centrosulturismo.com.br Open in urlscan Pro
191.6.205.41  Malicious Activity! Public Scan

10 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://topthestory.com/wp-content/plugins/eyufoww/dcjds.php?https://dox.net Page URL
2. https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/ Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	dcjds.php Show response topthestory.com/wp-content/plugins/eyufoww/	531 B 728 B	195ms 39ms	Document text/html	149.210.165.197 TRANSIP-AS Amsterdam
General Check archive.org Show headers Download Go to Full URL https://topthestory.com/wp-content/plugins/eyufoww/dcjds.php?https://dox.net Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 149.210.165.197 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL), Reverse DNS vpswin3.wexpose.be Software Microsoft-IIS/8.5 / ASP.NET Resource Hash 9fe1ecbc52e21d5ab2a3a7640d24eb67006b258dd684b5449c140a4699e0c872 Request headers Host topthestory.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type text/html; charset=UTF-8 Server Microsoft-IIS/8.5 X-Powered-By ASP.NET X-Powered-By-Plesk PleskWin Date Tue, 01 Sep 2020 20:18:05 GMT Content-Length 531
GET H2	200	Primary Request / Show response centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/	19 KB 6 KB	943ms 227ms	Document text/html	191.6.205.41 IPV6 Internet Ltda
General Check archive.org Show headers Download Go to Full URL https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 191.6.205.41 , Brazil, ASN28299 (IPV6 Internet Ltda, BR), Reverse DNS wp7601.kinghost.net Software nginx/1.14.0 / Resource Hash 559ee5e3428563ea15e4eb0d6dd27632c7f18be5f576e27eb0d7e614d0faa3ad Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers :method GET :authority centrosulturismo.com.br :scheme https :path /wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest document referer https://topthestory.com/wp-content/plugins/eyufoww/dcjds.php?https://dox.net accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://topthestory.com/wp-content/plugins/eyufoww/dcjds.php?https://dox.net Response headers status 200 server nginx/1.14.0 date Tue, 01 Sep 2020 20:18:06 GMT content-type text/html content-length 5479 last-modified Tue, 01 Sep 2020 19:17:26 GMT vary Accept-Encoding content-encoding gzip x-cacheable YES age 3628 x-cache HIT x-cache-hits 23 x-frame-options SAMEORIGIN accept-ranges bytes
GET H2	200	integrator.js Show response adservice.google.com.eg/adsid/	109 B 890 B	50ms 15ms	Script application/javascript	2a00:1450:4001:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com.eg/adsid/integrator.js?domain=localhost Requested by Host: centrosulturismo.com.br URL: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Tue, 01 Sep 2020 20:18:06 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." status 200 cache-control private, no-cache, no-store content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 104 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	109 B 168 B	15ms 14ms	Script application/javascript	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=localhost Requested by Host: centrosulturismo.com.br URL: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Tue, 01 Sep 2020 20:18:06 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." status 200 cache-control private, no-cache, no-store content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 104 x-xss-protection 0
GET H2	200	combine_signon_136.css centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/css/	160 KB 27 KB	231ms 231ms	Stylesheet text/css	191.6.205.41 IPV6 Internet Ltda
General Check archive.org Show headers Download Go to Full URL https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/css/combine_signon_136.css Requested by Host: centrosulturismo.com.br URL: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 191.6.205.41 , Brazil, ASN28299 (IPV6 Internet Ltda, BR), Reverse DNS wp7601.kinghost.net Software nginx/1.14.0 / Resource Hash 5ac0d1a87ad5eccf2f71c70cad9a38a11e498cc395f2205d45dd7a4524c6582d Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 01 Sep 2020 20:18:06 GMT content-encoding gzip x-cacheable YES age 3628 x-cache HIT status 200 x-cache-hits 9 content-length 27574 pragma public last-modified Tue, 01 Sep 2020 19:17:26 GMT server nginx/1.14.0 x-frame-options SAMEORIGIN vary Accept-Encoding content-type text/css cache-control max-age=31536000, max-age=31536000, public accept-ranges bytes expires Wed, 01 Sep 2021 19:17:38 GMT
GET H2	200	pubads_impl_rendering_2019013101.js Show response securepubads.g.doubleclick.net/gpt/	63 KB 24 KB	115ms 65ms	Script text/javascript	172.217.18.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019013101.js?21063143 Requested by Host: centrosulturismo.com.br URL: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s29-in-f2.1e100.net Software sffe / Resource Hash 4893b6ab6f829846b2d16d9b09bbcf9422f3719610bd61d2d4682a9115fb9ce1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 01 Sep 2020 20:18:06 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 04 Feb 2019 20:17:33 GMT server sffe vary Accept-Encoding content-type text/javascript status 200 cache-control private, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 23918 x-xss-protection 0 expires Tue, 01 Sep 2020 20:18:06 GMT
GET H3-Q050	200	pubads_impl_2019013101.js Show response securepubads.g.doubleclick.net/gpt/	181 KB 62 KB	98ms 65ms	Script text/javascript	172.217.18.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019013101.js?21063143 Requested by Host: centrosulturismo.com.br URL: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/ Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 172.217.18.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s29-in-f2.1e100.net Software sffe / Resource Hash 4d9867046e990bd68ab027d5e92df3e32e5d72a09ec3ad0a791ddb8130d0017f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 01 Sep 2020 20:18:06 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 04 Feb 2019 20:17:33 GMT server sffe vary Accept-Encoding content-type text/javascript status 200 cache-control private, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 63420 x-xss-protection 0 expires Tue, 01 Sep 2020 20:18:06 GMT
GET H2	200	webmail-desktop.png centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/images/	5 KB 5 KB	229ms 225ms	Image image/png	191.6.205.41 IPV6 Internet Ltda
General Check archive.org Show headers Download Go to Show image Full URL https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/images/webmail-desktop.png Requested by Host: centrosulturismo.com.br URL: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 191.6.205.41 , Brazil, ASN28299 (IPV6 Internet Ltda, BR), Reverse DNS wp7601.kinghost.net Software nginx/1.14.0 / Resource Hash 27c361265ec07215bcd0373d146e385e13bc62d35cda4f1310faad6dee9eb7b2 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma public date Tue, 01 Sep 2020 20:18:07 GMT last-modified Tue, 01 Sep 2020 19:17:26 GMT server nginx/1.14.0 age 3628 x-cacheable YES x-frame-options SAMEORIGIN x-cache HIT content-type image/png status 200 expires Wed, 01 Sep 2021 19:17:39 GMT cache-control max-age=31536000, max-age=31536000, public accept-ranges bytes content-length 4657 x-cache-hits 10
GET H2	200	error_button.png centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/images/	185 B 459 B	227ms 224ms	Image image/png	191.6.205.41 IPV6 Internet Ltda
General Check archive.org Show headers Download Go to Show image Full URL https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/images/error_button.png Requested by Host: centrosulturismo.com.br URL: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 191.6.205.41 , Brazil, ASN28299 (IPV6 Internet Ltda, BR), Reverse DNS wp7601.kinghost.net Software nginx/1.14.0 / Resource Hash 3de0670375c8a9763362d95d2863c6e1e0360fa3f900c4e9b4b1a10194e3fe89 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma public date Tue, 01 Sep 2020 20:18:07 GMT last-modified Tue, 01 Sep 2020 19:17:26 GMT server nginx/1.14.0 age 3628 x-cacheable YES x-frame-options SAMEORIGIN x-cache HIT content-type image/png status 200 expires Wed, 01 Sep 2021 19:17:39 GMT cache-control max-age=31536000, max-age=31536000, public accept-ranges bytes content-length 185 x-cache-hits 10
GET H2	200	helpIcon.png centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/images/icons/	1 KB 2 KB	227ms 224ms	Image image/png	191.6.205.41 IPV6 Internet Ltda
General Check archive.org Show headers Download Go to Show image Full URL https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/images/icons/helpIcon.png Requested by Host: centrosulturismo.com.br URL: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 191.6.205.41 , Brazil, ASN28299 (IPV6 Internet Ltda, BR), Reverse DNS wp7601.kinghost.net Software nginx/1.14.0 / Resource Hash 4a57782e3a025dd4aef0918ddab21ffa7dc69777710836bd1f185ac77a468b37 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma public date Tue, 01 Sep 2020 20:18:07 GMT last-modified Tue, 01 Sep 2020 19:17:26 GMT server nginx/1.14.0 age 3628 x-cacheable YES x-frame-options SAMEORIGIN x-cache HIT content-type image/png status 200 expires Wed, 01 Sep 2021 19:17:39 GMT cache-control max-age=31536000, max-age=31536000, public accept-ranges bytes content-length 1427 x-cache-hits 10
GET H2	200	modal-close.png centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/images/	1 KB 2 KB	228ms 226ms	Image image/png	191.6.205.41 IPV6 Internet Ltda
General Check archive.org Show headers Download Go to Show image Full URL https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/images/modal-close.png Requested by Host: centrosulturismo.com.br URL: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 191.6.205.41 , Brazil, ASN28299 (IPV6 Internet Ltda, BR), Reverse DNS wp7601.kinghost.net Software nginx/1.14.0 / Resource Hash 30b07af0c79b6241e9cd0ac1b56006cefb70b6204d9a1eb98a61b7b73e3fb7a5 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma public date Tue, 01 Sep 2020 20:18:07 GMT last-modified Tue, 01 Sep 2020 19:17:26 GMT server nginx/1.14.0 age 3628 x-cacheable YES x-frame-options SAMEORIGIN x-cache HIT content-type image/png status 200 expires Wed, 01 Sep 2021 19:17:39 GMT cache-control max-age=31536000, max-age=31536000, public accept-ranges bytes content-length 1340 x-cache-hits 10
GET H2	200	jquery.min.js Show response centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/js/	93 KB 33 KB	302ms 302ms	Script application/javascript	191.6.205.41 IPV6 Internet Ltda
General Check archive.org Show headers Download Go to Full URL https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/js/jquery.min.js Requested by Host: centrosulturismo.com.br URL: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 191.6.205.41 , Brazil, ASN28299 (IPV6 Internet Ltda, BR), Reverse DNS wp7601.kinghost.net Software nginx/1.14.0 / Resource Hash 0fb170f24675c84f8228ad6b61d69bf6705030949cc2fec316b3a006eab282f8 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 01 Sep 2020 20:18:06 GMT content-encoding gzip x-cacheable YES age 3628 x-cache HIT status 200 x-cache-hits 9 content-length 33665 pragma public last-modified Tue, 01 Sep 2020 19:17:26 GMT server nginx/1.14.0 x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/javascript cache-control max-age=31536000, max-age=31536000, public accept-ranges bytes expires Wed, 01 Sep 2021 19:17:38 GMT
GET H2	200	combine_signon_136.js Show response centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/js/	97 KB 28 KB	224ms 224ms	Script application/javascript	191.6.205.41 IPV6 Internet Ltda
General Check archive.org Show headers Download Go to Full URL https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/js/combine_signon_136.js Requested by Host: centrosulturismo.com.br URL: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 191.6.205.41 , Brazil, ASN28299 (IPV6 Internet Ltda, BR), Reverse DNS wp7601.kinghost.net Software nginx/1.14.0 / Resource Hash e0ad5458dbc7bf04431ba5aa06bbc9d2dcb984c22c419c4605a458c3e0c9db8b Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 01 Sep 2020 20:18:06 GMT content-encoding gzip x-cacheable YES age 3628 x-cache HIT status 200 x-cache-hits 9 content-length 28758 pragma public last-modified Tue, 01 Sep 2020 19:17:26 GMT server nginx/1.14.0 x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/javascript cache-control max-age=31536000, max-age=31536000, public accept-ranges bytes expires Wed, 01 Sep 2021 19:17:39 GMT
GET H2	200	login-form.shaw.js Show response centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/js/	5 KB 5 KB	228ms 223ms	Script application/javascript	191.6.205.41 IPV6 Internet Ltda
General Check archive.org Show headers Download Go to Full URL https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/js/login-form.shaw.js Requested by Host: centrosulturismo.com.br URL: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 191.6.205.41 , Brazil, ASN28299 (IPV6 Internet Ltda, BR), Reverse DNS wp7601.kinghost.net Software nginx/1.14.0 / Resource Hash 90431299afc79f2f07c5bbbc64d9d9c6b3e0613db138e0e1675a5a400e3d3e2e Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma public date Tue, 01 Sep 2020 20:18:07 GMT vary Accept-Encoding last-modified Tue, 01 Sep 2020 19:17:26 GMT server nginx/1.14.0 age 0 x-frame-options SAMEORIGIN x-cache MISS content-type application/javascript status 200 cache-control max-age=31536000, max-age=31536000, public accept-ranges bytes content-length 5102 expires Wed, 01 Sep 2021 20:18:07 GMT
GET H2	200	jquery.cookie.js Show response centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/js/	2 KB 1 KB	228ms 224ms	Script application/javascript	191.6.205.41 IPV6 Internet Ltda
General Check archive.org Show headers Download Go to Full URL https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/js/jquery.cookie.js Requested by Host: centrosulturismo.com.br URL: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 191.6.205.41 , Brazil, ASN28299 (IPV6 Internet Ltda, BR), Reverse DNS wp7601.kinghost.net Software nginx/1.14.0 / Resource Hash b3ac405c96e1194eb6ab54b6676028c7380716aa5212a26f1572a845808abd5e Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 01 Sep 2020 20:18:07 GMT content-encoding gzip x-cacheable YES age 3628 x-cache HIT status 200 x-cache-hits 9 content-length 849 pragma public last-modified Tue, 01 Sep 2020 19:17:26 GMT server nginx/1.14.0 x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/javascript cache-control max-age=31536000, max-age=31536000, public accept-ranges bytes expires Wed, 01 Sep 2021 19:17:39 GMT
GET H2	200	jquery.base64.min.js Show response centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/js/	2 KB 1021 B	231ms 227ms	Script application/javascript	191.6.205.41 IPV6 Internet Ltda
General Check archive.org Show headers Download Go to Full URL https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/js/jquery.base64.min.js Requested by Host: centrosulturismo.com.br URL: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 191.6.205.41 , Brazil, ASN28299 (IPV6 Internet Ltda, BR), Reverse DNS wp7601.kinghost.net Software nginx/1.14.0 / Resource Hash 49416531519583e597dccc3856da2fa093b5e739baf9fda442b7047309e7f51c Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 01 Sep 2020 20:18:07 GMT content-encoding gzip x-cacheable YES age 3628 x-cache HIT status 200 x-cache-hits 9 content-length 704 pragma public last-modified Tue, 01 Sep 2020 19:17:26 GMT server nginx/1.14.0 x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/javascript cache-control max-age=31536000, max-age=31536000, public accept-ranges bytes expires Wed, 01 Sep 2021 19:17:39 GMT
GET		/ zn_djzxqpnjgabhfwh-shaw.siteintercept.qualtrics.com/SIE/	0 0
GET		gpt.js www.googletagservices.com/tag/js/	0 0
GET H2	200	gpt.js Show response www.googletagservices.com/tag/js/	54 KB 18 KB	41ms 39ms	Script text/javascript	2a00:1450:4001:815::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: centrosulturismo.com.br URL: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1a00ec901bb235ad2a8211954f9b3b9aeb27223cc0dc157dfc8f38a288b998bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 01 Sep 2020 20:18:06 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "620 / 740 of 1000 / last-modified: 1598972935" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 18700 x-xss-protection 0 expires Tue, 01 Sep 2020 20:18:06 GMT
GET		container.html tpc.googlesyndication.com/safeframe/1-0-32/html/	0 0
GET H3-Q050	200	pubads_impl_2020082701.js Show response securepubads.g.doubleclick.net/gpt/	262 KB 92 KB	62ms 62ms	Script text/javascript	172.217.18.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020082701.js Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 172.217.18.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s29-in-f2.1e100.net Software sffe / Resource Hash c0159d71bfd21f50878f12b283950402c6364354bcd559af9accc22191dddb5b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 01 Sep 2020 20:18:06 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 27 Aug 2020 08:39:44 GMT server sffe vary Accept-Encoding content-type text/javascript status 200 cache-control private, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 93876 x-xss-protection 0 expires Tue, 01 Sep 2020 20:18:06 GMT
GET H3-Q050	403	ads Show response securepubads.g.doubleclick.net/gampad/	203 B 477 B	34ms 34ms	XHR text/html	172.217.18.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3297204530071344&correlator=529212683683104&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&json_a=1&vrg=2019013101&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-31&iu_parts=6872%2Cwebmail.shaw.ca&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie_enabled=1&bc=15&abxe=1&lmt=1598987846&dt=1598991487064&dlt=1598991486447&idt=593&frm=20&biw=1600&bih=1200&oid=3&adxs=879&adys=184&adks=3847475914&ucis=1&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcentrosulturismo.com.br%2Fwp-content%2Fplugins%2Fgoogle-analytics-for-wordpress%2Fassets%2Fcss%2Fimages%2F3%2FUpdate%2FShaw%2F&ref=https%3A%2F%2Ftopthestory.com%2Fwp-content%2Fplugins%2Feyufoww%2Fdcjds.php%3Fhttps%3A%2F%2Fdox.net&dssz=10&icsg=43691&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=383x400&msz=310x250&ga_vid=125302024.1598991487&ga_sid=1598991487&ga_hid=1443264790&fws=4 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019013101.js?21063143 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 172.217.18.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s29-in-f2.1e100.net Software cafe / Resource Hash 1bd05e125ef3d7c1b11e6a2bd07459ef0dbeede76af3184812d9c3e34b10c27d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Tue, 01 Sep 2020 20:18:07 GMT content-encoding br x-content-type-options nosniff server cafe status 403 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin https://centrosulturismo.com.br access-control-allow-credentials true content-type text/html; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 125 x-xss-protection 0
GET H3-Q050	200	pubads_impl_rendering_2019013101.js Show response securepubads.g.doubleclick.net/gpt/	63 KB 23 KB	62ms 62ms	Script text/javascript	172.217.18.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019013101.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019013101.js?21063143 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 172.217.18.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s29-in-f2.1e100.net Software sffe / Resource Hash 4893b6ab6f829846b2d16d9b09bbcf9422f3719610bd61d2d4682a9115fb9ce1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 01 Sep 2020 20:18:07 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 04 Feb 2019 20:17:33 GMT server sffe vary Accept-Encoding content-type text/javascript status 200 cache-control private, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 23918 x-xss-protection 0 expires Tue, 01 Sep 2020 20:18:07 GMT
GET H2	200	container.html tpc.googlesyndication.com/safeframe/1-0-31/html/	0 0	6ms 6ms	Other text/html	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-31/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019013101.js?21063143 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers
GET H2	200	ga.js Show response ssl.google-analytics.com/	45 KB 17 KB	19ms 6ms	Script text/javascript	2a00:1450:4001:81c::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ssl.google-analytics.com/ga.js Requested by Host: centrosulturismo.com.br URL: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 19 Aug 2020 20:46:40 GMT server Golfe2 age 6855 date Tue, 01 Sep 2020 18:23:52 GMT vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=7200 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 17168 expires Tue, 01 Sep 2020 20:23:52 GMT
GET		ga.js www.google-analytics.com/	0 0
GET H3-Q050	200	__utm.gif ssl.google-analytics.com/r/	35 B 386 B	35ms 20ms	Image image/gif	2a00:1450:4001:81c::2008 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1431077927&utmhn=centrosulturismo.com.br&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Sign%20in%20%C2%B7%20Shaw&utmhid=1443264790&utmr=https%3A%2F%2Ftopthestory.com%2Fwp-content%2Fplugins%2Feyufoww%2Fdcjds.php%3Fhttps%3A%2F%2Fdox.net&utmp=%2Fwp-content%2Fplugins%2Fgoogle-analytics-for-wordpress%2Fassets%2Fcss%2Fimages%2F3%2FUpdate%2FShaw%2F&utmht=1598991487191&utmac=UA-6191386-23&utmcc=__utma%3D260021784.125302024.1598991487.1598991487.1598991487.1%3B%2B__utmz%3D260021784.1598991487.1.1.utmcsr%3Dtopthestory.com%7Cutmccn%3D(referral)%7Cutmcmd%3Dreferral%7Cutmcct%3D%2Fwp-content%2Fplugins%2Feyufoww%2Fdcjds.php%3B&utmjid=1551482615&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAQAAAAE~ Requested by Host: centrosulturismo.com.br URL: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/ Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Tue, 01 Sep 2020 20:18:07 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 status 200 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
GET		/ zn_djzxqpnjgabhfwh-shaw.siteintercept.qualtrics.com/SIE/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

zn_djzxqpnjgabhfwh-shaw.siteintercept.qualtrics.com

URL

https://zn_djzxqpnjgabhfwh-shaw.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_djzxQPnJgAbhfwh&Q_LOC=http%3A%2F%2Flocalhost%2Ftest%2F&t=1549684120333

Domain

www.googletagservices.com

URL

http://www.googletagservices.com/tag/js/gpt.js

Domain

tpc.googlesyndication.com

URL

http://tpc.googlesyndication.com/safeframe/1-0-32/html/container.html

Domain

www.google-analytics.com

URL

http://www.google-analytics.com/ga.js

Domain

zn_djzxqpnjgabhfwh-shaw.siteintercept.qualtrics.com

URL

https://zn_djzxqpnjgabhfwh-shaw.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_djzxQPnJgAbhfwh&Q_LOC=https%3A%2F%2Fcentrosulturismo.com.br%2Fwp-content%2Fplugins%2Fgoogle-analytics-for-wordpress%2Fassets%2Fcss%2Fimages%2F3%2FUpdate%2FShaw%2F&t=1598991487232

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Shaw (Telecommunication)

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes object| gptadslots object| googletag function| checkAd object| ggeac object| googleToken object| googleIMState object| google_js_reporting_queue object| GPT_jstiming undefined| google_measure_js_timing boolean| google_noFetch boolean| google_DisableInitialLoad number| __google_ad_urls_id number| google_unique_id object| closure_memoize_cache_ object| gaGlobal function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| $ function| jQuery object| Handlebars function| openChatWindow function| openEmailWindow boolean| supportsTransitions object| analyticsSignon object| analyticsRegisterForgot object| shaw function| init function| showTabs function| checkFailedLogin function| showTabsForRealms function| matchRealmsInRealmsArray function| showRealm function| manageCookie object| submitButton function| manageUserNameInput function| email function| occ function| shawDirect function| showEmailTabActive function| showOCCTabActive function| showShawdirectTabActive function| setAnchorFromURL object| jQuery17208212985088501683 object| html5 object| Modernizr function| yepnope function| displayError function| checkEmpty string| gaJsHost object| _gat object| _gaq object| pageTracker

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.centrosulturismo.com.br/	1970-01-19 12:09:53	Name: __utmb Value: 260021784.1.10.1598991487
			.centrosulturismo.com.br/	1970-01-19 12:09:52	Name: __utmt Value: 1
			.centrosulturismo.com.br/	1970-01-20 05:41:03	Name: __utma Value: 260021784.125302024.1598991487.1598991487.1598991487.1
			.centrosulturismo.com.br/	1970-01-19 16:32:39	Name: __utmz Value: 260021784.1598991487.1.1.utmcsr=topthestory.com|utmccn=(referral)|utmcmd=referral|utmcct=/wp-content/plugins/eyufoww/dcjds.php
			.centrosulturismo.com.br/	1969-12-31 23:59:59	Name: __utmc Value: 260021784

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.com.eg
centrosulturismo.com.br
securepubads.g.doubleclick.net
ssl.google-analytics.com
topthestory.com
tpc.googlesyndication.com
www.google-analytics.com
www.googletagservices.com
zn_djzxqpnjgabhfwh-shaw.siteintercept.qualtrics.com
tpc.googlesyndication.com
www.google-analytics.com
www.googletagservices.com
zn_djzxqpnjgabhfwh-shaw.siteintercept.qualtrics.com
149.210.165.197
172.217.18.162
191.6.205.41
2a00:1450:4001:808::2002
2a00:1450:4001:809::2001
2a00:1450:4001:815::2002
2a00:1450:4001:81c::2002
2a00:1450:4001:81c::2008
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0fb170f24675c84f8228ad6b61d69bf6705030949cc2fec316b3a006eab282f8
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1a00ec901bb235ad2a8211954f9b3b9aeb27223cc0dc157dfc8f38a288b998bc
1bd05e125ef3d7c1b11e6a2bd07459ef0dbeede76af3184812d9c3e34b10c27d
27c361265ec07215bcd0373d146e385e13bc62d35cda4f1310faad6dee9eb7b2
30b07af0c79b6241e9cd0ac1b56006cefb70b6204d9a1eb98a61b7b73e3fb7a5
3de0670375c8a9763362d95d2863c6e1e0360fa3f900c4e9b4b1a10194e3fe89
4893b6ab6f829846b2d16d9b09bbcf9422f3719610bd61d2d4682a9115fb9ce1
49416531519583e597dccc3856da2fa093b5e739baf9fda442b7047309e7f51c
4a57782e3a025dd4aef0918ddab21ffa7dc69777710836bd1f185ac77a468b37
4d9867046e990bd68ab027d5e92df3e32e5d72a09ec3ad0a791ddb8130d0017f
559ee5e3428563ea15e4eb0d6dd27632c7f18be5f576e27eb0d7e614d0faa3ad
5ac0d1a87ad5eccf2f71c70cad9a38a11e498cc395f2205d45dd7a4524c6582d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
90431299afc79f2f07c5bbbc64d9d9c6b3e0613db138e0e1675a5a400e3d3e2e
9fe1ecbc52e21d5ab2a3a7640d24eb67006b258dd684b5449c140a4699e0c872
b3ac405c96e1194eb6ab54b6676028c7380716aa5212a26f1572a845808abd5e
c0159d71bfd21f50878f12b283950402c6364354bcd559af9accc22191dddb5b
e0ad5458dbc7bf04431ba5aa06bbc9d2dcb984c22c419c4605a458c3e0c9db8b