680f094f5490bb2aa86dacf6ff7c48091495a99b7425faaa352be38b5cba8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sympla.com.br/tickets-grid-widget?eid=1380392&lang=pt
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:30 GMT
via
kong/2.3.2, 1.1 d2182626bf7a31d463bb4b9335724f24.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
562282
cf-polished
origSize=37398
x-cache
Miss from cloudfront
x-kong-proxy-latency
1
x-kong-upstream-latency
6
cf-bgj
minify
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 24 Jul 2019 14:15:14 GMT
server
cloudflare
etag
W/"9216-58e6df01c4aa3-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
x-amz-cf-pop
TXL50-P3
cf-ray
719188f72a695c56-FRA
x-amz-cf-id
uIHnEuL6IDMsqIGlwsKFGqb3ggB-nmivbLOgqQlPWPmzf46KQHHqUw==
expires
Fri, 10 Jun 2022 14:48:30 GMT
icomoon.css
www.sympla.com.br/css/public/ Frame B88B
16 KB
4 KB
Stylesheet
General
Full URL
https://www.sympla.com.br/css/public/icomoon.css
Requested by
Host: www.sympla.com.br
URL: https://www.sympla.com.br/tickets-grid-widget?eid=1380392&lang=pt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1ed2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fc3e7cd61e12fdea59ccbd206752e64007b34e3e426e0aead66fbc904f4aa9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sympla.com.br/tickets-grid-widget?eid=1380392&lang=pt
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:30 GMT
via
kong/2.3.2, 1.1 759fdd9f923ecbc08bad5c12c5d4db9a.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
562282
cf-polished
origSize=19902
x-cache
Miss from cloudfront
x-kong-proxy-latency
0
x-kong-upstream-latency
7
cf-bgj
minify
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 24 Jul 2019 14:15:15 GMT
server
cloudflare
etag
W/"4dbe-58e6df0257269-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
x-amz-cf-pop
TXL50-P3
cf-ray
719188f72a6b5c56-FRA
x-amz-cf-id
iRtraa4cnUWbnMcVWE1v1Vy-7lAn-Q9VnJpps27pYI591eE78zJ6ww==
expires
Fri, 10 Jun 2022 14:48:30 GMT
animate.css
www.sympla.com.br/css/public/ Frame B88B
47 KB
5 KB
Stylesheet
General
Full URL
https://www.sympla.com.br/css/public/animate.css
Requested by
Host: www.sympla.com.br
URL: https://www.sympla.com.br/tickets-grid-widget?eid=1380392&lang=pt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1ed2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b329ddd542e3134a42f74ebcea3bdc81aa6c7c0cfea2b3907871c4f6b23f4652

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sympla.com.br/tickets-grid-widget?eid=1380392&lang=pt
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:30 GMT
via
kong/2.3.2, 1.1 5b945cce9efcabde778966bdff946d7a.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
562282
cf-polished
origSize=60771
x-cache
Miss from cloudfront
x-kong-proxy-latency
1
x-kong-upstream-latency
9
cf-bgj
minify
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 24 Jul 2019 14:15:15 GMT
server
cloudflare
etag
W/"ed63-58e6df023fb68-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
x-amz-cf-pop
TXL50-P3
cf-ray
719188f72a6d5c56-FRA
x-amz-cf-id
I4t6ji3GE55dAc9zty2R3sLgQPNxqPoDiV1CLIoX9k5-9kk-qlwocA==
expires
Fri, 10 Jun 2022 14:48:30 GMT
old-base.css
www.sympla.com.br/css/public/ Frame B88B
105 KB
18 KB
Stylesheet
General
Full URL
https://www.sympla.com.br/css/public/old-base.css?v=2.041
Requested by
Host: www.sympla.com.br
URL: https://www.sympla.com.br/tickets-grid-widget?eid=1380392&lang=pt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1ed2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b021579a041152c4fa944505410146802924113a34b91287a87cb423879199d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sympla.com.br/tickets-grid-widget?eid=1380392&lang=pt
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:30 GMT
via
kong/2.3.2, 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
562113
cf-polished
origSize=147962
x-cache
Miss from cloudfront
x-kong-proxy-latency
2
x-kong-upstream-latency
10
cf-bgj
minify
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 24 Jul 2019 14:15:15 GMT
server
cloudflare
etag
W/"241fa-58e6df025c089-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
x-amz-cf-pop
FRA56-P5
cf-ray
719188f72a6f5c56-FRA
x-amz-cf-id
LmfL9poGZbnbcW4nDsmnKpwkIE1sx7qTQrpywDqt61vR19aPeu_oBQ==
expires
Fri, 10 Jun 2022 14:48:30 GMT
buttons.css
www.sympla.com.br/css/public/ Frame B88B
7 KB
2 KB
Stylesheet
General
Full URL
https://www.sympla.com.br/css/public/buttons.css
Requested by
Host: www.sympla.com.br
URL: https://www.sympla.com.br/tickets-grid-widget?eid=1380392&lang=pt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1ed2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5f6a06d3fea7d5647f1ff6e80fa0ce42f0f7b761498866b14182e2f4c8199af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sympla.com.br/tickets-grid-widget?eid=1380392&lang=pt
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:30 GMT
via
kong/2.3.2, 1.1 683ff74407fd21e24c53718828996608.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
562282
cf-polished
origSize=10289
x-cache
Miss from cloudfront
x-kong-proxy-latency
1
x-kong-upstream-latency
6
cf-bgj
minify
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 24 Jul 2019 14:15:15 GMT
server
cloudflare
etag
W/"2831-58e6df0248808-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
x-amz-cf-pop
TXL50-P3
cf-ray
719188f72a715c56-FRA
x-amz-cf-id
FHzEehEhUwKMYrqFuczMVQdbN8fdeBzQkTcx2n2JyiL0ypz8e1GI5w==
expires
Fri, 10 Jun 2022 14:48:30 GMT
style.css
www.sympla.com.br/css/linearicons/ Frame B88B
7 KB
2 KB
Stylesheet
General
Full URL
https://www.sympla.com.br/css/linearicons/style.css
Requested by
Host: www.sympla.com.br
URL: https://www.sympla.com.br/tickets-grid-widget?eid=1380392&lang=pt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1ed2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21a65a9d6d7120b57e69ef81981cc7c490fe0e48613476b710c21229d65cf231

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sympla.com.br/tickets-grid-widget?eid=1380392&lang=pt
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:30 GMT
via
kong/2.3.2, 1.1 6705fde62c89246795b7b0fe68d664cc.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
562282
cf-polished
origSize=8926
x-cache
Miss from cloudfront
x-kong-proxy-latency
0
x-kong-upstream-latency
6
cf-bgj
minify
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 24 Jul 2019 14:15:14 GMT
server
cloudflare
etag
W/"22de-58e6df0236ec8-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
x-amz-cf-pop
TXL50-P3
cf-ray
719188f72a735c56-FRA
x-amz-cf-id
DrYsbvdw5Vx7f5e53p1jOrx-9-zGRrgIKQRNy8DzPNxNUIc8lQFf-g==
expires
Fri, 10 Jun 2022 14:48:30 GMT
eventPageTmp.css
www.sympla.com.br/css/public/ Frame B88B
21 KB
5 KB
Stylesheet
General
Full URL
https://www.sympla.com.br/css/public/eventPageTmp.css?v=1.1
Requested by
Host: www.sympla.com.br
URL: https://www.sympla.com.br/tickets-grid-widget?eid=1380392&lang=pt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1ed2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06a2054be88c5cebc742c58234e5a110d38324cdeb98489dbb431cf029d444eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sympla.com.br/tickets-grid-widget?eid=1380392&lang=pt
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:30 GMT
via
kong/2.3.2, 1.1 7be6cb2d0156b563b6b1c8f2595ddd52.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
561812
cf-polished
origSize=31298
x-cache
Miss from cloudfront
x-kong-proxy-latency
1
x-kong-upstream-latency
6
cf-bgj
minify
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 03 Sep 2020 12:17:31 GMT
server
cloudflare
etag
W/"7a42-5ae67bc812cc0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
x-amz-cf-pop
FRA56-P5
cf-ray
719188f72a745c56-FRA
x-amz-cf-id
K7TVHsxgsXOSfYt4j_grjLL3hgc2aSiGh_MS68WbjZ5IpJH7PNAofA==
expires
Fri, 10 Jun 2022 14:48:30 GMT
css
fonts.googleapis.com/ Frame B88B
2 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Raleway:200
Requested by
Host: www.sympla.com.br
URL: https://www.sympla.com.br/tickets-grid-widget?eid=1380392&lang=pt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:80e::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
05794d306bda9df484331da47f146d25ac89561841b8f773b738f1d5dcec10ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sympla.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 10 Jun 2022 10:47:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 10 Jun 2022 10:48:30 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 10 Jun 2022 10:48:30 GMT
grunticon.loader.js
www.sympla.com.br/css/hdicons/ Frame B88B
2 KB
2 KB
Script
General
Full URL
https://www.sympla.com.br/css/hdicons/grunticon.loader.js
Requested by
Host: www.sympla.com.br
URL: https://www.sympla.com.br/tickets-grid-widget?eid=1380392&lang=pt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1ed2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a42426e826184977b1bb820ec198818ace862a8d7b7a7ae8e8f9fee47e010573

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sympla.com.br/tickets-grid-widget?eid=1380392&lang=pt
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:30 GMT
via
kong/2.3.2, 1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
562111
cf-polished
origSize=2258
x-cache
Miss from cloudfront
x-kong-proxy-latency
1
x-kong-upstream-latency
6
cf-bgj
minify
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 24 Jul 2019 14:15:14 GMT
server
cloudflare
etag
W/"8d2-58e6df0206186-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=14400
x-amz-cf-pop
FRA56-P5
cf-ray
719188f72a765c56-FRA
x-amz-cf-id
J6_m6UtsBtr7P7lxQOEHFjxPv9k3ADCtXPLIB9mVvvCLWsEql-TBFA==
expires
Fri, 10 Jun 2022 14:48:30 GMT
jquery.ripple.js
www.sympla.com.br/js/ Frame B88B
3 KB
2 KB
Script
General
Full URL
https://www.sympla.com.br/js/jquery.ripple.js
Requested by
Host: www.sympla.com.br
URL: https://www.sympla.com.br/tickets-grid-widget?eid=1380392&lang=pt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1ed2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f1e832b1effae09b4657cad1352cb404ad2a5438c27d2686706ecf0613f910

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sympla.com.br/tickets-grid-widget?eid=1380392&lang=pt
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:30 GMT
via
kong/2.3.2, 1.1 6705fde62c89246795b7b0fe68d664cc.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
561978
cf-polished
origSize=7274
x-cache
Miss from cloudfront
x-kong-proxy-latency
1
x-kong-upstream-latency
4
cf-bgj
minify
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 24 Jul 2019 14:15:38 GMT
server
cloudflare
etag
W/"1c6a-58e6df18dfc4a-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=14400
x-amz-cf-pop
TXL50-P3
cf-ray
719188f72a785c56-FRA
x-amz-cf-id
1KJBphzJBlByrqxpgTpmAMegyuc2rDDpIrWA7KxS-BnbTo3mbQay_g==
expires
Fri, 10 Jun 2022 14:48:30 GMT
logo-sympla-color.svg
www.sympla.com.br/images/ Frame B88B
3 KB
2 KB
Image
General
Full URL
https://www.sympla.com.br/images/logo-sympla-color.svg
Requested by
Host: www.sympla.com.br
URL: https://www.sympla.com.br/tickets-grid-widget?eid=1380392&lang=pt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1ed2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bddb04d8843f92ce05a73dfab408b072da48c88a623b429afa5c9929211127f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sympla.com.br/tickets-grid-widget?eid=1380392&lang=pt
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:30 GMT
via
kong/2.3.2, 1.1 e52e5002e6523e500edcd37f9eb5d0f6.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
6642
x-kong-proxy-latency
1
x-cache
Miss from cloudfront
x-kong-upstream-latency
6
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 24 Jul 2019 14:15:32 GMT
server
cloudflare
etag
W/"a4a-58e6df134cfea"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
x-amz-cf-pop
TXL50-P3
cf-ray
719188f84c425c56-FRA
x-amz-cf-id
wuG5On6emphxgKel5n556PMhemif4U39xDtbOUZFEkULmJgEQBe3Ow==
expires
Fri, 10 Jun 2022 14:48:30 GMT
bootstrap.min.js
www.sympla.com.br/js/public/ Frame B88B
28 KB
8 KB
Script
General
Full URL
https://www.sympla.com.br/js/public/bootstrap.min.js
Requested by
Host: www.sympla.com.br
URL: https://www.sympla.com.br/tickets-grid-widget?eid=1380392&lang=pt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1ed2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sympla.com.br/tickets-grid-widget?eid=1380392&lang=pt
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:30 GMT
content-encoding
gzip
cf-cache-status
HIT
age
562281
x-kong-proxy-latency
0
x-cache
Miss from cloudfront
x-kong-upstream-latency
10
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7679
last-modified
Wed, 24 Jul 2019 14:15:52 GMT
server
cloudflare
etag
"71b6-58e6df2625441-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
via
kong/2.3.2, 1.1 59f8f1060194dd517bfadeea0eee2a32.cloudfront.net (CloudFront)
cache-control
public, max-age=14400
x-amz-cf-pop
TXL50-P3
accept-ranges
bytes
cf-ray
719188f84c415c56-FRA
x-amz-cf-id
254qbq7Z7a83OmY0MeN7Zzm9rktVpazzauU4dgPPdZgIJ1bJlwZO9g==
expires
Fri, 10 Jun 2022 14:48:30 GMT
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ Frame B88B
14 KB
5 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: www.sympla.com.br
URL: https://www.sympla.com.br/tickets-grid-widget?eid=1380392&lang=pt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
https://www.sympla.com.br/
Origin
https://www.sympla.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:31 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
719188f8ea5391f9-FRA
KFOmCnqEu92Fr1Me5g.woff
fonts.gstatic.com/s/roboto/v30/
64 KB
64 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Me5g.woff
Requested by
Host: lovenoronha.com.br
URL: https://lovenoronha.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41533d5c6eab361631aa3cf8bf7b8a2e6babfcc42a1aa950b2b0cd80c109b8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lovenoronha.com.br/
Origin
https://lovenoronha.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 14:43:06 GMT
x-content-type-options
nosniff
age
331524
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65456
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 06 Jun 2023 14:43:06 GMT
swiper.min.js
lovenoronha.com.br/wp-content/plugins/elementor/assets/lib/swiper/
136 KB
46 KB
Script
General
Full URL
https://lovenoronha.com.br/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
Requested by
Host: lovenoronha.com.br
URL: https://lovenoronha.com.br/wp-content/cache/wpo-minify/1654787369/assets/wpo-minify-footer-3ae00fb2.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.62.70 , United States, ASN26337 (OIS1, US),
Reverse DNS
162-241-62-70.unifiedlayer.com
Software
Apache /
Resource Hash
b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lovenoronha.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:30 GMT
content-encoding
gzip
last-modified
Wed, 13 Apr 2022 18:00:38 GMT
server
Apache
accept-ranges
bytes
vary
Accept-Encoding
content-type
application/javascript
css
fonts.googleapis.com/ Frame B88B
11 KB
675 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Raleway:400,700,900,800,500,300,600
Requested by
Host: www.sympla.com.br
URL: https://www.sympla.com.br/css/public/old-base.css?v=2.041
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:80e::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
85a93a93f30f3ad5c2ffe2cb090c08173e725870f83a7af9c140659dcfe20293
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sympla.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 10 Jun 2022 10:48:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 10 Jun 2022 10:48:30 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 10 Jun 2022 10:48:30 GMT
css
fonts.googleapis.com/ Frame B88B
10 KB
754 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,900
Requested by
Host: www.sympla.com.br
URL: https://www.sympla.com.br/css/public/old-base.css?v=2.041
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:80e::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bb5677bcd61703e98d4e275bee546ffa99a970f913b699a727398802da8d4c3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sympla.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 10 Jun 2022 10:45:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 10 Jun 2022 10:48:30 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 10 Jun 2022 10:48:30 GMT
truncated
/ Frame B88B
34 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/gif
analytics.js
www.google-analytics.com/ Frame B88B
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.sympla.com.br
URL: https://www.sympla.com.br/tickets-grid-widget?eid=1380392&lang=pt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sympla.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
4424
date
Fri, 10 Jun 2022 09:34:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 10 Jun 2022 11:34:46 GMT
gtm.js
www.googletagmanager.com/ Frame B88B
341 KB
95 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MXLMPC
Requested by
Host: www.sympla.com.br
URL: https://www.sympla.com.br/tickets-grid-widget?eid=1380392&lang=pt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
22dcb8ef3c10b32427c640233243373541cd23d352e29043a4dba3762956975b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sympla.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:30 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97140
x-xss-protection
0
expires
Fri, 10 Jun 2022 10:48:30 GMT
icons.data.svg.css
www.sympla.com.br/css/hdicons/ Frame B88B
201 KB
65 KB
Stylesheet
General
Full URL
https://www.sympla.com.br/css/hdicons/icons.data.svg.css
Requested by
Host: www.sympla.com.br
URL: https://www.sympla.com.br/css/hdicons/grunticon.loader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1ed2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c571b2fcfe013389fcdd84cc510cd05a1ba046b349988436e441aa4c5607164c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sympla.com.br/tickets-grid-widget?eid=1380392&lang=pt
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:30 GMT
via
kong/2.3.2, 1.1 b93003f1819566aa6af3b0107cb2ec2a.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
561661
cf-polished
origSize=211130
x-cache
Miss from cloudfront
x-kong-proxy-latency
0
x-kong-upstream-latency
20
cf-bgj
minify
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 24 Jul 2019 14:15:14 GMT
server
cloudflare
etag
W/"338ba-58e6df0209066-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
x-amz-cf-pop
TXL50-P3
cf-ray
719188f8bd245c56-FRA
x-amz-cf-id
gXJIhvDSJm9G7uktq56CREJ3oMLID4Zi7AkCJy24QVxaledXFUBkwA==
expires
Fri, 10 Jun 2022 14:48:30 GMT
init.js
www.sympla.com.br/NjO03L5C/ Frame B88B
127 KB
47 KB
Script
General
Full URL
https://www.sympla.com.br/NjO03L5C/init.js
Requested by
Host: www.sympla.com.br
URL: https://www.sympla.com.br/tickets-grid-widget?eid=1380392&lang=pt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1ed2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60044845d2d479631c4db2944a3943405bb760e18ac58de2e1bca338e2a3d003

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sympla.com.br/tickets-grid-widget?eid=1380392&lang=pt
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:30 GMT
content-encoding
gzip
cf-cache-status
HIT
age
354
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
47332
access-control-allow-origin
*
last-modified
Fri, 10 Jun 2022 10:42:36 GMT
server
cloudflare
active-cdn
fastly
x-px-hash
YzQ4MDg4MWRiMmYwNzRmOTc5ZDI0MTM4MGEwYzU5N2Q0ODBkYzUxYzMxMWFiODdiMGIzMTViYzM4ZWQ1ZTRjYg==
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish, 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
access-control-expose-headers
active-cdn,x-served-by
cache-control
public, max-age=14400
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
cf-ray
719188f8cd3a5c56-FRA
x-amz-cf-id
6wUe4DQKZ4mVWpoztHPTdiEN3dH49MAQ3LTAH6VYw2dzu1NfP-q1fQ==
expires
Fri, 10 Jun 2022 14:48:30 GMT
opensans-regular-webfont.woff
www.sympla.com.br/css/public/fonts/ Frame B88B
24 KB
25 KB
Font
General
Full URL
https://www.sympla.com.br/css/public/fonts/opensans-regular-webfont.woff
Requested by
Host: www.sympla.com.br
URL: https://www.sympla.com.br/css/public/old-base.css?v=2.041
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1ed2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
023dc3371389cdbb3da076f55585faec1f285f5076a2859122821c280bff9491

Request headers

Referer
https://www.sympla.com.br/css/public/old-base.css?v=2.041
Origin
https://www.sympla.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:30 GMT
via
kong/2.3.2, 1.1 d2182626bf7a31d463bb4b9335724f24.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
562281
x-kong-proxy-latency
1
x-cache
Miss from cloudfront
x-kong-upstream-latency
6
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
24736
last-modified
Wed, 24 Jul 2019 14:15:15 GMT
server
cloudflare
etag
"60a0-58e6df0291bec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff
cache-control
public, max-age=14400
x-amz-cf-pop
TXL50-P3
accept-ranges
bytes
cf-ray
719188f8dd625c56-FRA
x-amz-cf-id
GecbBa0ewgB9qFWaeG3EKq8p9zLXkJvqkPBIHi4UO9LnnHIqrq1IfA==
expires
Fri, 10 Jun 2022 14:48:30 GMT
fontawesome-webfont.woff2
www.sympla.com.br/css/fa/fonts/ Frame B88B
75 KB
76 KB
Font
General
Full URL
https://www.sympla.com.br/css/fa/fonts/fontawesome-webfont.woff2
Requested by
Host: www.sympla.com.br
URL: https://www.sympla.com.br/css/fa/css/font-awesome.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1ed2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://www.sympla.com.br/css/fa/css/font-awesome.css
Origin
https://www.sympla.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:30 GMT
via
kong/2.3.2, 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
561734
x-kong-proxy-latency
1
x-cache
Miss from cloudfront
x-kong-upstream-latency
5
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
last-modified
Wed, 24 Jul 2019 14:15:14 GMT
server
cloudflare
etag
"12d68-58e6df01cd743"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=14400
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
cf-ray
719188f8dd635c56-FRA
x-amz-cf-id
CyQy2mrNiyZiCvURV0iHFBbGbImNpeERYDvC4mPLqHmUksgKmVvebg==
expires
Fri, 10 Jun 2022 14:48:30 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ Frame B88B
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.sympla.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 23:32:09 GMT
x-content-type-options
nosniff
age
299781
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44800
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 06 Jun 2023 23:32:09 GMT
linearicons.ttf
www.sympla.com.br/css/linearicons/fonts/ Frame B88B
51 KB
24 KB
Font
General
Full URL
https://www.sympla.com.br/css/linearicons/fonts/linearicons.ttf
Requested by
Host: www.sympla.com.br
URL: https://www.sympla.com.br/css/linearicons/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1ed2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2909bf1f6b05fadc33d7c0be3243c469d0fa320ee867769ad05281be552debea

Request headers

Referer
https://www.sympla.com.br/css/linearicons/style.css
Origin
https://www.sympla.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:30 GMT
via
kong/2.3.2, 1.1 f75621cd6e47ae7d0a4d07cd1877339c.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
562278
x-kong-proxy-latency
0
x-cache
Miss from cloudfront
x-kong-upstream-latency
7
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 24 Jul 2019 14:15:15 GMT
server
cloudflare
etag
W/"cd3c-58e6df023ad48"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/ttf
cache-control
public, max-age=14400
x-amz-cf-pop
TXL50-P3
cf-ray
719188f8dd655c56-FRA
x-amz-cf-id
nOKrY93RVm-zSTP6aKu2D_kQYzLkrvZX-fK6mrlj9XCwQWpI9XRKHg==
expires
Fri, 10 Jun 2022 14:48:30 GMT
collector
collector-pxnjo03l5c.px-cloud.net/api/v2/ Frame B88B
480 B
735 B
XHR
General
Full URL
https://collector-pxnjo03l5c.px-cloud.net/api/v2/collector
Requested by
Host: www.sympla.com.br
URL: https://www.sympla.com.br/NjO03L5C/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.220.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.220.186.35.bc.googleusercontent.com
Software
/
Resource Hash
15569f54ba2a53ea018b719ad12d348e2f2815948983a4a559250a9b78b7c9db

Request headers

Referer
https://www.sympla.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 10 Jun 2022 10:48:30 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.sympla.com.br
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
480
js
www.googletagmanager.com/gtag/ Frame B88B
191 KB
68 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-KXH10SQTZF&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MXLMPC
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6f19f5c6a41dd896804ceebb1923fe07cacba7b992733ad8cf882263f85edea2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sympla.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:30 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
70077
x-xss-protection
0
expires
Fri, 10 Jun 2022 10:48:30 GMT
collect.js
534001996.collect.igodigital.com/ Frame B88B
8 KB
2 KB
Script
General
Full URL
https://534001996.collect.igodigital.com/collect.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MXLMPC
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.45.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-45-141.compute-1.amazonaws.com
Software
/
Resource Hash
463faad63e59f653f8367ca1bd38629a240ebd4f2165c313e660933acc322b04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sympla.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:31 GMT
content-encoding
gzip
last-modified
Thu, 09 Jun 2022 18:35:47 GMT
vary
Accept-Encoding
content-type
application/javascript
conversion_async.js
www.googleadservices.com/pagead/ Frame B88B
39 KB
15 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MXLMPC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
22f38bcd5544708fe83348bf6b068d4f521e0cb16c32d0256b7e027760114bad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sympla.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15069
x-xss-protection
0
server
cafe
etag
11223643544955582496
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 10 Jun 2022 10:48:31 GMT
activityi;dc_pre=CMzx9-7aovgCFeAbBgAd1zYOhw;src=11359555;type=sympl0;cat=babel0;ord=7760886358714;gtm=2wg680;~oref=https%3A%2F%2Fwww.sympla.com.br%2Ftickets-grid-widget%3Feid%3D1380392%26lang%3Dpt
11359555.fls.doubleclick.net/ Frame EAEC
Redirect Chain
  • https://11359555.fls.doubleclick.net/activityi;src=11359555;type=sympl0;cat=babel0;ord=7760886358714;gtm=2wg680;~oref=https%3A%2F%2Fwww.sympla.com.br%2Ftickets-grid-widget%3Feid%3D1380392%26lang%3Dpt?
  • https://11359555.fls.doubleclick.net/activityi;dc_pre=CMzx9-7aovgCFeAbBgAd1zYOhw;src=11359555;type=sympl0;cat=babel0;ord=7760886358714;gtm=2wg680;~oref=https%3A%2F%2Fwww.sympla.com.br%2Ftickets-gri...
501 B
419 B
Document
General
Full URL
https://11359555.fls.doubleclick.net/activityi;dc_pre=CMzx9-7aovgCFeAbBgAd1zYOhw;src=11359555;type=sympl0;cat=babel0;ord=7760886358714;gtm=2wg680;~oref=https%3A%2F%2Fwww.sympla.com.br%2Ftickets-grid-widget%3Feid%3D1380392%26lang%3Dpt?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MXLMPC
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f6.1e100.net
Software
cafe /
Resource Hash
2c96b0a6b46e8180273c1bedb5957af76de5ba91247cb226674b7c0f0360fdb7
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
about:blank
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
394
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 10 Jun 2022 10:48:31 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 10 Jun 2022 10:48:31 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://11359555.fls.doubleclick.net/activityi;dc_pre=CMzx9-7aovgCFeAbBgAd1zYOhw;src=11359555;type=sympl0;cat=babel0;ord=7760886358714;gtm=2wg680;~oref=https%3A%2F%2Fwww.sympla.com.br%2Ftickets-grid-widget%3Feid%3D1380392%26lang%3Dpt?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
insight.min.js
snap.licdn.com/li.lms-analytics/ Frame B88B
8 KB
3 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MXLMPC
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ef::5c7b:c24a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sympla.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Fri, 10 Jun 2022 10:48:31 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Apr 2022 23:25:22 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=41739
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3085
fbevents.js
connect.facebook.net/en_US/ Frame B88B
100 KB
27 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: lovenoronha.com.br
URL: https://lovenoronha.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sympla.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26344
x-xss-protection
0
pragma
public
x-fb-debug
c2aSETHVft4QNB0vDPJ3XaD6ohpJ+lIYXa7rZZGSzihmsim6JpvZp+HAWpkxMrJLkVw2+RaBE3FLjLlTW47HsQ==
x-fb-trip-id
2050670934
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Fri, 10 Jun 2022 10:48:31 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
tags
us.creativecdn.com/ Frame E9A4
Redirect Chain
  • https://us.creativecdn.com/tags?id=pr_03HBRjBnVKoBxajxcU4s&ncm=1
  • https://us.creativecdn.com/tags?id=pr_03HBRjBnVKoBxajxcU4s&ncm=1&tc=1
26 B
377 B
Document
General
Full URL
https://us.creativecdn.com/tags?id=pr_03HBRjBnVKoBxajxcU4s&ncm=1&tc=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MXLMPC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
f70b370debd085dd9e9fb6495c796cdccf41c44574cc185dbe124f3ea8237623

Request headers

Referer
https://www.sympla.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-methods
GET, POST
access-control-allow-origin
*
access-control-max-age
3600
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
26
content-type
text/html;charset=utf-8
date
Fri, 10 Jun 2022 10:48:31 GMT Fri, 10 Jun 2022 10:48:31 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
vary
Origin, Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-methods
GET, POST
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
date
Fri, 10 Jun 2022 10:48:31 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://us.creativecdn.com/tags?id=pr_03HBRjBnVKoBxajxcU4s&ncm=1&tc=1
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
vary
Origin
events.js
analytics.tiktok.com/i18n/pixel/ Frame B88B
159 KB
44 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C92AKT9HLSUPN04HK1CG&lib=ttq
Requested by
Host: lovenoronha.com.br
URL: https://lovenoronha.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.241 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-241.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
7fa80c9a3595b623f4a6073a52ee6decc51e6db84f640aad05ed64a3117196fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sympla.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-akamai-request-id
937571f7.18019d58
date
Fri, 10 Jun 2022 10:48:31 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a23-220-104-5.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-161-213.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-parent-response-time
96,23.36.161.213
server-timing
cdn-cache; desc=MISS, edge; dur=90, origin; dur=7, inner; dur=3
pragma
no-cache
server
nginx
x-tt-logid
2022061010483101000200300500600300807CB35D8
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
7,23.220.104.5
x-tt-trace-host
01fe75e5e02a62fee538f8daf82e56f1e6e3894d71ce96991e15b3491dd5325791dca2a8fd86b5a797a3e6496e4243a50b46370997c87a31e05c8f8e894bab79a69c62c86c471eec50e0a5a61a551a4b197f4c36531a3f5de4f8b0dba52d696e6a643e8757bffde396367c05df66f14bee
expires
Fri, 10 Jun 2022 10:48:31 GMT
ec.js
www.google-analytics.com/plugins/ua/ Frame B88B
3 KB
1 KB
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sympla.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:33:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
892
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1129
x-xss-protection
0
last-modified
Thu, 30 Dec 2021 12:48:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 10 Jun 2022 11:33:39 GMT
132c4cd3-d198-4745-be6b-6a429013a866-loader.js
d335luupugsy2.cloudfront.net/js/loader-scripts/ Frame B88B
3 KB
2 KB
Script
General
Full URL
https://d335luupugsy2.cloudfront.net/js/loader-scripts/132c4cd3-d198-4745-be6b-6a429013a866-loader.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MXLMPC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-64.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9732395666dfa3bc5bfdff347dd2631329a479d45760d5cc6d6111f63f697f2c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sympla.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:32 GMT
content-encoding
gzip
last-modified
Fri, 28 Jan 2022 18:48:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
W/"6b5b17c664bcfe725a119bd7cd04b725"
vary
Accept-Encoding
x-cache
Miss from cloudfront
x-amz-version-id
cQFVcnkZb9L6fIaOOxIxWcMOB3rGFksH
via
1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
cache-control
no-cache
content-type
application/javascript
x-amz-cf-id
J23YjeNXWE6coqyOVXE_BGSVWZ8aEtjxK9HBAw2-IAqkvmgZ6YldVQ==
1703068899921590
connect.facebook.net/signals/config/ Frame B88B
291 KB
83 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1703068899921590?v=2.9.62&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
063d2f6044e99f4b86db1be083df8d2383878aebc5ab4e923d15e108c275b6b2
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sympla.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
85457
x-xss-protection
0
pragma
public
x-fb-debug
c3eEGoX6ioJEKopttpCe4UdmnobURV4r+aFiejjKy//LkfETC7He57rESjIUG8pGRUV4JBOHZLFvsu7ykmdIjw==
x-frame-options
DENY
date
Fri, 10 Jun 2022 10:48:31 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
px4.ads.linkedin.com/ Frame B88B
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3958321&time=1654858109890&url=https%3A%2F%2Flovenoronha.com.br%2F
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3958321%26time%3D1654858109890%26url%3Dhttps%253A%252F%252Flovenoronha.com.br%252...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3958321&time=1654858109890&url=https%3A%2F%2Flovenoronha.com.br%2F&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3958321&time=1654858109890&url=https%3A%2F%2Flovenoronha.com.br%2F&liSync=true&e_ipv6=AQLkS8drHMf5AAAAAYFNOtqBlHnkVDSYEX4gWU0BE5sAFt-Ey5AgQTYLaPM...
0
265 B
Image
General
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3958321&time=1654858109890&url=https%3A%2F%2Flovenoronha.com.br%2F&liSync=true&e_ipv6=AQLkS8drHMf5AAAAAYFNOtqBlHnkVDSYEX4gWU0BE5sAFt-Ey5AgQTYLaPM8Ovtv
Requested by
Host: www.sympla.com.br
URL: https://www.sympla.com.br/tickets-grid-widget?eid=1380392&lang=pt
Protocol
H2
Server
13.107.43.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sympla.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:31 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: A73A5D79B2364BC2A3AEC09EC738C3E8 Ref B: VIEEDGE2210 Ref C: 2022-06-10T10:48:31Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-proto
http/2
content-length
0
x-li-uuid
AAXhFa3oOG7muhoUQN1XZw==
x-li-fabric
prod-lva1

Redirect headers

date
Fri, 10 Jun 2022 10:48:31 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: B6EB1DA5935747349BCE8634BD866AA9 Ref B: VIEEDGE2805 Ref C: 2022-06-10T10:48:31Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3958321&time=1654858109890&url=https%3A%2F%2Flovenoronha.com.br%2F&liSync=true&e_ipv6=AQLkS8drHMf5AAAAAYFNOtqBlHnkVDSYEX4gWU0BE5sAFt-Ey5AgQTYLaPM8Ovtv
x-li-proto
http/2
content-length
0
x-li-uuid
AAXhFa3lUPwefeMIqno/zQ==
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1025760016/ Frame B88B
2 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1025760016/?random=1654858109893&cv=9&fst=1654858109893&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg680&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fwww.sympla.com.br%2Ftickets-grid-widget%3Feid%3D1380392%26lang%3Dpt&ref=https%3A%2F%2Flovenoronha.com.br%2F&tiba=Sympla%20Widget%20-%20LOVE%20NORONHA%202022&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0fbf9baf55958e7da29474df2a3fe90e200ed1e1f14a37d2ddbee0ad3e840fe5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sympla.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Jun 2022 10:48:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1080
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/388744662/ Frame B88B
2 KB
1 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion/388744662/?random=1654858109896&cv=9&fst=1654858109896&num=1&value=0&label=_gCLCPLQgIwDENaLr7kB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg680&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fwww.sympla.com.br%2Ftickets-grid-widget%3Feid%3D1380392%26lang%3Dpt&ref=https%3A%2F%2Flovenoronha.com.br%2F&tiba=Sympla%20Widget%20-%20LOVE%20NORONHA%202022&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
b0bc8a9db7dbd0cac34e4ea8e178412505924d182a4cedada0613308dec9c178
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sympla.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Jun 2022 10:48:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/876807203/ Frame B88B
3 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/876807203/?random=1654858109900&cv=9&fst=1654858109900&num=1&value=0.00&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg680&sendb=1&ig=1&data=event%3Dview_item%3Bgoogle_business_vertical%3Dcustom%3Bid%3D1380392&frm=2&url=https%3A%2F%2Fwww.sympla.com.br%2Ftickets-grid-widget%3Feid%3D1380392%26lang%3Dpt&ref=https%3A%2F%2Flovenoronha.com.br%2F&tiba=Sympla%20Widget%20-%20LOVE%20NORONHA%202022&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0c1a0c88c5a0345b1d8a8a86684ccbcbd6a2b938b78198bcd7f669e4065a48b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sympla.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Jun 2022 10:48:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1129
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CMzx9-7aovgCFeAbBgAd1zYOhw;src=11359555;type=sympl0;cat=babel0;ord=7760886358714;gtm=2wg680;~oref=https%3A%2F%2Fwww.sympla.com.br%2Ftickets-grid-widget%3Feid%3D1380392%26lang%3Dpt
adservice.google.com/ddm/fls/i/ Frame FB52
500 B
862 B
Document
General
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CMzx9-7aovgCFeAbBgAd1zYOhw;src=11359555;type=sympl0;cat=babel0;ord=7760886358714;gtm=2wg680;~oref=https%3A%2F%2Fwww.sympla.com.br%2Ftickets-grid-widget%3Feid%3D1380392%26lang%3Dpt
Requested by
Host: 11359555.fls.doubleclick.net
URL: https://11359555.fls.doubleclick.net/activityi;dc_pre=CMzx9-7aovgCFeAbBgAd1zYOhw;src=11359555;type=sympl0;cat=babel0;ord=7760886358714;gtm=2wg680;~oref=https%3A%2F%2Fwww.sympla.com.br%2Ftickets-grid-widget%3Feid%3D1380392%26lang%3Dpt?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1a4f2476d1b74b87fffc52ff3453cb7677f90b6b23b68e2eb6964a60d679dcf0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://11359555.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
393
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 10 Jun 2022 10:48:31 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
identify.js
analytics.tiktok.com/i18n/pixel/ Frame B88B
114 KB
31 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C92AKT9HLSUPN04HK1CG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.241 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-241.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sympla.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-akamai-request-id
8f547bfc.1801a149
date
Fri, 10 Jun 2022 10:48:31 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a23-220-104-21.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-161-213.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-parent-response-time
92,23.36.161.213
server-timing
cdn-cache; desc=MISS, edge; dur=88, origin; dur=5, inner; dur=3
pragma
no-cache
server
nginx
x-tt-logid
202206101048310100040030077350020081359F017
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
5,23.220.104.21
x-tt-trace-host
01fe75e5e02a62fee538f8daf82e56f1e6e3894d71ce96991e15b3491dd53257913e8b25bf277ee41a58a7e2092f210343812a747c1ac60b69771b2d5f1fef8291065ccaeb99a76658ef9ff62f391c5deb3c8782b9fdbd39ba43cf55262750f3b924863964df2ee4225a48973d13046ab8
expires
Fri, 10 Jun 2022 10:48:31 GMT
monitor
analytics.tiktok.com/api/v2/ Frame B88B
0
721 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C92AKT9HLSUPN04HK1CG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.241 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-241.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sympla.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
8f547d57.1801a297
date
Fri, 10 Jun 2022 10:48:31 GMT
x-cache-remote
TCP_MISS from a23-220-104-21.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-161-213.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-parent-response-time
134,23.36.161.213
server-timing
cdn-cache; desc=MISS, edge; dur=87, origin; dur=47, inner; dur=33
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
2022061010483101000200600500500600301406B68EB2
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
47,23.220.104.21
x-tt-trace-host
01fe75e5e02a62fee538f8daf82e56f1e6e3894d71ce96991e15b3491dd532579165c29daf253b5def52fa456926815e8cc8765ac028077065fff4573e6e9571b529d97708d98872ebaf53bf5ec784ee158e4c5b458d18efc65f1c1990aabbb806e705912bfad11b267756f33a5f23a1ab
expires
Fri, 10 Jun 2022 10:48:31 GMT
monitor
analytics.tiktok.com/api/v2/ Frame B88B
0
717 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C92AKT9HLSUPN04HK1CG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.241 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-241.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sympla.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
4bd073fe.1801a2ad
date
Fri, 10 Jun 2022 10:48:31 GMT
x-cache-remote
TCP_MISS from a23-220-104-24.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-161-213.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-parent-response-time
148,23.36.161.213
server-timing
cdn-cache; desc=MISS, edge; dur=89, origin; dur=60, inner; dur=49
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
2022061010483101000200300500600300300E7A5D8
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
60,23.220.104.24
x-tt-trace-host
01fe75e5e02a62fee538f8daf82e56f1e6e3894d71ce96991e15b3491dd53257911a7ecbf671bfd616302108dab4df56816c615c12a6ceff054b457ac29a8cf315df0cece890a1fb583ad9dcfdf3a724e537d7d20bb27b57759663225488034153b1009dd08f7b3c867428f05f5036aa3b
expires
Fri, 10 Jun 2022 10:48:31 GMT
monitor
analytics.tiktok.com/api/v2/ Frame B88B
0
718 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C92AKT9HLSUPN04HK1CG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.241 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-241.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sympla.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
93757276.1801a2c4
date
Fri, 10 Jun 2022 10:48:31 GMT
x-cache-remote
TCP_MISS from a23-220-104-5.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-161-213.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-parent-response-time
106,23.36.161.213
server-timing
cdn-cache; desc=MISS, edge; dur=87, origin; dur=19, inner; dur=10
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
2022061010483101000200600500500600302704B69E3E
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
19,23.220.104.5
x-tt-trace-host
01fe75e5e02a62fee538f8daf82e56f1e6e3894d71ce96991e15b3491dd5325791dca2a8fd86b5a797a3e6496e4243a50b5e47855957cd63f44ac63c8c4563871a83f26a8e612458f1baa20de986121741daaa353ec6a89d20ee8f9dcffb5122d35d0f899aa2c21fcc9a468d4d4a891322
expires
Fri, 10 Jun 2022 10:48:31 GMT
monitor
analytics.tiktok.com/api/v2/ Frame B88B
0
716 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C92AKT9HLSUPN04HK1CG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.241 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-241.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sympla.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
6be3957f.1801a2f4
date
Fri, 10 Jun 2022 10:48:31 GMT
x-cache-remote
TCP_MISS from a23-220-104-8.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-161-213.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-parent-response-time
101,23.36.161.213
server-timing
cdn-cache; desc=MISS, edge; dur=88, origin; dur=13, inner; dur=10
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
2022061010483101000200300500600300504E2F3BC
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
14,23.220.104.8
x-tt-trace-host
01fe75e5e02a62fee538f8daf82e56f1e6e3894d71ce96991e15b3491dd53257913fa578445f75c749fa273c1b8d2799303e23e58836335992e5286ebbdc670cf856ed21ab6148624d543d7a6df868eaf3ada81ab7ff8105a5f03a9fdd6521879aa55ce1667bd1d8af19ebae184a7b1a3c
expires
Fri, 10 Jun 2022 10:48:31 GMT
monitor
analytics.tiktok.com/api/v2/ Frame B88B
0
718 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C92AKT9HLSUPN04HK1CG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.241 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-241.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sympla.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
8f547de3.1801a307
date
Fri, 10 Jun 2022 10:48:31 GMT
x-cache-remote
TCP_MISS from a23-220-104-21.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-161-213.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-parent-response-time
120,23.36.161.213
server-timing
cdn-cache; desc=MISS, edge; dur=89, origin; dur=32, inner; dur=14
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202206101048310100020030020050060030060E4CEC51
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
32,23.220.104.21
x-tt-trace-host
01fe75e5e02a62fee538f8daf82e56f1e6e3894d71ce96991e15b3491dd532579165c29daf253b5def52fa456926815e8ccf96d75018e955cee76654fd4d16d41f08ce9d7d6011c6076cb9eeb225488b3e4ed0a348512e1c99b77e12d2c49aa1b17065771b802cf363624f971efb2bb239
expires
Fri, 10 Jun 2022 10:48:31 GMT
monitor
analytics.tiktok.com/api/v2/ Frame B88B
0
716 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C92AKT9HLSUPN04HK1CG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.241 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-241.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sympla.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
89d63016.1801a34a
date
Fri, 10 Jun 2022 10:48:31 GMT
x-cache-remote
TCP_MISS from a23-220-104-19.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-161-213.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-parent-response-time
122,23.36.161.213
server-timing
cdn-cache; desc=MISS, edge; dur=92, origin; dur=31, inner; dur=23
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
2022061010483101000400300500600300406A6571F
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
31,23.220.104.19
x-tt-trace-host
01fe75e5e02a62fee538f8daf82e56f1e6e3894d71ce96991e15b3491dd5325791909356c937fb8c2d628ebaf5df6f3f07774cda74b933c395af92176723d09105c2b60b0b04932f309a5760c534f98f89b15e36494acb22ecc9ae99bad3982f0a55c7d68dcde14891c2c9357e62544357
expires
Fri, 10 Jun 2022 10:48:31 GMT
config.js
analytics.tiktok.com/i18n/pixel/ Frame B88B
877 B
1 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C92AKT9HLSUPN04HK1CG&hostname=www.sympla.com.br
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C92AKT9HLSUPN04HK1CG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.241 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-241.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
908d489cc69d1012b3ca03489fe419201a6a8cf5bf56ec70d7d3540413d2773b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sympla.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-akamai-request-id
8f547e74.1801a377
date
Fri, 10 Jun 2022 10:48:31 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a23-220-104-21.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-161-213.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-parent-response-time
100,23.36.161.213
server-timing
cdn-cache; desc=MISS, edge; dur=89, origin; dur=12, inner; dur=3
content-length
353
pragma
no-cache
server
nginx
x-tt-logid
202206101048310100020030020050060030060C4BFD85
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
12,23.220.104.21
x-tt-trace-host
01fe75e5e02a62fee538f8daf82e56f1e6e3894d71ce96991e15b3491dd532579165c29daf253b5def52fa456926815e8ccf96d75018e955cee76654fd4d16d41f030a6a907199ca6e12c79e8be009e332fd759dbfe48681be504fc3ad7a53520afd0dd3f7a32494fc6a6104680177d15c
expires
Fri, 10 Jun 2022 10:48:31 GMT
monitor
analytics.tiktok.com/api/v2/ Frame B88B
0
720 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C92AKT9HLSUPN04HK1CG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.241 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-241.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sympla.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
4bd074aa.1801a37f
date
Fri, 10 Jun 2022 10:48:31 GMT
x-cache-remote
TCP_MISS from a23-220-104-24.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-161-213.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-parent-response-time
118,23.36.161.213
server-timing
cdn-cache; desc=MISS, edge; dur=87, origin; dur=31, inner; dur=30
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
2022061010483101000400402500400500600300911A423FF
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
31,23.220.104.24
x-tt-trace-host
01fe75e5e02a62fee538f8daf82e56f1e6e3894d71ce96991e15b3491dd53257911a7ecbf671bfd616302108dab4df5681cad45a75013d0e042b8daaeb1365081b3168076f713acfdc40be61b91f3f6b6eb52dbe98c2d538a8d685e4ded46cf18af1e2d9fdacbf37e5467c53e709dc5813
expires
Fri, 10 Jun 2022 10:48:31 GMT
monitor
analytics.tiktok.com/api/v2/ Frame B88B
0
719 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C92AKT9HLSUPN04HK1CG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.241 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-241.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sympla.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
93757a5c.1801a385
date
Fri, 10 Jun 2022 10:48:31 GMT
x-cache-remote
TCP_MISS from a23-220-104-5.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-161-213.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-parent-response-time
240,23.36.161.213
server-timing
cdn-cache; desc=MISS, edge; dur=90, origin; dur=151, inner; dur=149
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202206101048310100040030077350020650D544A89
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
152,23.220.104.5
x-tt-trace-host
01fe75e5e02a62fee538f8daf82e56f1e6e3894d71ce96991e15b3491dd5325791d1f75a10fc61cbd76d09d37330ded9ede27ba7e579fb644de6987620b10b1f0bba83710cb2f46d802342f2d878406025054139387cda175ed0967c8e134ad745dee55c875e91fe3a9f494484fdf53648
expires
Fri, 10 Jun 2022 10:48:31 GMT
monitor
analytics.tiktok.com/api/v2/ Frame B88B
0
717 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C92AKT9HLSUPN04HK1CG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.241 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-241.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sympla.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
6be38ceb.1801a38c
date
Fri, 10 Jun 2022 10:48:31 GMT
x-cache-remote
TCP_MISS from a23-220-104-8.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-161-213.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-parent-response-time
105,23.36.161.213
server-timing
cdn-cache; desc=MISS, edge; dur=88, origin; dur=17, inner; dur=12
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202206101048310100040030050060030260993D89D
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
17,23.220.104.8
x-tt-trace-host
01fe75e5e02a62fee538f8daf82e56f1e6e3894d71ce96991e15b3491dd53257913fa578445f75c749fa273c1b8d2799301f92e4fe417f1fa3a2176a17e077911a09794739cfb15c9ff5145d362b3f81d1a61f74e4cea23dfb8c6317e671348b90ba9ea12f42b3f77815eec9bb9d9138b5
expires
Fri, 10 Jun 2022 10:48:31 GMT
504816720176801
connect.facebook.net/signals/config/ Frame B88B
291 KB
83 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/504816720176801?v=2.9.62&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c8400ea2d59ff90b2e11e3b7f2353a67edae69a13e39c83f106150f846a595df
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sympla.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
85387
x-xss-protection
0
pragma
public
x-fb-debug
cRyvkONyygdmrxN+tW//B6ZY8Clqq37Aez/Q+Gy3h45GtoqZyUWhZnGMxHTmfKiJpiAKEDdu/6pFr7+nldO8FA==
x-frame-options
DENY
date
Fri, 10 Jun 2022 10:48:31 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ Frame B88B
44 B
297 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1703068899921590&ev=PageView&dl=https%3A%2F%2Fwww.sympla.com.br%2Ftickets-grid-widget%3Feid%3D1380392%26lang%3Dpt&rl=https%3A%2F%2Flovenoronha.com.br%2F&if=true&ts=1654858110045&sw=1600&sh=1200&v=2.9.62&r=stable&ec=0&o=29&it=1654858109856&coo=false&tm=1&exp=p1&rqm=GET
Requested by
Host: www.sympla.com.br
URL: https://www.sympla.com.br/tickets-grid-widget?eid=1380392&lang=pt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sympla.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:31 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Fri, 10 Jun 2022 10:48:31 GMT
/
www.google.de/pagead/1p-conversion/388744662/ Frame B88B
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/388744662/?random=144128640&cv=9&fst=1654858109896&num=1&value=0&label=_gCLCPLQgIwDENaLr7kB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&...
  • https://www.google.com/pagead/1p-conversion/388744662/?random=144128640&cv=9&fst=1654858109896&num=1&value=0&label=_gCLCPLQgIwDENaLr7kB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_a...
  • https://www.google.de/pagead/1p-conversion/388744662/?random=144128640&cv=9&fst=1654858109896&num=1&value=0&label=_gCLCPLQgIwDENaLr7kB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah...
42 B
64 B
Image
General
Full URL
https://www.google.de/pagead/1p-conversion/388744662/?random=144128640&cv=9&fst=1654858109896&num=1&value=0&label=_gCLCPLQgIwDENaLr7kB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg680&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fwww.sympla.com.br%2Ftickets-grid-widget%3Feid%3D1380392%26lang%3Dpt&ref=https%3A%2F%2Flovenoronha.com.br%2F&tiba=Sympla%20Widget%20-%20LOVE%20NORONHA%202022&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=fyGjYvX4DvyR9fgPsKKhmAM&cid=CAQSKQCNIrLMIGCOXM-Nrh_KO_1T-hozHY1eD_5JoaFnPk6_Rz-gFqNUm8NE&eitems=ChAI8NeLlQYQx_Gc1vzm3P1pEh0Ap_IpXnQgtZRYflrGrF9gfyvT_ZCzPq_-iJREsg&random=2693627345&resp=GooglemKTybQhCsO&ipr=y&prhg=0
Requested by
Host: www.sympla.com.br
URL: https://www.sympla.com.br/tickets-grid-widget?eid=1380392&lang=pt
Protocol
H3
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sympla.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Jun 2022 10:48:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 10 Jun 2022 10:48:31 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-conversion/388744662/?random=144128640&cv=9&fst=1654858109896&num=1&value=0&label=_gCLCPLQgIwDENaLr7kB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg680&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fwww.sympla.com.br%2Ftickets-grid-widget%3Feid%3D1380392%26lang%3Dpt&ref=https%3A%2F%2Flovenoronha.com.br%2F&tiba=Sympla%20Widget%20-%20LOVE%20NORONHA%202022&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=fyGjYvX4DvyR9fgPsKKhmAM&cid=CAQSKQCNIrLMIGCOXM-Nrh_KO_1T-hozHY1eD_5JoaFnPk6_Rz-gFqNUm8NE&eitems=ChAI8NeLlQYQx_Gc1vzm3P1pEh0Ap_IpXnQgtZRYflrGrF9gfyvT_ZCzPq_-iJREsg&random=2693627345&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/1025760016/ Frame B88B
42 B
548 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/1025760016/?random=1654858109893&cv=9&fst=1654855200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg680&sendb=1&frm=2&url=https%3A%2F%2Fwww.sympla.com.br%2Ftickets-grid-widget%3Feid%3D1380392%26lang%3Dpt&ref=https%3A%2F%2Flovenoronha.com.br%2F&tiba=Sympla%20Widget%20-%20LOVE%20NORONHA%202022&async=1&fmt=3&is_vtc=1&random=683887239&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.sympla.com.br
URL: https://www.sympla.com.br/tickets-grid-widget?eid=1380392&lang=pt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sympla.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Jun 2022 10:48:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1025760016/ Frame B88B
42 B
548 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/1025760016/?random=1654858109893&cv=9&fst=1654855200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg680&sendb=1&frm=2&url=https%3A%2F%2Fwww.sympla.com.br%2Ftickets-grid-widget%3Feid%3D1380392%26lang%3Dpt&ref=https%3A%2F%2Flovenoronha.com.br%2F&tiba=Sympla%20Widget%20-%20LOVE%20NORONHA%202022&async=1&fmt=3&is_vtc=1&random=683887239&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.sympla.com.br
URL: https://www.sympla.com.br/tickets-grid-widget?eid=1380392&lang=pt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sympla.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Jun 2022 10:48:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CMzx9-7aovgCFeAbBgAd1zYOhw;src=11359555;type=sympl0;cat=babel0;ord=7760886358714;gtm=2wg680;~oref=https%3A%2F%2Fwww.sympla.com.br%2Ftickets-grid-widget%3Feid%3D1380392%26lang%3Dpt
adservice.google.de/ddm/fls/i/ Frame 8EA6
194 B
870 B
Document
General
Full URL
https://adservice.google.de/ddm/fls/i/dc_pre=CMzx9-7aovgCFeAbBgAd1zYOhw;src=11359555;type=sympl0;cat=babel0;ord=7760886358714;gtm=2wg680;~oref=https%3A%2F%2Fwww.sympla.com.br%2Ftickets-grid-widget%3Feid%3D1380392%26lang%3Dpt
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CMzx9-7aovgCFeAbBgAd1zYOhw;src=11359555;type=sympl0;cat=babel0;ord=7760886358714;gtm=2wg680;~oref=https%3A%2F%2Fwww.sympla.com.br%2Ftickets-grid-widget%3Feid%3D1380392%26lang%3Dpt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
gzip
content-length
177
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 10 Jun 2022 10:48:31 GMT
expires
Fri, 10 Jun 2022 10:48:31 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
track_page_view
nova.collect.igodigital.com/c2/534001996/ Frame B88B
43 B
686 B
Image
General
Full URL
https://nova.collect.igodigital.com/c2/534001996/track_page_view?payload=%7B%22title%22%3A%22Sympla%20Widget%20-%20LOVE%20NORONHA%202022%22%2C%22url%22%3A%22https%3A%2F%2Fwww.sympla.com.br%2Ftickets-grid-widget%3Feid%3D1380392%26lang%3Dpt%22%2C%22referrer%22%3A%22https%3A%2F%2Flovenoronha.com.br%2F%22%7D
Requested by
Host: www.sympla.com.br
URL: https://www.sympla.com.br/tickets-grid-widget?eid=1380392&lang=pt
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.45.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-45-141.compute-1.amazonaws.com
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sympla.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-runtime
0.005955
date
Fri, 10 Jun 2022 10:48:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
private
content-transfer-encoding
binary
content-disposition
inline
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-request-id
09d69fef-909e-45b9-b441-d65cd795cece
/
www.google.com/pagead/1p-user-list/876807203/ Frame B88B
42 B
108 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/876807203/?random=1654858109900&cv=9&fst=1654855200000&num=1&value=0.00&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg680&sendb=1&data=event%3Dview_item%3Bgoogle_business_vertical%3Dcustom%3Bid%3D1380392&frm=2&url=https%3A%2F%2Fwww.sympla.com.br%2Ftickets-grid-widget%3Feid%3D1380392%26lang%3Dpt&ref=https%3A%2F%2Flovenoronha.com.br%2F&tiba=Sympla%20Widget%20-%20LOVE%20NORONHA%202022&async=1&fmt=3&is_vtc=1&random=287507635&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.sympla.com.br
URL: https://www.sympla.com.br/tickets-grid-widget?eid=1380392&lang=pt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sympla.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Jun 2022 10:48:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/876807203/ Frame B88B
42 B
108 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/876807203/?random=1654858109900&cv=9&fst=1654855200000&num=1&value=0.00&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg680&sendb=1&data=event%3Dview_item%3Bgoogle_business_vertical%3Dcustom%3Bid%3D1380392&frm=2&url=https%3A%2F%2Fwww.sympla.com.br%2Ftickets-grid-widget%3Feid%3D1380392%26lang%3Dpt&ref=https%3A%2F%2Flovenoronha.com.br%2F&tiba=Sympla%20Widget%20-%20LOVE%20NORONHA%202022&async=1&fmt=3&is_vtc=1&random=287507635&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.sympla.com.br
URL: https://www.sympla.com.br/tickets-grid-widget?eid=1380392&lang=pt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sympla.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Jun 2022 10:48:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
monitor
analytics.tiktok.com/api/v2/ Frame B88B
0
718 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C92AKT9HLSUPN04HK1CG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.241 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-241.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sympla.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
93757b60.1801a481
date
Fri, 10 Jun 2022 10:48:31 GMT
x-cache-remote
TCP_MISS from a23-220-104-5.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-161-213.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-parent-response-time
314,23.36.161.213
server-timing
cdn-cache; desc=MISS, edge; dur=92, origin; dur=222, inner; dur=221
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
2022061010483101000200600500500600301509A18A85
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
222,23.220.104.5
x-tt-trace-host
01fe75e5e02a62fee538f8daf82e56f1e6e3894d71ce96991e15b3491dd5325791dca2a8fd86b5a797a3e6496e4243a50b94ec3f858b2a73955c2a3ae4030239014194f8ded0e737de0de6b19db2d12671f2d9b7c2e6ec4ee1bc75ceff629ee1b2a49c725cc783341c85f1bbcc132cff95
expires
Fri, 10 Jun 2022 10:48:31 GMT
/
www.facebook.com/tr/ Frame B88B
44 B
88 B
Image
General
Full URL
https://www.facebook.com/tr/?id=504816720176801&ev=PageView&dl=https%3A%2F%2Fwww.sympla.com.br%2Ftickets-grid-widget%3Feid%3D1380392%26lang%3Dpt&rl=https%3A%2F%2Flovenoronha.com.br%2F&if=true&ts=1654858110077&sw=1600&sh=1200&v=2.9.62&r=stable&ec=0&o=29&it=1654858109856&coo=false&tm=1&exp=p1&rqm=GET
Requested by
Host: www.sympla.com.br
URL: https://www.sympla.com.br/tickets-grid-widget?eid=1380392&lang=pt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sympla.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:31 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Fri, 10 Jun 2022 10:48:31 GMT
/
www.facebook.com/tr/ Frame B88B
44 B
88 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1703068899921590&ev=ViewContent&dl=https%3A%2F%2Fwww.sympla.com.br%2Ftickets-grid-widget%3Feid%3D1380392%26lang%3Dpt&rl=https%3A%2F%2Flovenoronha.com.br%2F&if=true&ts=1654858110079&cd[content_ids]=%5B%221380392%22%5D&cd[content_name]=love-noronha-2022&cd[content_type]=product&cd[contents]=%5B%7B%22id%22%3A%221380392%22%2C%22quantity%22%3A1%7D%5D&sw=1600&sh=1200&v=2.9.62&r=stable&ec=1&o=29&it=1654858109856&coo=false&tm=1&exp=p1&rqm=GET
Requested by
Host: www.sympla.com.br
URL: https://www.sympla.com.br/tickets-grid-widget?eid=1380392&lang=pt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sympla.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:31 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Fri, 10 Jun 2022 10:48:31 GMT
/
www.facebook.com/tr/ Frame B88B
44 B
91 B
Image
General
Full URL
https://www.facebook.com/tr/?id=504816720176801&ev=ViewContent&dl=https%3A%2F%2Fwww.sympla.com.br%2Ftickets-grid-widget%3Feid%3D1380392%26lang%3Dpt&rl=https%3A%2F%2Flovenoronha.com.br%2F&if=true&ts=1654858110083&cd[content_ids]=%5B%221380392%22%5D&cd[content_name]=love-noronha-2022&cd[content_type]=product&cd[contents]=%5B%7B%22id%22%3A%221380392%22%2C%22quantity%22%3A1%7D%5D&sw=1600&sh=1200&v=2.9.62&r=stable&ec=1&o=29&it=1654858109856&coo=false&tm=1&exp=p1&rqm=GET
Requested by
Host: www.sympla.com.br
URL: https://www.sympla.com.br/tickets-grid-widget?eid=1380392&lang=pt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sympla.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:31 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Fri, 10 Jun 2022 10:48:31 GMT
monitor
analytics.tiktok.com/api/v2/ Frame B88B
0
716 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C92AKT9HLSUPN04HK1CG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.241 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-241.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sympla.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
93757dc2.1801a61d
date
Fri, 10 Jun 2022 10:48:31 GMT
x-cache-remote
TCP_MISS from a23-220-104-5.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-161-213.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-parent-response-time
104,23.36.161.213
server-timing
cdn-cache; desc=MISS, edge; dur=95, origin; dur=11, inner; dur=7
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202206101048310100040070040050060030071154CAA0
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
11,23.220.104.5
x-tt-trace-host
01fe75e5e02a62fee538f8daf82e56f1e6e3894d71ce96991e15b3491dd5325791dca2a8fd86b5a797a3e6496e4243a50bd44c3d6077af08077ae0d86b9658df007cb913e6f6755ac39a37787b1a51021b8e738b57edb672fc46b5d66fa74502b07ea1379f6a43c5cc7e0d25900ec5abe1
expires
Fri, 10 Jun 2022 10:48:31 GMT
monitor
analytics.tiktok.com/api/v2/ Frame B88B
0
713 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C92AKT9HLSUPN04HK1CG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.241 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-241.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sympla.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
89d6347d.1801a626
date
Fri, 10 Jun 2022 10:48:31 GMT
x-cache-remote
TCP_MISS from a23-220-104-19.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-161-213.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-parent-response-time
110,23.36.161.213
server-timing
cdn-cache; desc=MISS, edge; dur=88, origin; dur=23, inner; dur=4
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20220610104831010004005006003005138D9AA1
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
24,23.220.104.19
x-tt-trace-host
01fe75e5e02a62fee538f8daf82e56f1e6e3894d71ce96991e15b3491dd5325791909356c937fb8c2d628ebaf5df6f3f07872465aea80ede7c30c0dc7462321efcb52ac16ea1830fe5a7082dc62bef5a08468fd031365f6c6e1438ea114d7a445055b865abe399743b8ff3ef92feaaceab
expires
Fri, 10 Jun 2022 10:48:31 GMT
pixel
analytics.tiktok.com/api/v2/ Frame B88B
0
718 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C92AKT9HLSUPN04HK1CG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.241 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-241.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sympla.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
8f548153.1801a631
date
Fri, 10 Jun 2022 10:48:31 GMT
x-cache-remote
TCP_MISS from a23-220-104-21.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-161-213.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-parent-response-time
104,23.36.161.213
server-timing
cdn-cache; desc=MISS, edge; dur=89, origin; dur=16, inner; dur=10
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202206101048310100020030020050060030050DA2F804
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
16,23.220.104.21
x-tt-trace-host
01fe75e5e02a62fee538f8daf82e56f1e6e3894d71ce96991e15b3491dd532579165c29daf253b5def52fa456926815e8c9115022563519d81af398d2038fb487e4261a8e2e5e1deed3de3dcc9988cf13d53c515ff02de11d68dd180aed94aed834470c9b329a972bf53c53110f9ed489b
expires
Fri, 10 Jun 2022 10:48:31 GMT
pixel
analytics.tiktok.com/api/v2/ Frame B88B
0
718 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C92AKT9HLSUPN04HK1CG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.241 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-241.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sympla.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
4bd0768d.1801a63c
date
Fri, 10 Jun 2022 10:48:31 GMT
x-cache-remote
TCP_MISS from a23-220-104-24.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-161-213.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-parent-response-time
127,23.36.161.213
server-timing
cdn-cache; desc=MISS, edge; dur=87, origin; dur=40, inner; dur=38
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20220610104831010004003007735002053088D02F9
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
40,23.220.104.24
x-tt-trace-host
01fe75e5e02a62fee538f8daf82e56f1e6e3894d71ce96991e15b3491dd5325791b33912d43530cebf0558287949b9af9c72aa512091e8d2535f4dd8870a68bd7212d28371c49caa7d6e68c8bf4543da9e4d492c0ed198dcc11360cff741411c7efb2d652d40e3f9efa75846f054f8d44b
expires
Fri, 10 Jun 2022 10:48:31 GMT
collector
collector-pxnjo03l5c.px-cloud.net/api/v2/ Frame B88B
545 B
563 B
XHR
General
Full URL
https://collector-pxnjo03l5c.px-cloud.net/api/v2/collector
Requested by
Host: www.sympla.com.br
URL: https://www.sympla.com.br/NjO03L5C/init.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.220.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.220.186.35.bc.googleusercontent.com
Software
/
Resource Hash
b7a25b83c51e21a0eda422b84ac471cc5d59d3edce90e8a58c211ae39591ed4f

Request headers

Referer
https://www.sympla.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 10 Jun 2022 10:48:31 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.sympla.com.br
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
545
lead-tracking.min.js
d335luupugsy2.cloudfront.net/js/lead-tracking/stable/ Frame B88B
2 KB
2 KB
Script
General
Full URL
https://d335luupugsy2.cloudfront.net/js/lead-tracking/stable/lead-tracking.min.js
Requested by
Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/132c4cd3-d198-4745-be6b-6a429013a866-loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-64.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
63dd9340bf7f1ac6a576e8a0d2467f9270158ff446de0158df6a3a57cb08f4df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sympla.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 07:15:45 GMT
via
1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
last-modified
Mon, 17 Aug 2020 12:56:23 GMT
server
AmazonS3
age
12767
etag
"361325c86c17ebc03ff0f4d88d267a83"
x-cache
Hit from cloudfront
x-amz-version-id
VK74Y_629OBaxeWwwoiBIyYa.m4SxWD5
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
application/javascript
content-length
2058
x-amz-cf-id
PampF0i_J3McA3E8StvjzCkHn_gYFoUJBVk_-K0LAsK-AvJn1sfa3w==
traffic-source-cookie.min.js
d335luupugsy2.cloudfront.net/js/traffic-source-cookie/stable/ Frame B88B
2 KB
1 KB
Script
General
Full URL
https://d335luupugsy2.cloudfront.net/js/traffic-source-cookie/stable/traffic-source-cookie.min.js
Requested by
Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/132c4cd3-d198-4745-be6b-6a429013a866-loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-64.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
62894e21310ad30458d50c4ec5a38889092498119bd337fbaabed88772a0b14f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sympla.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 23:51:58 GMT
content-encoding
gzip
last-modified
Tue, 26 Oct 2021 20:03:17 GMT
server
AmazonS3
age
39394
etag
W/"c28640aa9141cc27478ef21569f4a56b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
XZdYe7srObSc7mFfrgpBi4sW1gFElr.6
via
1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
content-type
application/javascript
x-amz-cf-id
cxYcbhmpC21aKxx0wFUarJCUEsBrSrsaq3RfZmf1SxX8sVm9VNPymQ==
send
pageview-notify.rdstation.com.br/ Frame B88B
36 B
620 B
XHR
General
Full URL
https://pageview-notify.rdstation.com.br/send
Requested by
Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/lead-tracking/stable/lead-tracking.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.223.116.65 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
65.116.223.35.bc.googleusercontent.com
Software
/
Resource Hash
81e007098cef2f3620c1b091378e0c29b9797dc40ea4d73fcbdcf2ba8b6a0be2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.sympla.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 10 Jun 2022 10:48:32 GMT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html;charset=utf-8
access-control-allow-origin
https://www.sympla.com.br
access-control-max-age
1728000
access-control-allow-credentials
true
strict-transport-security
max-age=15724800; includeSubDomains
x-robots-tag
noindex, nofollow
access-control-allow-headers
*, Content-Type, Accept, AUTHORIZATION, Cache-Control
content-length
36
x-xss-protection
1; mode=block
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma
ld.js
static.criteo.net/js/ld/ Frame B88B
42 KB
14 KB
Script
General
Full URL
https://static.criteo.net/js/ld/ld.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MXLMPC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
dfc6678e3b812f3097334f84e4f7ed816c8339cd0f1a5e5b90281e8c3374d463
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sympla.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:32 GMT
content-encoding
gzip
last-modified
Tue, 31 May 2022 05:07:22 GMT
server
nginx
etag
W/"6295a28a-a708"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 11 Jun 2022 10:48:32 GMT
tags
us.creativecdn.com/ Frame A565
465 B
697 B
Document
General
Full URL
https://us.creativecdn.com/tags?id=pr_03HBRjBnVKoBxajxcU4s_offer_1380392
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MXLMPC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
ada8007243527eb5ce5e1d1e0fb171aabf1f9ecff7ce5c8aa7e6d9243fbfc348

Request headers

Referer
https://www.sympla.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-methods
GET, POST
access-control-allow-origin
*
access-control-max-age
3600
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-encoding
gzip
content-length
339
content-type
text/html;charset=utf-8
date
Fri, 10 Jun 2022 10:48:32 GMT Fri, 10 Jun 2022 10:48:32 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
vary
Origin, Accept-Encoding
rum
www.sympla.com.br/cdn-cgi/ Frame B88B
0
168 B
XHR
General
Full URL
https://www.sympla.com.br/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1ed2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.sympla.com.br/tickets-grid-widget?eid=1380392&lang=pt
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
content-type
application/json

Response headers

date
Fri, 10 Jun 2022 10:48:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.sympla.com.br
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
719189000a7d5c56-FRA
vary
Origin
syncframe
gum.criteo.com/ Frame CC21
15 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?topUrl=lovenoronha.com.br&origin=onetag
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
9ddc14d2bf861fce028506087fa64c31045712254bb719941fd4c84921b9f7ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.sympla.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6123
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 10 Jun 2022 10:48:31 GMT
server-processing-duration-in-ticks
1981
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cm
ash.creativecdn.com/adx/ Frame A565
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rtb_house&google_cm&google_sc&google_ula=5153224&google_hm=OFhzUldXbTRKdnJrd3NxTUJoTE0%3D&pi=adx&tdc=ash&chain=
  • https://cm.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ash&chain=&google_gid=CAESECvCr4v9ptfHIga8f6JK_Go&google_cver=1&google_ula=5153224,0
  • https://ash.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ash&chain=&google_gid=CAESECvCr4v9ptfHIga8f6JK_Go&google_cver=1&google_ula=5153224,0
42 B
243 B
Image
General
Full URL
https://ash.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ash&chain=&google_gid=CAESECvCr4v9ptfHIga8f6JK_Go&google_cver=1&google_ula=5153224,0
Requested by
Host: us.creativecdn.com
URL: https://us.creativecdn.com/tags?id=pr_03HBRjBnVKoBxajxcU4s_offer_1380392
Protocol
H2
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us.creativecdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Jun 2022 10:48:32 GMT, Fri, 10 Jun 2022 10:48:32 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-type
image/gif
content-length
42
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://ash.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ash&chain=&google_gid=CAESECvCr4v9ptfHIga8f6JK_Go&google_cver=1&google_ula=5153224,0
date
Fri, 10 Jun 2022 10:48:32 GMT
content-length
0
fledge-igmembership
fledge-usa.creativecdn.com/ Frame A065
1 KB
893 B
Document
General
Full URL
https://fledge-usa.creativecdn.com/fledge-igmembership?ntk=hcCawA0OuhoZxaziOkh9JzZrjislagP5k3Aq-k-vAcxqYcRxcqGiJ5UrpmlDEQP6pYaS2O8hIHk-J60NXoI5Og
Requested by
Host: us.creativecdn.com
URL: https://us.creativecdn.com/tags?id=pr_03HBRjBnVKoBxajxcU4s_offer_1380392
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
c4b5982cef70c34f2da4c69e5f30424c4d568e17e2fe4135c3e3775fdd9c0e3c

Request headers

Referer
https://us.creativecdn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
content-length
445
content-type
text/html;charset=utf-8
date
Fri, 10 Jun 2022 10:48:32 GMT Fri, 10 Jun 2022 10:48:32 GMT
expires
Sat, 11 Jun 2022 10:48:32 GMT
origin-trial
Au+q421JtVcIdQDg+KLkxg4UdxYCIc5MjP5ceAacKEe95NdFlIYGHr/MZumsGWz8gsSmFiXDMB3IVwjICixv/AYAAABxeyJvcmlnaW4iOiJodHRwczovL2NyZWF0aXZlY2RuLmNvbTo0NDMiLCJmZWF0dXJlIjoiUHJpdmFjeVNhbmRib3hBZHNBUElzIiwiZXhwaXJ5IjoxNjYxMjk5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
vary
Accept-Encoding
sid
mug.criteo.com/ Frame CC21
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=onetag&domain=www.sympla.com.br&sn=ChromeSyncframe&so=0&topUrl=lovenoronha.com.br&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=SU0wtnxKdXg3ajc4NzdjanVqOWpwcDJOM0duSFZBT3RaamlGTGV0Vks1Yys4aC8zcC9iZkh5eStIcU9QaTBiYjdPcURQTERpTjhFQkpKamVvT3VIc3J0dXUwRTVXbGI0d0tQckxVR1NGcjFyalBEdVZOR0JHWlg1ejFtV0...
465 B
655 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=SU0wtnxKdXg3ajc4NzdjanVqOWpwcDJOM0duSFZBT3RaamlGTGV0Vks1Yys4aC8zcC9iZkh5eStIcU9QaTBiYjdPcURQTERpTjhFQkpKamVvT3VIc3J0dXUwRTVXbGI0d0tQckxVR1NGcjFyalBEdVZOR0JHWlg1ejFtV0ZTUU5HTWlVcldybjFVaDFkWW1nZmxUY0NNd0xrWkk4QkIva29nOWU4bGlQY3ZRWU9zdlJ4RENycmJ1aVJUZnErNW8zcDdCZDJpRmNMc2gzZVJ1RG9mRDFoVndqM0NzT1MveHhNZFVhc3IvTUl6YTErcnFaa3A1bS9vTEpXVXZsM2VsSzVvbnp5YXFTcTI1YnNHSTd6VGVJZ3pYUnVJa1c3WTYwMHVrN3RzTWpLMEhGeHYvRT18&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
6845f92e349fd27efc82399d6e87e99487638471ff8171c5465d326134cabe9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Jun 2022 10:48:32 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4176
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 10 Jun 2022 10:48:31 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=SU0wtnxKdXg3ajc4NzdjanVqOWpwcDJOM0duSFZBT3RaamlGTGV0Vks1Yys4aC8zcC9iZkh5eStIcU9QaTBiYjdPcURQTERpTjhFQkpKamVvT3VIc3J0dXUwRTVXbGI0d0tQckxVR1NGcjFyalBEdVZOR0JHWlg1ejFtV0ZTUU5HTWlVcldybjFVaDFkWW1nZmxUY0NNd0xrWkk4QkIva29nOWU4bGlQY3ZRWU9zdlJ4RENycmJ1aVJUZnErNW8zcDdCZDJpRmNMc2gzZVJ1RG9mRDFoVndqM0NzT1MveHhNZFVhc3IvTUl6YTErcnFaa3A1bS9vTEpXVXZsM2VsSzVvbnp5YXFTcTI1YnNHSTd6VGVJZ3pYUnVJa1c3WTYwMHVrN3RzTWpLMEhGeHYvRT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1498
content-length
567
expires
0
event
widget.us.criteo.com/ Frame B88B
Redirect Chain
  • https://sslwidget.criteo.com/event?a=31969&v=5.11.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dm%26ref%3Dhttps%253A%252F%252Flovenoronha.com.br&p2=e%3Dvp%26p%3D1380392&p3=e%3Ddis&bundle=ta...
  • https://widget.us.criteo.com/event?a=31969&v=5.11.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dm%26ref%3Dhttps%253A%252F%252Flovenoronha.com.br&p2=e%3Dvp%26p%3D1380392&p3=e%3Ddis&bundle=ta...
9 KB
9 KB
Script
General
Full URL
https://widget.us.criteo.com/event?a=31969&v=5.11.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dm%26ref%3Dhttps%253A%252F%252Flovenoronha.com.br&p2=e%3Dvp%26p%3D1380392&p3=e%3Ddis&bundle=taaAHV9paU5GQUdmU1Q4OVRGTXlueWFBRXBTZ1pLRUJpMTFkbnBSVmtwSWVxRTFvY1RQd09Obk5xZkFxekolMkZ1c2NpRzVBb2VIV1JWb0pFR2dXbUY4VHQlMkJzJTJCUklzJTJCNElLWTBRdGg2MmpEJTJCdnEybjNRTzh4bWxlVzFRbFElMkJPZUNtYlNEQnplbDZRODZGSTNmdVdSMkFzZjIlMkJDTiUyRiUyRmFrc0ppd3hNVFBRblpORkMyUkElM0Q&tld=www.sympla.com.br&fu=https%3A%2F%2Flovenoronha.com.br&pu=https%3A%2F%2Flovenoronha.com.br&dtycbr=37743
Protocol
H2
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
c419da0455fc79a38ca763fbc13a8f74fe2982f61f93eb77a6dcea639c0d3a30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sympla.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Jun 2022 10:48:32 GMT
server
Kestrel
timing-allow-origin
*
strict-transport-security
max-age=31536000; preload;
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
11816796
content-type
application/x-javascript
expires
0

Redirect headers

pragma
no-cache
date
Fri, 10 Jun 2022 10:48:32 GMT
server
Kestrel
location
https://widget.us.criteo.com/event?a=31969&v=5.11.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dm%26ref%3Dhttps%253A%252F%252Flovenoronha.com.br&p2=e%3Dvp%26p%3D1380392&p3=e%3Ddis&bundle=taaAHV9paU5GQUdmU1Q4OVRGTXlueWFBRXBTZ1pLRUJpMTFkbnBSVmtwSWVxRTFvY1RQd09Obk5xZkFxekolMkZ1c2NpRzVBb2VIV1JWb0pFR2dXbUY4VHQlMkJzJTJCUklzJTJCNElLWTBRdGg2MmpEJTJCdnEybjNRTzh4bWxlVzFRbFElMkJPZUNtYlNEQnplbDZRODZGSTNmdVdSMkFzZjIlMkJDTiUyRiUyRmFrc0ppd3hNVFBRblpORkMyUkElM0Q&tld=www.sympla.com.br&fu=https%3A%2F%2Flovenoronha.com.br&pu=https%3A%2F%2Flovenoronha.com.br&dtycbr=37743
strict-transport-security
max-age=31536000; preload;
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
9975965
timing-allow-origin
*
content-length
0
expires
0
rdstation-popup.min.js
d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/ Frame B88B
195 KB
55 KB
Script
General
Full URL
https://d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/rdstation-popup.min.js?v=1
Requested by
Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/132c4cd3-d198-4745-be6b-6a429013a866-loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-64.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9bc53355cf72bd3e8955f3cb37d14721f99e0f2b55e3056fa8f40aef14cc47c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sympla.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id
9oZhVnpzoM7jELhx_AWeZIBLh7p5nE1j
content-encoding
gzip
last-modified
Tue, 12 Apr 2022 10:22:03 GMT
server
AmazonS3
age
32700
etag
"99726c08db1b76f6933b46bad3c6c1f9"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
date
Fri, 10 Jun 2022 01:43:33 GMT
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
55470
x-amz-cf-id
Af5YejWLOfSmJlYthDJFZ78o99RPDm_X60nnU3RgzWarwjEkDsat4w==
show.json
popups.rdstation.com.br/popup/ Frame B88B
13 B
149 B
XHR
General
Full URL
https://popups.rdstation.com.br/popup/show.json?account_id=133984&uniq=_kz0k7eorc&ref=aHR0cHM6Ly93d3cuc3ltcGxhLmNvbS5ici90aWNrZXRzLWdyaWQtd2lkZ2V0P2VpZD0xMzgwMzkyJmxhbmc9cHQ%3D
Requested by
Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/rdstation-popup.min.js?v=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.68.90.188 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.90.68.34.bc.googleusercontent.com
Software
/
Resource Hash
96ddd38efe76ec82a9f2b4ecb8c151aa7b202d792823131a8936fc9bd616b22a
Security Headers
Name Value
Strict-Transport-Security max-age=7776000
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sympla.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=7776000
referrer-policy
strict-origin-when-cross-origin
date
Fri, 10 Jun 2022 10:48:32 GMT
content-length
13
x-frame-options
sameorigin
content-type
application/json
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame D19F
Redirect Chain
  • https://ib.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D95287%26redir%3Dhttps%253A%252F%252Fib.adnxs.com%252Fgetuid%253Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fappnexus%252Fcookiematch.aspx%253Fa...
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3771749925733465598
43 B
371 B
Image
General
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3771749925733465598
Protocol
H2
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Jun 2022 10:48:32 GMT
content-type
image/gif
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
11088275
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 10 Jun 2022 10:48:33 GMT
X-Proxy-Origin
81.95.5.42; 81.95.5.42; 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
a252d193-696f-4ef0-8c5b-e7ae0b73e9b7
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3771749925733465598
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame D19F
Redirect Chain
  • https://secure.adnxs.com/seg?add=1005440&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D1005440%26redir%3Dhttps%253A%252F%252Fib.adnxs.com%252Fgetuid%253Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fappnexus%252Fcookiematch.aspx...
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3771749925733465598
43 B
370 B
Image
General
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3771749925733465598
Protocol
H2
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Jun 2022 10:48:32 GMT
content-type
image/gif
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
5987088
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 10 Jun 2022 10:48:33 GMT
X-Proxy-Origin
81.95.5.42; 81.95.5.42; 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
51229003-2841-4a60-a01d-25e934ea3ab4
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3771749925733465598
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
x.bidswitch.net/ul_cb/ Frame D19F
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=46&user_id=k-lqdP_tF26TtiyI1X2lsbUSKy49rNN6qFSyt6sg&expires=30
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-lqdP_tF26TtiyI1X2lsbUSKy49rNN6qFSyt6sg&expires=30
43 B
495 B
Image
General
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-lqdP_tF26TtiyI1X2lsbUSKy49rNN6qFSyt6sg&expires=30
Protocol
HTTP/1.1
Server
3.120.99.209 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-99-209.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Fri, 10 Jun 2022 10:48:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-lqdP_tF26TtiyI1X2lsbUSKy49rNN6qFSyt6sg&expires=30
Date
Fri, 10 Jun 2022 10:48:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame D19F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-9R9B0NF26TtiyI1X2lsbUSKy49qJV2Cw7Ms_Qg&google_cm&google_hm=ay05UjlCME5GMjZUdGl5STFYMmxzYlVTS3k0OXFKVjJDd...
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-9R9B0NF26TtiyI1X2lsbUSKy49qJV2Cw7Ms_Qg&google_gid=CAESECrkbeupBOe96y4eE6M-w4M&google_cver=1&google_ula=913071,0
43 B
371 B
Image
General
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-9R9B0NF26TtiyI1X2lsbUSKy49qJV2Cw7Ms_Qg&google_gid=CAESECrkbeupBOe96y4eE6M-w4M&google_cver=1&google_ula=913071,0
Protocol
H2
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Jun 2022 10:48:32 GMT
content-type
image/gif
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1040110
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 10 Jun 2022 10:48:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-9R9B0NF26TtiyI1X2lsbUSKy49qJV2Cw7Ms_Qg&google_gid=CAESECrkbeupBOe96y4eE6M-w4M&google_cver=1&google_ula=913071,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
398
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
visitor.omnitagjs.com/visitor/ Frame D19F
49 B
235 B
Image
General
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-7rMO4NF26TtiyI1X2lsbUSKy49pWBUdboKdMlw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.153 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Jun 2022 10:48:32 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
content-length
49
expires
0
rum
r.casalemedia.com/ Frame D19F
Redirect Chain
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-jRL82NF26TtiyI1X2lsbUSKy49p1lHHX0oL-rQ
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-jRL82NF26TtiyI1X2lsbUSKy49p1lHHX0oL-rQ&C=1
43 B
1 KB
Image
General
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-jRL82NF26TtiyI1X2lsbUSKy49p1lHHX0oL-rQ&C=1
Protocol
HTTP/1.1
Server
23.35.228.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Jun 2022 10:48:32 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 10 Jun 2022 10:48:32 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 10 Jun 2022 10:48:32 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-jRL82NF26TtiyI1X2lsbUSKy49p1lHHX0oL-rQ&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
296
Expires
Fri, 10 Jun 2022 10:48:32 GMT
match
ad.360yield.com/ul_cb/ Frame D19F
Redirect Chain
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-iMbiddF26TtiyI1X2lsbUSKy49rVSx981QIOfQ
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-iMbiddF26TtiyI1X2lsbUSKy49rVSx981QIOfQ
43 B
445 B
Image
General
Full URL
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-iMbiddF26TtiyI1X2lsbUSKy49rVSx981QIOfQ
Protocol
H2
Server
54.155.185.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-185-156.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 10 Jun 2022 10:48:33 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-iMbiddF26TtiyI1X2lsbUSKy49rVSx981QIOfQ
date
Fri, 10 Jun 2022 10:48:33 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
397596.gif
idsync.rlcdn.com/ Frame D19F
Redirect Chain
  • https://gum.criteo.com/sync?c=6&r=1&k=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40
  • https://idsync.rlcdn.com/397596.gif?partner_uid=YshQkuyIm84C-wIullzvXQuAcQaMauGu
0
98 B
Image
General
Full URL
https://idsync.rlcdn.com/397596.gif?partner_uid=YshQkuyIm84C-wIullzvXQuAcQaMauGu
Protocol
H2
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:32 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Redirect headers

location
https://idsync.rlcdn.com/397596.gif?partner_uid=YshQkuyIm84C-wIullzvXQuAcQaMauGu
date
Fri, 10 Jun 2022 10:48:32 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2499
content-length
197
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
cksync.php
contextual.media.net/ Frame D19F
45 B
783 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-hmVH0NF26TtiyI1X2lsbUSKy49p4SDkL5gfp5w
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Fri, 10 Jun 2022 10:48:32 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 10 Jun 2022 10:48:32 GMT
push
exchange.mediavine.com/usersync/ Frame D19F
40 B
40 B
Image
General
Full URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-ym7KutF26TtiyI1X2lsbUSKy49o1lcKAbZFH3g
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.22.117 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-22-117.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:32 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
cookie-sync
sync.outbrain.com/ Frame D19F
0
476 B
Image
General
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-eu6QCNF26TtiyI1X2lsbUSKy49pHj2d1KnZWAQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.223 Leesburg, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Fri, 10 Jun 2022 10:48:33 GMT
Cache-Control
no-cache
X-TraceId
b02e05ca7846129716fd1834a4b0d48a
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame D19F
42 B
577 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-BQrpwdF26TtiyI1X2lsbUSKy49os4jqkdFy4bA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:32 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
tap.php
pixel.rubiconproject.com/ Frame D19F
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-vIxtatF26TtiyI1X2lsbUSKy49prtZvATuSjrQ&expires=30
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Content-Type
image/gif
v1
match.sharethrough.com/sync/ Frame D19F
68 B
262 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-8sqC7dF26TtiyI1X2lsbUSKy49q3L3f5E_0bIg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.161.157 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-161-157.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:33 GMT
content-length
68
content-type
image/png
/
s.ad.smaato.net/c/ Frame D19F
0
238 B
Image
General
Full URL
https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-Dif-rtF26TtiyI1X2lsbUSKy49qkNCbC8ZYusg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:6c00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:33 GMT
via
1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
server
CloudFront
cache-control
no-cache, must-revalidate
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
BOb_aPV7oXBtErR7AdiTS1F2KPTfdd8pvm2d-tZLsP73efGZmBd4qQ==
x-cache
FunctionGeneratedResponse from cloudfront
/
rtb-csync.smartadserver.com/redir/ Frame D19F
43 B
163 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-qpl2u9F26TtiyI1X2lsbUSKy49orf1ukj7V17Q
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.110 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:32 GMT
transfer-encoding
chunked
content-type
image/gif
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame D19F
0
99 B
Image
General
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-VbPncNF26TtiyI1X2lsbUSKy49o18wVSEDIlyA
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:33 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12921
um
criteo-sync.teads.tv/ Frame D19F
23 B
172 B
Image
General
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k--KZtyNF26TtiyI1X2lsbUSKy49pI9oZeQLBCFw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Jun 2022 10:48:33 GMT
cache-control
max-age=0, no-cache, no-store
expires
Fri, 10 Jun 2022 10:48:33 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif
xuid
eb2.3lift.com/ Frame D19F
37 B
140 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-s5wo-tF26TtiyI1X2lsbUSKy49qXWGQpH13pmQ&dongle=013b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
sync
pixel.advertising.com/ups/55945/ Frame D19F
Redirect Chain
  • https://pixel.advertising.com/ups/55945/sync?uid=k-A4wO9dF26TtiyI1X2lsbUSKy49pEC500dTPY6g&_origin=1
  • https://pixel.advertising.com/ups/55945/sync?uid=k-A4wO9dF26TtiyI1X2lsbUSKy49pEC500dTPY6g&_origin=1&verify=true
0
254 B
Image
General
Full URL
https://pixel.advertising.com/ups/55945/sync?uid=k-A4wO9dF26TtiyI1X2lsbUSKy49pEC500dTPY6g&_origin=1&verify=true
Protocol
H2
Server
18.193.50.241 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-50-241.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:33 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://pixel.advertising.com/ups/55945/sync?uid=k-A4wO9dF26TtiyI1X2lsbUSKy49pEC500dTPY6g&_origin=1&verify=true
date
Fri, 10 Jun 2022 10:48:33 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
v1
ads.yahoo.com/cms/ Frame D19F
0
194 B
Image
General
Full URL
https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:33 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block
sync
ups.analytics.yahoo.com/ups/58301/ Frame D19F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-_ehLxNF26TtiyI1X2lsbUSKy49qM6BpKT0yTgA
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-_ehLxNF26TtiyI1X2lsbUSKy49qM6BpKT0yTgA&verify=true
0
121 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-_ehLxNF26TtiyI1X2lsbUSKy49qM6BpKT0yTgA&verify=true
Protocol
H2
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:33 GMT
server
ATS/9.1.0.46
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-_ehLxNF26TtiyI1X2lsbUSKy49qM6BpKT0yTgA&verify=true
date
Fri, 10 Jun 2022 10:48:33 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
m
ad.yieldlab.net/ Frame D19F
0
522 B
Image
General
Full URL
https://ad.yieldlab.net/m?dm_id=8666&ext_id=k-QgMb4NF26TtiyI1X2lsbUSKy49qs7KKvry0tZw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.16.132.239 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-132-239.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Jun 2022 10:48:33 GMT
x-content-type-options
nosniff
x-frame-options
DENY
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
x-xss-protection
1; mode=block
x-application-context
application
Expires
Thu, 09 Jun 2022 10:48:33 GMT
sync
sync-criteo.ads.yieldmo.com/ Frame D19F
43 B
220 B
Image
General
Full URL
https://sync-criteo.ads.yieldmo.com/sync?id=k-m_epLNF26TtiyI1X2lsbUSKy49rnWgzPzo1ERQ&pn_id=criteo&ext=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.230.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-230-185.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 10 Jun 2022 10:48:33 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
demconf.jpg
dpm.demdex.net/ Frame D19F
Redirect Chain
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=bpnx0FeUr6uq8GpmBq6LylLTiYddsLaf
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=bpnx0FeUr6uq8GpmBq6LylLTiYddsLaf
42 B
945 B
Image
General
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=bpnx0FeUr6uq8GpmBq6LylLTiYddsLaf
Protocol
HTTP/1.1
Server
34.253.148.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-148-205.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v034-07176562c.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
m4t+iRagTVQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v034-01d60a932.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
pDHrEXl0ScU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=bpnx0FeUr6uq8GpmBq6LylLTiYddsLaf
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
setuid
secure.adnxs.com/ Frame D19F
43 B
1 KB
Image
General
Full URL
https://secure.adnxs.com/setuid?entity=52&code=k-2zeOANF26TtiyI1X2lsbUSKy49pUGxvxVb1AVw&seg=1005440
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.119 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
917.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Jun 2022 10:48:33 GMT
X-Proxy-Origin
81.95.5.42; 81.95.5.42; 917.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
fd086b29-4946-412a-a4bf-9a2010d8370d
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
ads.yahoo.com/cms/ Frame D19F
0
17 B
Image
General
Full URL
https://ads.yahoo.com/cms/v1?esig=1~fa63d183df77c65a03eac82806b701b9c4f726b8&nwid=10000892938&sigv=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 10:48:33 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block
m
ad.yieldlab.net/ Frame D19F
0
522 B
Image
General
Full URL
https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-QgMb4NF26TtiyI1X2lsbUSKy49qs7KKvry0tZw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.16.132.239 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-132-239.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Jun 2022 10:48:33 GMT
x-content-type-options
nosniff
x-frame-options
DENY
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
x-xss-protection
1; mode=block
x-application-context
application
Expires
Thu, 09 Jun 2022 10:48:33 GMT
sync
sync-criteo.ads.yieldmo.com/ Frame D19F
43 B
219 B
Image
General
Full URL
https://sync-criteo.ads.yieldmo.com/sync?id=%3Ccriteo%20user%20id%3E&pn_id=criteo&ext=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.230.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-230-185.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 10 Jun 2022 10:48:33 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
sync
x.bidswitch.net/ Frame D19F
43 B
220 B
Image
General
Full URL
https://x.bidswitch.net/sync?dsp_id=117&user_id=k-lqdP_tF26TtiyI1X2lsbUSKy49rNN6qFSyt6sg&expires=30
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.99.209 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-99-209.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Fri, 10 Jun 2022 10:48:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation object| twentytwenty function| twentytwentyDomReady function| twentytwentyToggleAttribute function| twentytwentyMenuToggle function| twentytwentyFindParents function| $ function| jQuery object| t object| root number| cw number| h object| ifrm object| buttonizer_data object| buttonizer_ajax object| localize object| PremiumSettings object| typeformEmbed number| 2f1acc6c3a606b082e5eef5e54414ffb object| Buttonizer function| EvEmitter function| imagesLoaded function| jQueryBridget function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry function| Typed object| __SECRET_EMOTION__ function| Plyr object| FullCalendarLocalesAll function| moment object| FullCalendar object| FullCalendarDayGrid object| FullCalendarTimeGrid object| FullCalendarList boolean| isEditMode object| ea function| Waypoint object| lottie object| bodymovin function| premiumLottieAnimations function| premiumEffects object| webpackChunkelementor_pro object| webpackChunkelementor object| elementorModules object| ElementorProFrontendConfig object| core object| elementorProFrontend object| elementorFrontendConfig object| elementorFrontend object| regeneratorRuntime boolean| typeformEmbedIsloaded function| Swiper

50 Cookies

Domain/Path Name / Value
.vimeo.com/ Name: __cf_bm
Value: NAOjbZyGtq1olkMFBuKlLSrBdzACOdptSU06Gmgqw2c-1654858109-0-AdEiZB10AADFnPxQJUjUeaCkZ1fnlWr1v41cUqx/6AmLUC4O0amEz7JcJ2rZhfWzzhbm//TuZT/TxhFY+oTuLVs=
.vimeo.com/ Name: vuid
Value: pl1870255566.1959177834
www.sympla.com.br/ Name: AWSALBCORS
Value: nQiQnB+ARzmwwIMbVFSUXaTkJZHb7OXoOYntNXs7Fg+E1wDK/6KOLm2gbR00xmjRnBRvOtDz+4FG8edneBKrlv/rr6Cguk3zCPAH56a2WWGEmDAHptMZuM/VUvah
.doubleclick.net/ Name: IDE
Value: AHWqTUlxRO9i7iSne5Q7ZO-MoeUamIHx6jOVi86zl4TibZzVFkqkJNNEghRXTW4Y
.linkedin.com/ Name: UserMatchHistory
Value: AQJMYNJ-TVGIJgAAAYFNOtlozVw0kUlm7YYHDjo7vVF-IM8a_2ksfSILxEzhez5qkJZu_vW0XE28rA
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQLwqRAaMzAANAAAAYFNOtlocFvgEv-Nd-jN-dFGO4jYQNKq54wUd5sZ4YX0oBogiZaYCvJ774fkR2kB2jj5BQ
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&c3fe8889-926b-4269-86df-0e23635428e7"
.linkedin.com/ Name: lidc
Value: "b=VGST01:s=V:r=V:a=V:p=V:g=2642:u=1:x=1:i=1654858111:t=1654944511:v=2:sig=AQFz4_hlMPhB4JwRyVoZcM5wuTGQKB43"
.tiktok.com/ Name: _ttp
Value: 2ANlqAWNAYl7EJVFx9hitbzXPf2
.igodigital.com/ Name: igodigitaltc2
Value: de5cb11e-e8aa-11ec-aaac-ae8e28c5d199
.igodigital.com/ Name: igodigitalst_534001996
Value: de5cb9a2-e8aa-11ec-aaac-ae8e28c5d199
.igodigital.com/ Name: igodigitalstdomain
Value: 2000036472
.creativecdn.com/ Name: u
Value: 8XsRWWm4JvrkwsqMBhLM
.creativecdn.com/ Name: ts
Value: 1654858111
.linkedin.com/ Name: lang
Value: v=2&lang=de-de
.www.linkedin.com/ Name: bscookie
Value: "v=1&20220610104831c79cae41-212f-4b23-825f-e3cf44cac2c5AQHm6tbJVSHiAvm-hNugKVivESY8Mict"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NTQ4NTgxMTE7MjswMjE2z1Scexk3L9UZNu8SJZTfsacwsCqtOgLTewoDwHVwHA==
.criteo.com/ Name: uid
Value: e551c604-3abc-4caa-8fa0-9e6e8dff0213
exchange.mediavine.com/ Name: mv_tokens
Value: %7B%22mv_uuid%22%3A%22df45a310-e8aa-11ec-9780-0de38f4c09a9%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: mv_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%22df45a310-e8aa-11ec-9780-0de38f4c09a9%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: criteo
Value: %7B%22id%22%3A%22k-ym7KutF26TtiyI1X2lsbUSKy49o1lcKAbZFH3g%22%2C%22version%22%3A%22criteo%22%7D
.casalemedia.com/ Name: CMID
Value: YqMhgOJ7ehW-vWeWIewxhAAA
.casalemedia.com/ Name: CMPS
Value: 5181
.casalemedia.com/ Name: CMPRO
Value: 1122
.casalemedia.com/ Name: CMRUM3
Value: 1462a321802760k-jRL82NF26TtiyI1X2lsbUSKy49p1lHHX0oL-rQ
.casalemedia.com/ Name: CMST
Value: YqMhgGKjIYAA
.adnxs.com/ Name: uuid2
Value: 3771749925733465598
.media.net/ Name: visitor-id
Value: 2978597128173828000V10
.media.net/ Name: data-c-ts
Value: 1654858112
.media.net/ Name: data-c
Value: k-hmVH0NF26TtiyI1X2lsbUSKy49p4SDkL5gfp5w~~3
.sharethrough.com/ Name: stx_user_id
Value: 1052d16a-8f8a-414d-a074-fdb13350d94f
.360yield.com/ Name: tuuid
Value: ae676987-c209-41bf-835a-446d0c8a99e5
.360yield.com/ Name: tuuid_lu
Value: 1654858113
.360yield.com/ Name: um
Value: !38,slUs88atNoCeGQvliGKT93ms7zAvL1mEhY1vZLfCzCyM0K.od7jbw9cZiWCp5gDM9otHMUgu,1662634113
.360yield.com/ Name: umeh
Value: !38,0,1717066113,-1
.advertising.com/ Name: APID
Value: UPdf5c8710-e8aa-11ec-817a-0203e9286c5c
.adnxs.com/ Name: anj
Value: dTM7k!M4/rCxrEQF']wIg2HbW5OOYt!2!_UPuk+!fL24>ieFzx[d5w1tU+kH%Vx6!tNHPafxl)r'NLvb^v03)^>0J[=2>Wy1n5pblg^6nNl$]kNya!tNhTnm-_75G
.yieldlab.net/ Name: id
Value: f89b6834-84ab-403d-968d-fd08a20c81ec
.demdex.net/ Name: demdex
Value: 79793019152744612332576084401125423050
.yahoo.com/ Name: A3
Value: d=AQABBIEho2ICEI_rgU3_ZfWCz99qMt4_9eYFEgEBAQFzpGKtYgAAAAAA_eMAAA&S=AQAAAimThja0fLU-z70XMiJDyFw
.dpm.demdex.net/ Name: dpm
Value: 79793019152744612332576084401125423050
.bidswitch.net/ Name: tuuid
Value: a46590a0-a1fd-4b61-b272-65122ed2c163
.bidswitch.net/ Name: c
Value: 1654858113
.bidswitch.net/ Name: tuuid_lu
Value: 1654858113
.analytics.yahoo.com/ Name: IDSYNC
Value: 18zh~25dm
.outbrain.com/ Name: obuid
Value: 4046fe82-dac3-4b06-87de-8aa0bc43d6be
.outbrain.com/ Name: criteo
Value: k-eu6QCNF26TtiyI1X2lsbUSKy49pHj2d1KnZWAQ
.pubmatic.com/ Name: KRTBCOOKIE_97
Value: 3385-uid:k-BQrpwdF26TtiyI1X2lsbUSKy49os4jqkdFy4bA&KRTB&23144-uid:k-BQrpwdF26TtiyI1X2lsbUSKy49os4jqkdFy4bA&KRTB&23286-uid:k-BQrpwdF26TtiyI1X2lsbUSKy49os4jqkdFy4bA&KRTB&23287-uid:k-BQrpwdF26TtiyI1X2lsbUSKy49os4jqkdFy4bA
.pubmatic.com/ Name: PugT
Value: 1654858112

3 Console Messages

Source Level URL
Text
other warning URL: https://static.criteo.net/js/ld/ld.js
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://idsync.rlcdn.com/397596.gif?partner_uid=YshQkuyIm84C-wIullzvXQuAcQaMauGu
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://pixel.advertising.com/ups/55945/sync?uid=k-A4wO9dF26TtiyI1X2lsbUSKy49pEC500dTPY6g&_origin=1&verify=true
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11359555.fls.doubleclick.net
534001996.collect.igodigital.com
ad.360yield.com
ad.yieldlab.net
ads.yahoo.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
analytics.tiktok.com
ash.creativecdn.com
cdnjs.cloudflare.com
cm.creativecdn.com
cm.g.doubleclick.net
collector-pxnjo03l5c.px-cloud.net
connect.facebook.net
contextual.media.net
criteo-sync.teads.tv
d335luupugsy2.cloudfront.net
dis.criteo.com
dpm.demdex.net
eb2.3lift.com
exchange.mediavine.com
f.vimeocdn.com
fledge-usa.creativecdn.com
fonts.googleapis.com
fonts.gstatic.com
fresnel.vimeocdn.com
googleads.g.doubleclick.net
gum.criteo.com
i.vimeocdn.com
ib.adnxs.com
idsync.rlcdn.com
lovenoronha.com.br
match.sharethrough.com
mug.criteo.com
nova.collect.igodigital.com
pageview-notify.rdstation.com.br
pixel.advertising.com
pixel.rubiconproject.com
player.vimeo.com
popups.rdstation.com.br
px.ads.linkedin.com
px4.ads.linkedin.com
r.casalemedia.com
rtb-csync.smartadserver.com
s.ad.smaato.net
secure.adnxs.com
simage2.pubmatic.com
snap.licdn.com
sslwidget.criteo.com
static.cloudflareinsights.com
static.criteo.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
ups.analytics.yahoo.com
us.creativecdn.com
vimeo.com
visitor.omnitagjs.com
widget.us.criteo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.lovenoronha.com.br.metodoaprovacaoimediata.com
www.sympla.com.br
x.bidswitch.net
104.111.242.245
104.36.113.107
13.107.43.14
13.225.84.64
13.248.245.213
141.226.228.48
142.250.185.162
142.250.185.70
151.101.114.109
162.159.128.61
162.159.138.60
162.241.62.70
178.250.0.157
178.250.0.163
178.250.2.151
18.156.0.31
18.158.161.157
18.193.50.241
185.184.10.30
185.184.8.90
185.255.84.153
185.33.221.119
185.86.137.110
2.18.235.93
23.35.228.247
23.36.163.241
2600:9000:223f:6c00:1b:5138:8a40:93a1
2606:4700:440e::6812:2fe6
2606:4700::6811:180e
2606:4700::6812:1ed2
2620:1ec:21::14
2620:1ec:22::14
2a00:1288:80:807::2
2a00:1450:4001:801::2004
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2002
2a00:1450:4001:812::2003
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2002
2a00:1450:400e:80e::200a
2a02:2638::1c
2a02:2638::3
2a02:26f0:ef::5c7b:c24a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.120.22.117
3.120.99.209
34.120.202.204
34.199.45.141
34.253.148.205
34.68.90.188
35.186.220.184
35.223.116.65
35.244.174.68
37.252.172.38
54.155.185.156
54.194.230.185
64.202.112.223
69.173.144.138
74.119.119.150
96.16.132.239
021c5e5cb2f2cc1a9faefeb8be7ca1f79a00d045c990118a6c35c3c0186f3606
023dc3371389cdbb3da076f55585faec1f285f5076a2859122821c280bff9491
029d9bb05cb0f0cb639305169006c89d1140c4076cdd8f55a2c02cee95cc41d8
05794d306bda9df484331da47f146d25ac89561841b8f773b738f1d5dcec10ce
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
063d2f6044e99f4b86db1be083df8d2383878aebc5ab4e923d15e108c275b6b2
06a2054be88c5cebc742c58234e5a110d38324cdeb98489dbb431cf029d444eb
07d0ada1547cb7996fd32198b0b72cb691c928d54f4748deea65a5119c649f05
0c1a0c88c5a0345b1d8a8a86684ccbcbd6a2b938b78198bcd7f669e4065a48b7
0efaa5de2210f5429bed0133442be571eedef1bb39dfaf75ef98c0b714365851
0fbf9baf55958e7da29474df2a3fe90e200ed1e1f14a37d2ddbee0ad3e840fe5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10ecbe22bdb1537837da30c3460b8c89fce6f7f552574cfde6d2f840054b7097
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
1525cd3ea05d1c00e4b385e781749c3bac5c01570b5800198bec0a252bb6c715
15569f54ba2a53ea018b719ad12d348e2f2815948983a4a559250a9b78b7c9db
17bcee624014c5087e09159733be8153d4fd75692a11b3a7a1abd6183b8d1e3d
1a4f2476d1b74b87fffc52ff3453cb7677f90b6b23b68e2eb6964a60d679dcf0
1ab42ad05bdcf088a3312ccee0267158d29dc6582f71cb1453466d9eb57263c1
1d958df679652278f4ecc64d3d8755ab238d61123a0048d8a0def7542602d5ce
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
21a65a9d6d7120b57e69ef81981cc7c490fe0e48613476b710c21229d65cf231
22dcb8ef3c10b32427c640233243373541cd23d352e29043a4dba3762956975b
22f38bcd5544708fe83348bf6b068d4f521e0cb16c32d0256b7e027760114bad
2909bf1f6b05fadc33d7c0be3243c469d0fa320ee867769ad05281be552debea
29af7329aaaa6991679a65ceb64a13f7a3d92178e4f51a5acdb7e2d482d7569f
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c96b0a6b46e8180273c1bedb5957af76de5ba91247cb226674b7c0f0360fdb7
2fc3e7cd61e12fdea59ccbd206752e64007b34e3e426e0aead66fbc904f4aa9e
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
459c5646380feca92e9229cd81019f233f14253f6cccb421da6140c95ad4bea8
463faad63e59f653f8367ca1bd38629a240ebd4f2165c313e660933acc322b04
49f77251d8aeae4264b67b662667a7bbdebeecad96cb428ef661f4da78d326ba
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
53feec6f07008d069934b9819970d5772a3de3da3def79841120b81b0d62f21b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5b63430aa85f49cd6f5f498f2b44be7511dd16796feaec551a589f5f9f7946a0
5c9a3c46d13cda847a391df63f9682ab531be301e12b6b64d191797c8c6fb054
60044845d2d479631c4db2944a3943405bb760e18ac58de2e1bca338e2a3d003
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
60fbfa9f6a187c349e777aa277654ac2c3db69b757926cc12f4b9f5fee09b4d4
6126b94f9f412aff6c80c539ab820d6a71df0062e81e09fe513cc68246d4cccb
61a9183f0b3e33b46a8280e047905f5e5639ac7f61e7efdd82ae78e5b5593fa9
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
62894e21310ad30458d50c4ec5a38889092498119bd337fbaabed88772a0b14f
63a349975ae27dc85273c48112334319dab68f07678d6aa98f6a0091c3eab64d
63dd9340bf7f1ac6a576e8a0d2467f9270158ff446de0158df6a3a57cb08f4df
6845f92e349fd27efc82399d6e87e99487638471ff8171c5465d326134cabe9a
685d97c9d10a862d532d5873e2fa98feb3ed38be2d71c3d3fddbebfb0e286ecc
6a580037e2958e0ac4fc813beb67ff33b0ae621eadfe766db211b7d5deb9673e
6f19f5c6a41dd896804ceebb1923fe07cacba7b992733ad8cf882263f85edea2
726b99b6ce566ab33391f2c151870bcdd7a43f524f62e360bc3ac48f7df3d2a7
7bd5d613da696603bdb7cb06dd5ea555a03724724fda75cac7055c1bb88d2083
7fa80c9a3595b623f4a6073a52ee6decc51e6db84f640aad05ed64a3117196fe
81e007098cef2f3620c1b091378e0c29b9797dc40ea4d73fcbdcf2ba8b6a0be2
82b680f094f5490bb2aa86dacf6ff7c48091495a99b7425faaa352be38b5cba8
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
85a93a93f30f3ad5c2ffe2cb090c08173e725870f83a7af9c140659dcfe20293
8845153cbafa3d0b8c11ff907cab806838e00170e98939c8bd79cd90d49c4f6c
898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8e8d9aced1e2fd62ec01eb14bb123b45d12d4359491817ef48df8010fabb6ace
908d489cc69d1012b3ca03489fe419201a6a8cf5bf56ec70d7d3540413d2773b
96ddd38efe76ec82a9f2b4ecb8c151aa7b202d792823131a8936fc9bd616b22a
9732395666dfa3bc5bfdff347dd2631329a479d45760d5cc6d6111f63f697f2c
9757f11f2037ed49cd46b38548f6973f7090a30600317c52f1822b9bffbbbc49
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
9a21d3c6f4fcb4c1e463866a1cf15d1cec042fa62f92c80a303cd32f67cbc8d7
9bc53355cf72bd3e8955f3cb37d14721f99e0f2b55e3056fa8f40aef14cc47c8
9ddc14d2bf861fce028506087fa64c31045712254bb719941fd4c84921b9f7ec
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a42426e826184977b1bb820ec198818ace862a8d7b7a7ae8e8f9fee47e010573
a49bff187c2ebfba7ee24be6e2422a24775e6698494ae76a669f88c50abcdec7
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
ada8007243527eb5ce5e1d1e0fb171aabf1f9ecff7ce5c8aa7e6d9243fbfc348
b021579a041152c4fa944505410146802924113a34b91287a87cb423879199d7
b0bc8a9db7dbd0cac34e4ea8e178412505924d182a4cedada0613308dec9c178
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0
b329ddd542e3134a42f74ebcea3bdc81aa6c7c0cfea2b3907871c4f6b23f4652
b588388326a9d3d30442904afd354fbb2f1feeb88ffca342e1c2f0391a692910
b7a25b83c51e21a0eda422b84ac471cc5d59d3edce90e8a58c211ae39591ed4f
b82334d29e7e760f3e84f9c7d9a9d78143a4cb4f5855d5cc5a05e23495cd9992
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb5677bcd61703e98d4e275bee546ffa99a970f913b699a727398802da8d4c3d
bcac9c6f96098b03c349a15ab7a6ce7501aabdcab70ba245179afe2b83ce977c
bddb04d8843f92ce05a73dfab408b072da48c88a623b429afa5c9929211127f6
c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a
c406d1aca57e9a5725a41d36e9bbcf393638aae2ae0d34a8802eac202aeea684
c419da0455fc79a38ca763fbc13a8f74fe2982f61f93eb77a6dcea639c0d3a30
c4b5982cef70c34f2da4c69e5f30424c4d568e17e2fe4135c3e3775fdd9c0e3c
c571b2fcfe013389fcdd84cc510cd05a1ba046b349988436e441aa4c5607164c
c68e1edb2e2414da9f1a46a81131ceeb09e082363d20c8605d5edb929a1bf648
c8400ea2d59ff90b2e11e3b7f2353a67edae69a13e39c83f106150f846a595df
cbcd3507ee13179d78517c3790b7475c3e99f734f8ae33a31805e99017a59792
cd6384d926b3feb8abc31a9ce7c35b6080f2e02df6d37eaf63c5f9993c1910b9
d04c4194788569076d6ae50d31c252f7a1685c7ffad2f964495aa7001b69b844
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d5f6a06d3fea7d5647f1ff6e80fa0ce42f0f7b761498866b14182e2f4c8199af
db8906c97fca018189220d4aefdb6235060f442afd36f4a2bf2ca4a4ba5b3b65
dbfc749ce89e5cf6ab17d04650afba674003f8ef794cecd8bf99e56b9c83b745
df04639997df53ab626f3fb35fc6bd9a5bbf81f1d809b943554076c185a9026f
dfc6678e3b812f3097334f84e4f7ed816c8339cd0f1a5e5b90281e8c3374d463
e02a7ea5c3ea2bd8fe3d797a95f5da2ac3997be7d632acdd75905454e8f88e81
e03c2df7ef439d2708bbc168a21c0a00da63e5664d286120c994c39644addd03
e1f0f32bc0ab122771bd346c443b7f3cd8dcf0740c755d53efdcc3bfc24ef962
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41533d5c6eab361631aa3cf8bf7b8a2e6babfcc42a1aa950b2b0cd80c109b8f
e797c34ebce4b2656cebd0c920534fbc7f9875ad91f1f1c358a660a9de4c7550
ed965ef7026b736436fc03697c7f29977fcde1e510b0ee2ecdff0d354442cf81
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f70b370debd085dd9e9fb6495c796cdccf41c44574cc185dbe124f3ea8237623
f7f1e832b1effae09b4657cad1352cb404ad2a5438c27d2686706ecf0613f910
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505