helpdesk.culturainglesa.com.br Open in urlscan Pro
2a00:1450:4001:82b::2013  Public Scan

URL: https://helpdesk.culturainglesa.com.br/
Submission: On April 03 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 8 IPs in 1 countries across 5 domains to perform 38 HTTP transactions. The main IP is 2a00:1450:4001:82b::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is helpdesk.culturainglesa.com.br.
TLS certificate: Issued by GTS CA 1D4 on April 3rd 2024. Valid for: 3 months.
This is the only time helpdesk.culturainglesa.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
13 googleusercontent.com
lh6.googleusercontent.com — Cisco Umbrella Rank: 927
lh3.googleusercontent.com — Cisco Umbrella Rank: 54
lh4.googleusercontent.com — Cisco Umbrella Rank: 916
lh5.googleusercontent.com — Cisco Umbrella Rank: 202
483 KB
13 gstatic.com
www.gstatic.com
fonts.gstatic.com
586 KB
4 google.com
apis.google.com — Cisco Umbrella Rank: 132
play.google.com — Cisco Umbrella Rank: 41
114 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 38
4 KB
3 culturainglesa.com.br
helpdesk.culturainglesa.com.br
17 KB
38 5
Domain Requested by
8 www.gstatic.com helpdesk.culturainglesa.com.br
www.gstatic.com
5 fonts.gstatic.com fonts.googleapis.com
5 lh3.googleusercontent.com helpdesk.culturainglesa.com.br
4 lh6.googleusercontent.com helpdesk.culturainglesa.com.br
3 lh5.googleusercontent.com helpdesk.culturainglesa.com.br
3 fonts.googleapis.com helpdesk.culturainglesa.com.br
3 helpdesk.culturainglesa.com.br www.gstatic.com
2 play.google.com www.gstatic.com
2 apis.google.com helpdesk.culturainglesa.com.br
apis.google.com
1 lh4.googleusercontent.com helpdesk.culturainglesa.com.br
38 10
Subject Issuer Validity Valid
helpdesk.culturainglesa.com.br
GTS CA 1D4
2024-04-03 -
2024-07-02
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
*.apis.google.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
*.googleusercontent.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
*.google.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh

This page contains 1 frames:

Primary Page: https://helpdesk.culturainglesa.com.br/
Frame ID: 7BCA6FC06E389853F7D7B089F30E409D
Requests: 36 HTTP requests in this frame

Screenshot

Page Title

InĂ­cio

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js

Page Statistics

38
Requests

95 %
HTTPS

100 %
IPv6

5
Domains

10
Subdomains

8
IPs

1
Countries

1203 kB
Transfer

3327 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
helpdesk.culturainglesa.com.br/
80 KB
16 KB
Document
General
Full URL
https://helpdesk.culturainglesa.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c874cb9565cc5b1e593d868395551662be3300c013d1cfa3c183a94c020c7396
Security Headers
Name Value
Content-Security-Policy base-uri 'self';object-src 'none';report-uri /_/view/cspreport;script-src 'report-sample' 'nonce-yTs2hLjxAfBx0KjdXHtL3Q' 'unsafe-inline' 'unsafe-eval';worker-src 'self';frame-ancestors https://google-admin.corp.google.com/
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
base-uri 'self';object-src 'none';report-uri /_/view/cspreport;script-src 'report-sample' 'nonce-yTs2hLjxAfBx0KjdXHtL3Q' 'unsafe-inline' 'unsafe-eval';worker-src 'self';frame-ancestors https://google-admin.corp.google.com/
content-type
text/html; charset=utf-8
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
same-site
date
Wed, 03 Apr 2024 23:48:56 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
reporting-endpoints
default="/web-reports?jobset=prod&context=eJwNw3tMjXEYB_Cn3_u8atWohHW1Y2hFi_VHrTpdziXExtL83rnEEFKLdFsx3bSsNGStWuwQVlu1TrlUmxHZiLW5rJXNRpRpmHU5Oo1Ovp_t41ribHGR1OEmaZe3pBR8skpSVoWk8xhZI2krel6RpENHg6SljZK4WZI3GrslhT6QpMdjLyTl49igpClMG5KUhy_fSBpF-UnScdwxIWk_DvyU9B6vz0pqR8u8pE5Md0gqxHvuGg1gqo9GWfjXTyM3f41mAzTiQI3y1mpUgb5BGoXgZLxG83jErFEOFmAlhqdqZMSVhzRaj0HZGkVg-hmNCrEpT6M2jNowQg5csnGEAnH5gSnhh8knpsReXF07LYLwV_20sGHcl2mxBTuKZ8QDDAqziTCs2GQTNfi71CbmsDBjTpTiYIxdvMVHert4jk0JdnEb_6TZhQNbquyiEw-_mhcn8X74P_EIW84tiE5sSHaIm5hFiyIf7f6LggIWxVUPUhpxxylSUrBmnJQ6fJgjlMdYPCSUSpz_LBSnMaHsVBRFovdrRfHHpGXRnIyeJdHsg3cmo7kdw2zRHIGiIYZdsa89hp9ipkHPubjQpWe1W89Wn1juRa_wWPbFsqOxXIVr1DgOwYdaHD_GqME4NqAuI56D0aUtnj3Qpz6BdSiuGdgVe9sM3I-7nxl4H9adNvINPJJv5AzUnTVyMG4uN3ICCquRXbF12MhWzNKZOB9XVJs4AO_2mbgDy_tNXI3NEybuxswfJs7FKtXMtbgu28yhaLCYOQkvfDPzJYw8mMjLahN5FYZd3sIRuP3dVt6NX7228Q8sLtrGldiqJrEVPzon8Th-KLOoYzjaY1E_Y9HYTbUMu0ZvqX24OHNb9XJ3-T7cY13icbGzqdTJl_ekpxX8ByboPS0&browser-version=%22Google+Chrome%22;v%3D%22123.0.6312.105%22,+%22Not:A-Brand%22;v%3D%228.0.0.0%22,+%22Chromium%22;v%3D%22123.0.6312.105%22"
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
0
css
fonts.googleapis.com/
5 KB
599 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato%3A300%2C300italic%2C400%2C400italic%2C700%2C700italic&display=swap
Requested by
Host: helpdesk.culturainglesa.com.br
URL: https://helpdesk.culturainglesa.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b182db1057f945fffa546ba81b50550db742f6007c3298d9a2ffc5a8b9472f91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://helpdesk.culturainglesa.com.br/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 03 Apr 2024 23:48:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 03 Apr 2024 22:10:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 03 Apr 2024 23:48:56 GMT
css
fonts.googleapis.com/
29 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,500,700|Source+Code+Pro:400,700&display=swap
Requested by
Host: helpdesk.culturainglesa.com.br
URL: https://helpdesk.culturainglesa.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c886f70fd06ee5bf0b7087f389154f625c98d079d42dc4a1964f5bb1ba3330bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://helpdesk.culturainglesa.com.br/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 03 Apr 2024 23:48:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 03 Apr 2024 22:17:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 03 Apr 2024 23:48:56 GMT
css
fonts.googleapis.com/
9 KB
922 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3Ai%2Cbi%2C700%2C400&display=swap
Requested by
Host: helpdesk.culturainglesa.com.br
URL: https://helpdesk.culturainglesa.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7496131a4690cdb91535798ada8dd5192f3c95b2fdee10917d69718e07a8d506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://helpdesk.culturainglesa.com.br/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 03 Apr 2024 23:48:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 03 Apr 2024 23:28:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 03 Apr 2024 23:48:56 GMT
rs=AGEqA5lB_Bc414MGF8UO-oS4paB5yU88iw
www.gstatic.com/_/atari/_/ss/k=atari.vw.aNBqh-ovrTs.L.W.O/am=wA/d=1/
1 MB
171 KB
Stylesheet
General
Full URL
https://www.gstatic.com/_/atari/_/ss/k=atari.vw.aNBqh-ovrTs.L.W.O/am=wA/d=1/rs=AGEqA5lB_Bc414MGF8UO-oS4paB5yU88iw
Requested by
Host: helpdesk.culturainglesa.com.br
URL: https://helpdesk.culturainglesa.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f2c381262f1c311667518fad4238aeefe727663166677e02334d48e02509c53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://helpdesk.culturainglesa.com.br/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 10:01:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
136021
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
174834
x-xss-protection
0
last-modified
Tue, 26 Mar 2024 09:11:59 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
expires
Wed, 02 Apr 2025 10:01:55 GMT
client.js
apis.google.com/js/
15 KB
6 KB
Script
General
Full URL
https://apis.google.com/js/client.js?onload=gapiLoaded
Requested by
Host: helpdesk.culturainglesa.com.br
URL: https://helpdesk.culturainglesa.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
656eb34679674f00c6eab87c8d5b54bd01564c6ce4ee0e3fece4283bb2acc7f7
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://helpdesk.culturainglesa.com.br/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 03 Apr 2024 23:48:56 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5900
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"af05a36f373b161c"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 Apr 2024 23:48:56 GMT
hgNM7HsTiXT61GXh21K3-kxkiN7h93gVV0ikMZmc980LT2mKoEEI1wEDhqZvePkZtx2Zo5X0-dyBXPKvpgAzsIA=w16383
lh6.googleusercontent.com/
67 KB
68 KB
Image
General
Full URL
https://lh6.googleusercontent.com/hgNM7HsTiXT61GXh21K3-kxkiN7h93gVV0ikMZmc980LT2mKoEEI1wEDhqZvePkZtx2Zo5X0-dyBXPKvpgAzsIA=w16383
Requested by
Host: helpdesk.culturainglesa.com.br
URL: https://helpdesk.culturainglesa.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
ed79882676d3253ab99f0896ef08c3958377df4ffe4f89b7a5dc723de49ecd42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://helpdesk.culturainglesa.com.br/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 23:48:56 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="logo.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69014
x-xss-protection
0
expires
Thu, 04 Apr 2024 23:48:56 GMT
uT-YINaCMVd66VvGqfrPZ-Z7WNeGan0Rv6ZskCkcQ6hupsv11c4x06PRnWqNyebJOKN610mZcCtjCfdqom0bbXU35_SwZ2y1zQoWlZTFudECSkSFVN1-fldaP6dyoIgsAw=w1280
lh6.googleusercontent.com/
34 KB
34 KB
Image
General
Full URL
https://lh6.googleusercontent.com/uT-YINaCMVd66VvGqfrPZ-Z7WNeGan0Rv6ZskCkcQ6hupsv11c4x06PRnWqNyebJOKN610mZcCtjCfdqom0bbXU35_SwZ2y1zQoWlZTFudECSkSFVN1-fldaP6dyoIgsAw=w1280
Requested by
Host: helpdesk.culturainglesa.com.br
URL: https://helpdesk.culturainglesa.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
e4880503a8cac70fb9e6a2c8f83aa871a920c09c5ae665100a8c8736605bc3ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://helpdesk.culturainglesa.com.br/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 23:48:56 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="logocinza.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34496
x-xss-protection
0
expires
Thu, 04 Apr 2024 23:48:56 GMT
0WYnUFy78QSW9ahA-ddacvyuW08GkUp0AkANI-Xk2h_Q1i0pMOr6fcOTaADw9Zh-j1jKVqJVWgKMH2x1KqTOyNnNfiEsDzgjRjuf0W7QVIfXhrxMePnaBGj9dGzvH9DfmA=w1280
lh3.googleusercontent.com/
63 KB
63 KB
Image
General
Full URL
https://lh3.googleusercontent.com/0WYnUFy78QSW9ahA-ddacvyuW08GkUp0AkANI-Xk2h_Q1i0pMOr6fcOTaADw9Zh-j1jKVqJVWgKMH2x1KqTOyNnNfiEsDzgjRjuf0W7QVIfXhrxMePnaBGj9dGzvH9DfmA=w1280
Requested by
Host: helpdesk.culturainglesa.com.br
URL: https://helpdesk.culturainglesa.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
b3da8f678786d8f197fce68af80ca10b9a6a50f22782a04c455a2dc0c79665e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://helpdesk.culturainglesa.com.br/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 23:48:56 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="filiais.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64121
x-xss-protection
0
expires
Thu, 04 Apr 2024 23:48:56 GMT
IE5V9jh2rU8Ydpz-HQrPa2L1TjWzC3A9qEIUeACivVAaqHVeev16WiqOsgRBrfvMjmNKB0jVqmQpgQRBp_7iHJJElVvsDni9NEKW8owu4kgrpP7hwyGgOCjjtwM30QChEg=w1280
lh3.googleusercontent.com/
87 KB
87 KB
Image
General
Full URL
https://lh3.googleusercontent.com/IE5V9jh2rU8Ydpz-HQrPa2L1TjWzC3A9qEIUeACivVAaqHVeev16WiqOsgRBrfvMjmNKB0jVqmQpgQRBp_7iHJJElVvsDni9NEKW8owu4kgrpP7hwyGgOCjjtwM30QChEg=w1280
Requested by
Host: helpdesk.culturainglesa.com.br
URL: https://helpdesk.culturainglesa.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
ec311489b2b8fb60238599b92b8e5153d5b9c5934cb2db491fb0f583e039f20f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://helpdesk.culturainglesa.com.br/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 23:48:57 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="helpdesk.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
88799
x-xss-protection
0
expires
Thu, 04 Apr 2024 23:48:57 GMT
a_9uMevBCjPcMG6KkZdqsNf2U_9FX48Rmm7xTKNJZm2IxvBxXAHB5JbNOZg6ilhBLpNz3-QakcmumR4PO0tUx-G_5IFJywIwMkWE1w1dN2bIIJhz16ivzVaAtYZBy7DUAQ=w1280
lh4.googleusercontent.com/
8 KB
8 KB
Image
General
Full URL
https://lh4.googleusercontent.com/a_9uMevBCjPcMG6KkZdqsNf2U_9FX48Rmm7xTKNJZm2IxvBxXAHB5JbNOZg6ilhBLpNz3-QakcmumR4PO0tUx-G_5IFJywIwMkWE1w1dN2bIIJhz16ivzVaAtYZBy7DUAQ=w1280
Requested by
Host: helpdesk.culturainglesa.com.br
URL: https://helpdesk.culturainglesa.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
04c9cf2c2ad9dd2e13c68f198a0b13f0d1e588b53d5b0033444fcf15e2fd91ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://helpdesk.culturainglesa.com.br/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 23:48:56 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Sem T_tulo-2.jpg";filename*=UTF-8''Sem%20T%C3%ADtulo-2.jpg
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8359
x-xss-protection
0
expires
Thu, 04 Apr 2024 23:48:56 GMT
ep3U2PlmqdvZQz3lXGnSsEH8OL7T3OJ7a8az5eeNszDDVzgsIHrXNRadRZtYgdF27qExbNNc4Co2iSDonEP8B_vm-FN_7naCNNBdc6cVIVjLN3RYRHuEF-_32aNgilk73w=w1280
lh3.googleusercontent.com/
9 KB
9 KB
Image
General
Full URL
https://lh3.googleusercontent.com/ep3U2PlmqdvZQz3lXGnSsEH8OL7T3OJ7a8az5eeNszDDVzgsIHrXNRadRZtYgdF27qExbNNc4Co2iSDonEP8B_vm-FN_7naCNNBdc6cVIVjLN3RYRHuEF-_32aNgilk73w=w1280
Requested by
Host: helpdesk.culturainglesa.com.br
URL: https://helpdesk.culturainglesa.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
e7476b59cc318163716d5dc4058800484af9e960599758f85df9a6ad0057568b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://helpdesk.culturainglesa.com.br/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 23:48:56 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Sem T_tulo-3.jpg";filename*=UTF-8''Sem%20T%C3%ADtulo-3.jpg
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9341
x-xss-protection
0
expires
Thu, 04 Apr 2024 23:48:56 GMT
acgFXAiuAt6ZJdOOjrNsMvW_aXDjW_3X9RjvsPPWdjh4YZYY-RTg26pgB84Vb5LMksB8VLaWkuqpDvD_doN_-M_ImaZQ1CfBihgZefEjKgiNoDAiPukRvBE8SHGp311xXw=w1280
lh5.googleusercontent.com/
5 KB
6 KB
Image
General
Full URL
https://lh5.googleusercontent.com/acgFXAiuAt6ZJdOOjrNsMvW_aXDjW_3X9RjvsPPWdjh4YZYY-RTg26pgB84Vb5LMksB8VLaWkuqpDvD_doN_-M_ImaZQ1CfBihgZefEjKgiNoDAiPukRvBE8SHGp311xXw=w1280
Requested by
Host: helpdesk.culturainglesa.com.br
URL: https://helpdesk.culturainglesa.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
8339038571bf3de667f98759eec0b460b9b0d4ccdb186ccce1aa74e39d5b2fd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://helpdesk.culturainglesa.com.br/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 23:48:56 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Sem T_tulo-4.jpg";filename*=UTF-8''Sem%20T%C3%ADtulo-4.jpg
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5570
x-xss-protection
0
expires
Thu, 04 Apr 2024 23:48:56 GMT
kfTGJhhCSlQfqLveGDNzs5_0mRGJbfl9gd6skYh1i20ZBObdj9E_gyTetAwKHJbsxcpJW57K_iiIJqZelNgc8hqsWKRK5TXvRdZo3ntFSmNIHoW5Bzzb5zJ1GgRMq8nRyg=w1280
lh5.googleusercontent.com/
6 KB
6 KB
Image
General
Full URL
https://lh5.googleusercontent.com/kfTGJhhCSlQfqLveGDNzs5_0mRGJbfl9gd6skYh1i20ZBObdj9E_gyTetAwKHJbsxcpJW57K_iiIJqZelNgc8hqsWKRK5TXvRdZo3ntFSmNIHoW5Bzzb5zJ1GgRMq8nRyg=w1280
Requested by
Host: helpdesk.culturainglesa.com.br
URL: https://helpdesk.culturainglesa.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
ac0aacd474ba6efdf3d228a165a03efc05d2c4ff9df1ed08c4e38b4be38339fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://helpdesk.culturainglesa.com.br/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 23:48:56 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Sem T_tulo-5.jpg";filename*=UTF-8''Sem%20T%C3%ADtulo-5.jpg
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6313
x-xss-protection
0
expires
Thu, 04 Apr 2024 23:48:56 GMT
m=view
www.gstatic.com/_/atari/_/js/k=atari.vw.de.SpYBwx_KUXE.O/am=wA/d=1/rs=AGEqA5kUDCvetgwUvXLc1dDFRFOkaeSJ2Q/
619 KB
210 KB
Script
General
Full URL
https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.SpYBwx_KUXE.O/am=wA/d=1/rs=AGEqA5kUDCvetgwUvXLc1dDFRFOkaeSJ2Q/m=view
Requested by
Host: helpdesk.culturainglesa.com.br
URL: https://helpdesk.culturainglesa.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aacc746c64c9345ca80deabcfd375e1e8a5ce8ddf4e093cdc5863911d4d719
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://helpdesk.culturainglesa.com.br/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 10:08:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
135624
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
214379
x-xss-protection
0
last-modified
Tue, 26 Mar 2024 07:31:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
expires
Wed, 02 Apr 2025 10:08:32 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.DmKSjbfBf88.O/m=client/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo-1sKxGL8sRzWrtmJiushZXqdt0HA/
315 KB
108 KB
Script
General
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.DmKSjbfBf88.O/m=client/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo-1sKxGL8sRzWrtmJiushZXqdt0HA/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/client.js?onload=gapiLoaded
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af0fdb4822dfe1d66ee5cb1cc5670f5794b3231585d299f48180ac02d7f96dbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://helpdesk.culturainglesa.com.br/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 10:36:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
393120
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110026
x-xss-protection
0
last-modified
Fri, 01 Mar 2024 15:19:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 30 Mar 2025 10:36:56 GMT
IyhkbVslTnJcF9W-LiTK9t5RJdqPMw2yj8p1OGhPox-GA2zgCNB4w8m8F65G472Cca4Sao0tyxfmaNmhk47zHYA=w16383
lh6.googleusercontent.com/
44 KB
44 KB
Image
General
Full URL
https://lh6.googleusercontent.com/IyhkbVslTnJcF9W-LiTK9t5RJdqPMw2yj8p1OGhPox-GA2zgCNB4w8m8F65G472Cca4Sao0tyxfmaNmhk47zHYA=w16383
Requested by
Host: helpdesk.culturainglesa.com.br
URL: https://helpdesk.culturainglesa.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
45c4e7c770e2424a8ff8d9d1cd21b38e1cdce54c8279d71279e878f630efc8c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://helpdesk.culturainglesa.com.br/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 23:48:56 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="fundo.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44713
x-xss-protection
0
expires
Thu, 04 Apr 2024 23:48:56 GMT
amN-DB-y8gKqowtu0F0btvrFGbwXnL3MHkKzkDu0Bj7dNcZknpKNV1hFHygqZ1FI_SoIs-QG6xS4oFet_SFHUe8=w16383
lh3.googleusercontent.com/
74 KB
74 KB
Image
General
Full URL
https://lh3.googleusercontent.com/amN-DB-y8gKqowtu0F0btvrFGbwXnL3MHkKzkDu0Bj7dNcZknpKNV1hFHygqZ1FI_SoIs-QG6xS4oFet_SFHUe8=w16383
Requested by
Host: helpdesk.culturainglesa.com.br
URL: https://helpdesk.culturainglesa.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
fd897671a2e278d658b79a4de3c1c4520e0269a37d8d49216bfc4c5090a4ac0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://helpdesk.culturainglesa.com.br/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 23:48:56 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="satisfacao_helpdesk.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75489
x-xss-protection
0
expires
Thu, 04 Apr 2024 23:48:56 GMT
dDj5kBZrpmA2xZacAxpM5PO6LmSDBBYVlIhS21XuESBRu43xIlfhJY2er45s_gmBAKEfufhPsXTL9jgwrjdX3qU=w16383
lh3.googleusercontent.com/
46 KB
46 KB
Image
General
Full URL
https://lh3.googleusercontent.com/dDj5kBZrpmA2xZacAxpM5PO6LmSDBBYVlIhS21XuESBRu43xIlfhJY2er45s_gmBAKEfufhPsXTL9jgwrjdX3qU=w16383
Requested by
Host: helpdesk.culturainglesa.com.br
URL: https://helpdesk.culturainglesa.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
6e7cc4a181df02d3c23390e6be814cbbbf815fd7ded0b6cf9a1a29c127f51dc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://helpdesk.culturainglesa.com.br/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 23:48:56 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="helpdesk_ajuda.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46919
x-xss-protection
0
expires
Thu, 04 Apr 2024 23:48:56 GMT
yvolLvv5IHhdCOZnt497LSoolOkfuZXB7LgVid4Is7UK-4yCRD3hQAPNBDhC0E61SOb50DfmB2WargJMFXw9ew=w16383
lh5.googleusercontent.com/
36 KB
36 KB
Image
General
Full URL
https://lh5.googleusercontent.com/yvolLvv5IHhdCOZnt497LSoolOkfuZXB7LgVid4Is7UK-4yCRD3hQAPNBDhC0E61SOb50DfmB2WargJMFXw9ew=w16383
Requested by
Host: helpdesk.culturainglesa.com.br
URL: https://helpdesk.culturainglesa.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
180ac4fdd018222c3e675cf92bbe619efda9e027d81974b4134f5d2acff02b8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://helpdesk.culturainglesa.com.br/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 23:48:56 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="fundo_rodape.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36960
x-xss-protection
0
expires
Thu, 04 Apr 2024 23:48:56 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,500,700|Source+Code+Pro:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://helpdesk.culturainglesa.com.br
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 04:10:19 GMT
x-content-type-options
nosniff
age
157117
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Apr 2025 04:10:19 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/
33 KB
33 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,500,700|Source+Code+Pro:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://helpdesk.culturainglesa.com.br
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 03:48:43 GMT
x-content-type-options
nosniff
age
417613
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Mar 2025 03:48:43 GMT
S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A300%2C300italic%2C400%2C400italic%2C700%2C700italic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://helpdesk.culturainglesa.com.br
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 09:10:08 GMT
x-content-type-options
nosniff
age
398328
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23236
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Mar 2025 09:10:08 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A300%2C300italic%2C400%2C400italic%2C700%2C700italic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://helpdesk.culturainglesa.com.br
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 07:36:31 GMT
x-content-type-options
nosniff
age
403945
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Mar 2025 07:36:31 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,500,700|Source+Code+Pro:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://helpdesk.culturainglesa.com.br
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 01:17:56 GMT
x-content-type-options
nosniff
age
167460
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Apr 2025 01:17:56 GMT
m=sy1b,sy1c,sy1a,FoQBg
www.gstatic.com/_/atari/_/js/k=atari.vw.de.SpYBwx_KUXE.O/am=wA/d=0/rs=AGEqA5kUDCvetgwUvXLc1dDFRFOkaeSJ2Q/
37 KB
13 KB
Script
General
Full URL
https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.SpYBwx_KUXE.O/am=wA/d=0/rs=AGEqA5kUDCvetgwUvXLc1dDFRFOkaeSJ2Q/m=sy1b,sy1c,sy1a,FoQBg
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.SpYBwx_KUXE.O/am=wA/d=1/rs=AGEqA5kUDCvetgwUvXLc1dDFRFOkaeSJ2Q/m=view
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08930603cdcdc642123bf61683ffd9a27563d6a188bb2245185d45cea8207b32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://helpdesk.culturainglesa.com.br/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 10:08:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
135624
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12856
x-xss-protection
0
last-modified
Tue, 26 Mar 2024 07:31:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
expires
Wed, 02 Apr 2025 10:08:32 GMT
m=sy2y,TRvtze
www.gstatic.com/_/atari/_/js/k=atari.vw.de.SpYBwx_KUXE.O/am=wA/d=0/rs=AGEqA5kUDCvetgwUvXLc1dDFRFOkaeSJ2Q/
855 B
531 B
Script
General
Full URL
https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.SpYBwx_KUXE.O/am=wA/d=0/rs=AGEqA5kUDCvetgwUvXLc1dDFRFOkaeSJ2Q/m=sy2y,TRvtze
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.SpYBwx_KUXE.O/am=wA/d=1/rs=AGEqA5kUDCvetgwUvXLc1dDFRFOkaeSJ2Q/m=view
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48b5de17f8b9c28005c168e9b4d9738be7bc0fd9240640db6113bb6b1de04f98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://helpdesk.culturainglesa.com.br/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 10:08:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
135624
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
505
x-xss-protection
0
last-modified
Tue, 26 Mar 2024 07:31:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
expires
Wed, 02 Apr 2025 10:08:32 GMT
m=MpJwZc,n73qwf,A4UTCb,mzzZzc,CHCSlb,qAKInc,HIeYee,QxOCld,sy2z,abQiW,syv,PVlQOd,NPKaK,sy5,BVgquf,fmklff,TGYpv,syj,ruhlUe,KUM7Z,zPx2U,qEW1W,oNFsLb,sy3v,yxTchf,sy3w,sy3x,xQtZb,yf2Bs,sy2,sy9,yyxWAc,qd...
www.gstatic.com/_/atari/_/js/k=atari.vw.de.SpYBwx_KUXE.O/am=wA/d=0/rs=AGEqA5kUDCvetgwUvXLc1dDFRFOkaeSJ2Q/
70 KB
25 KB
Script
General
Full URL
https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.SpYBwx_KUXE.O/am=wA/d=0/rs=AGEqA5kUDCvetgwUvXLc1dDFRFOkaeSJ2Q/m=MpJwZc,n73qwf,A4UTCb,mzzZzc,CHCSlb,qAKInc,HIeYee,QxOCld,sy2z,abQiW,syv,PVlQOd,NPKaK,sy5,BVgquf,fmklff,TGYpv,syj,ruhlUe,KUM7Z,zPx2U,qEW1W,oNFsLb,sy3v,yxTchf,sy3w,sy3x,xQtZb,yf2Bs,sy2,sy9,yyxWAc,qddgKe,sy31,SM1lmd,sy7,sy6,syw,RRzQxe,sy8,syb,sy28,syk,sya,fNFZH,sy30,syl,RrXLpc,cgRV2c,syy,sy1q,o1L5Wb,X4BaPc,syf,sy14,Md9ENb
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.SpYBwx_KUXE.O/am=wA/d=1/rs=AGEqA5kUDCvetgwUvXLc1dDFRFOkaeSJ2Q/m=view
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fadc609f447654fbe00a5ab04186536846e7aea76113fbcf8953a7fe19ab84f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://helpdesk.culturainglesa.com.br/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 10:23:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
134743
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25140
x-xss-protection
0
last-modified
Tue, 26 Mar 2024 07:31:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
expires
Wed, 02 Apr 2025 10:23:13 GMT
m=sy2u,IZT63,vfuNJf,sy3j,sy3n,sy3p,sy40,sy3y,sy3z,siKnQd,sy3f,sy3h,sy3o,sy3q,sy2v,YNjGDd,sy3r,PrPYRd,iFQyKf,hc6Ubd,sy41,SpsfSb,sy3k,sy3m,wR5FRb,pXdRYb,dIoSBb,zbML3c
www.gstatic.com/_/atari/_/js/k=atari.vw.de.SpYBwx_KUXE.O/am=wA/d=0/rs=AGEqA5kUDCvetgwUvXLc1dDFRFOkaeSJ2Q/
29 KB
10 KB
Script
General
Full URL
https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.SpYBwx_KUXE.O/am=wA/d=0/rs=AGEqA5kUDCvetgwUvXLc1dDFRFOkaeSJ2Q/m=sy2u,IZT63,vfuNJf,sy3j,sy3n,sy3p,sy40,sy3y,sy3z,siKnQd,sy3f,sy3h,sy3o,sy3q,sy2v,YNjGDd,sy3r,PrPYRd,iFQyKf,hc6Ubd,sy41,SpsfSb,sy3k,sy3m,wR5FRb,pXdRYb,dIoSBb,zbML3c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.SpYBwx_KUXE.O/am=wA/d=1/rs=AGEqA5kUDCvetgwUvXLc1dDFRFOkaeSJ2Q/m=view
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b36877cf6804d31658e450c2f57216868d3b83935ec27a90c4ee30d208c925e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://helpdesk.culturainglesa.com.br/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 10:08:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
135624
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10702
x-xss-protection
0
last-modified
Tue, 26 Mar 2024 07:31:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
expires
Wed, 02 Apr 2025 10:08:32 GMT
m=NTMZac,m9oV,rCcCxc,RAnnUd,nAFL3,sy2t,gJzDyc,sy32,sy33,uu7UOe,sy34,soHxf,sy35,uY3Nvd,syt,sys,sy1u,sy2n,HYv29e
www.gstatic.com/_/atari/_/js/k=atari.vw.de.SpYBwx_KUXE.O/am=wA/d=0/rs=AGEqA5kUDCvetgwUvXLc1dDFRFOkaeSJ2Q/
87 KB
29 KB
Script
General
Full URL
https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.SpYBwx_KUXE.O/am=wA/d=0/rs=AGEqA5kUDCvetgwUvXLc1dDFRFOkaeSJ2Q/m=NTMZac,m9oV,rCcCxc,RAnnUd,nAFL3,sy2t,gJzDyc,sy32,sy33,uu7UOe,sy34,soHxf,sy35,uY3Nvd,syt,sys,sy1u,sy2n,HYv29e
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.SpYBwx_KUXE.O/am=wA/d=1/rs=AGEqA5kUDCvetgwUvXLc1dDFRFOkaeSJ2Q/m=view
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db2c90a4ba2ff964db7cfc03f36a5bd5a2df7d869d21f787191ebcb484a2879f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://helpdesk.culturainglesa.com.br/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 10:09:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
135575
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29227
x-xss-protection
0
last-modified
Tue, 26 Mar 2024 07:31:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
expires
Wed, 02 Apr 2025 10:09:21 GMT
log
play.google.com/
0
0
Preflight
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://helpdesk.culturainglesa.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
http://play.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 03 Apr 2024 23:48:56 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/
0
0

m=sy16,sy11,sy12,sy13,sy15,fuVYe,vVEdxc,sy17,sy18,sy19,CG0Qwb
www.gstatic.com/_/atari/_/js/k=atari.vw.de.SpYBwx_KUXE.O/am=wA/d=0/rs=AGEqA5kUDCvetgwUvXLc1dDFRFOkaeSJ2Q/
45 KB
17 KB
Script
General
Full URL
https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.SpYBwx_KUXE.O/am=wA/d=0/rs=AGEqA5kUDCvetgwUvXLc1dDFRFOkaeSJ2Q/m=sy16,sy11,sy12,sy13,sy15,fuVYe,vVEdxc,sy17,sy18,sy19,CG0Qwb
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.SpYBwx_KUXE.O/am=wA/d=1/rs=AGEqA5kUDCvetgwUvXLc1dDFRFOkaeSJ2Q/m=view
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bada09173c4ce53b91446b7bc8eb5ad3ab2bc4508fc4c89b85d7bfa36a1449b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://helpdesk.culturainglesa.com.br/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 10:09:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
135575
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17778
x-xss-protection
0
last-modified
Tue, 26 Mar 2024 07:31:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
expires
Wed, 02 Apr 2025 10:09:21 GMT
logImpressions
helpdesk.culturainglesa.com.br/_/view/
16 B
221 B
XHR
General
Full URL
https://helpdesk.culturainglesa.com.br/_/view/logImpressions?authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.SpYBwx_KUXE.O/am=wA/d=1/rs=AGEqA5kUDCvetgwUvXLc1dDFRFOkaeSJ2Q/m=view
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8d47b4a1cc0393424720bded5988a28f4e9146fd265ecb416b79cf0d6ac81f6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://helpdesk.culturainglesa.com.br/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 03 Apr 2024 23:48:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
same-site
content-disposition
attachment; filename="response.bin"; filename*=UTF-8''response.bin
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
20PP4l-SqrJPbgNuxqMYut9hb6OWgCEr6C3B6FjDZYNFi3uQxUZdbd0iwSMBi_8fYpOlzVwsH9LfJsRxiQ9E74E-gxWRzIkb4svkAvWQL_f9zA
lh6.googleusercontent.com/
2 KB
3 KB
Other
General
Full URL
https://lh6.googleusercontent.com/20PP4l-SqrJPbgNuxqMYut9hb6OWgCEr6C3B6FjDZYNFi3uQxUZdbd0iwSMBi_8fYpOlzVwsH9LfJsRxiQ9E74E-gxWRzIkb4svkAvWQL_f9zA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
b5c312805c377cb83e6825201785febedd2102572cdd3a7bae09ff73bb1aefec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://helpdesk.culturainglesa.com.br/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 23:48:57 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="favicon.ico.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2531
x-xss-protection
0
expires
Thu, 04 Apr 2024 23:48:57 GMT
log
play.google.com/
0
0
Preflight
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://helpdesk.culturainglesa.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
http://play.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 03 Apr 2024 23:48:59 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/
0
0

logImpressions
helpdesk.culturainglesa.com.br/_/view/
16 B
117 B
XHR
General
Full URL
https://helpdesk.culturainglesa.com.br/_/view/logImpressions?authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.SpYBwx_KUXE.O/am=wA/d=1/rs=AGEqA5kUDCvetgwUvXLc1dDFRFOkaeSJ2Q/m=view
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8d47b4a1cc0393424720bded5988a28f4e9146fd265ecb416b79cf0d6ac81f6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://helpdesk.culturainglesa.com.br/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 03 Apr 2024 23:48:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
same-site
content-disposition
attachment; filename="response.bin"; filename*=UTF-8''response.bin
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
play.google.com
URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Domain
play.google.com
URL
https://play.google.com/log?format=json&hasfast=true&authuser=0

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| DOCS_timing function| _DumpException object| _docs_flag_initialData object| _docs_flag_cek function| gapiLoaded object| _at_config object| globals object| messages object| gapi object| ___jsl function| bgImgLoaded object| _F_toggles object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| googleapis object| default_vw function| _F_installCss object| _bind object| closure_lm_195209 function| litHtmlPolyfillSupport function| reactiveElementPolyfillSupport function| litElementPolyfillSupport object| litHtmlVersions object| litElementVersions object| reactiveElementVersions function| _getTimingInstance function| _docsTiming

0 Cookies

4 Console Messages

Source Level URL
Text
javascript error URL: https://helpdesk.culturainglesa.com.br/
Message:
Access to XMLHttpRequest at 'https://play.google.com/log?format=json&hasfast=true&authuser=0' from origin 'https://helpdesk.culturainglesa.com.br' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The 'Access-Control-Allow-Origin' header has a value 'http://play.google.com' that is not equal to the supplied origin.
network error URL: https://play.google.com/log?format=json&hasfast=true&authuser=0
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://helpdesk.culturainglesa.com.br/
Message:
Access to XMLHttpRequest at 'https://play.google.com/log?format=json&hasfast=true&authuser=0' from origin 'https://helpdesk.culturainglesa.com.br' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The 'Access-Control-Allow-Origin' header has a value 'http://play.google.com' that is not equal to the supplied origin.
network error URL: https://play.google.com/log?format=json&hasfast=true&authuser=0
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy base-uri 'self';object-src 'none';report-uri /_/view/cspreport;script-src 'report-sample' 'nonce-yTs2hLjxAfBx0KjdXHtL3Q' 'unsafe-inline' 'unsafe-eval';worker-src 'self';frame-ancestors https://google-admin.corp.google.com/
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apis.google.com
fonts.googleapis.com
fonts.gstatic.com
helpdesk.culturainglesa.com.br
lh3.googleusercontent.com
lh4.googleusercontent.com
lh5.googleusercontent.com
lh6.googleusercontent.com
play.google.com
www.gstatic.com
play.google.com
2a00:1450:4001:802::200a
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:82b::2013
2a00:1450:4001:830::200e
2a00:1450:4001:831::2001
2a00:1450:4001:831::2003
04c9cf2c2ad9dd2e13c68f198a0b13f0d1e588b53d5b0033444fcf15e2fd91ad
08930603cdcdc642123bf61683ffd9a27563d6a188bb2245185d45cea8207b32
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
180ac4fdd018222c3e675cf92bbe619efda9e027d81974b4134f5d2acff02b8e
45c4e7c770e2424a8ff8d9d1cd21b38e1cdce54c8279d71279e878f630efc8c2
48b5de17f8b9c28005c168e9b4d9738be7bc0fd9240640db6113bb6b1de04f98
656eb34679674f00c6eab87c8d5b54bd01564c6ce4ee0e3fece4283bb2acc7f7
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6e7cc4a181df02d3c23390e6be814cbbbf815fd7ded0b6cf9a1a29c127f51dc3
7496131a4690cdb91535798ada8dd5192f3c95b2fdee10917d69718e07a8d506
8339038571bf3de667f98759eec0b460b9b0d4ccdb186ccce1aa74e39d5b2fd0
8d47b4a1cc0393424720bded5988a28f4e9146fd265ecb416b79cf0d6ac81f6d
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9f2c381262f1c311667518fad4238aeefe727663166677e02334d48e02509c53
ac0aacd474ba6efdf3d228a165a03efc05d2c4ff9df1ed08c4e38b4be38339fa
af0fdb4822dfe1d66ee5cb1cc5670f5794b3231585d299f48180ac02d7f96dbd
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b182db1057f945fffa546ba81b50550db742f6007c3298d9a2ffc5a8b9472f91
b36877cf6804d31658e450c2f57216868d3b83935ec27a90c4ee30d208c925e4
b3da8f678786d8f197fce68af80ca10b9a6a50f22782a04c455a2dc0c79665e0
b5c312805c377cb83e6825201785febedd2102572cdd3a7bae09ff73bb1aefec
bada09173c4ce53b91446b7bc8eb5ad3ab2bc4508fc4c89b85d7bfa36a1449b9
c874cb9565cc5b1e593d868395551662be3300c013d1cfa3c183a94c020c7396
c886f70fd06ee5bf0b7087f389154f625c98d079d42dc4a1964f5bb1ba3330bd
db2c90a4ba2ff964db7cfc03f36a5bd5a2df7d869d21f787191ebcb484a2879f
e4880503a8cac70fb9e6a2c8f83aa871a920c09c5ae665100a8c8736605bc3ef
e7476b59cc318163716d5dc4058800484af9e960599758f85df9a6ad0057568b
ec311489b2b8fb60238599b92b8e5153d5b9c5934cb2db491fb0f583e039f20f
ed79882676d3253ab99f0896ef08c3958377df4ffe4f89b7a5dc723de49ecd42
f5aacc746c64c9345ca80deabcfd375e1e8a5ce8ddf4e093cdc5863911d4d719
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fadc609f447654fbe00a5ab04186536846e7aea76113fbcf8953a7fe19ab84f1
fd897671a2e278d658b79a4de3c1c4520e0269a37d8d49216bfc4c5090a4ac0e