centrosulturismo.com.br Open in urlscan Pro
191.6.205.41 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://osrodek.vanto.pl//templates/
Effective URL:
https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/
Submission: On September 02 via manual (September 2nd 2020, 12:37:17 am UTC) from CA

Summary HTTP 42 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 12 IPs in 5 countries across 12 domains to perform 42 HTTP transactions. The main IP is 191.6.205.41, located in Brazil and belongs to IPV6 Internet Ltda, BR. The main domain is centrosulturismo.com.br.
TLS certificate: Issued by Let's Encrypt Authority X3 on August 31st 2020. Valid for: 3 months.

This is the only time centrosulturismo.com.br was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Shaw (Telecommunication)

Domain & IP information

	IP Address	AS Autonomous System
1	188.128.140.174 188.128.140.174	12824 (HOMEPL-AS) (HOMEPL-AS)
1	149.210.165.197 149.210.165.197	20857 (TRANSIP-A...) (TRANSIP-AS Amsterdam)
11	191.6.205.41 191.6.205.41	28299 (IPV6 Inte...) (IPV6 Internet Ltda)
7	2a00:1450:400... 2a00:1450:4001:81b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
6	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81b::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:815::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:820::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81a::2001	15169 (GOOGLE) (GOOGLE)
42	12

1 188.128.140.174 (Poland)

ASN12824 (HOMEPL-AS, PL)
PTR: cloudserver113966.home.pl

osrodek.vanto.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 149.210.165.197 (Netherlands)

ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL)
PTR: vpswin3.wexpose.be

topthestory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 191.6.205.41 (Brazil)

ASN28299 (IPV6 Internet Ltda, BR)
PTR: wp7601.kinghost.net

centrosulturismo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:81b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com.eg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

24c5792ec1b05507feff65d786348479.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	centrosulturismo.com.br centrosulturismo.com.br	110 KB
9	googlesyndication.com tpc.googlesyndication.com Failed 24c5792ec1b05507feff65d786348479.safeframe.googlesyndication.com pagead2.googlesyndication.com	13 KB
6	doubleclick.net securepubads.g.doubleclick.net	184 KB
2	ampproject.org cdn.ampproject.org	86 KB
2	google-analytics.com ssl.google-analytics.com www.google-analytics.com Failed	17 KB
2	google.com adservice.google.com	2 KB
1	google.de adservice.google.de	890 B
1	googletagservices.com www.googletagservices.com Failed	19 KB
1	google.com.eg adservice.google.com.eg	890 B
1	topthestory.com topthestory.com	728 B
1	vanto.pl osrodek.vanto.pl	571 B
0	qualtrics.com Failed zn_djzxqpnjgabhfwh-shaw.siteintercept.qualtrics.com Failed
42	12

	Domain	Requested by
11	centrosulturismo.com.br	centrosulturismo.com.br
6	securepubads.g.doubleclick.net	centrosulturismo.com.br www.googletagservices.com securepubads.g.doubleclick.net
5	tpc.googlesyndication.com	centrosulturismo.com.br securepubads.g.doubleclick.net cdn.ampproject.org tpc.googlesyndication.com
3	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
2	cdn.ampproject.org	securepubads.g.doubleclick.net
2	ssl.google-analytics.com	centrosulturismo.com.br
2	adservice.google.com	centrosulturismo.com.br securepubads.g.doubleclick.net
1	24c5792ec1b05507feff65d786348479.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	www.googletagservices.com	centrosulturismo.com.br
1	adservice.google.com.eg	centrosulturismo.com.br
1	topthestory.com
1	osrodek.vanto.pl
0	www.google-analytics.com Failed	centrosulturismo.com.br
0	zn_djzxqpnjgabhfwh-shaw.siteintercept.qualtrics.com Failed	centrosulturismo.com.br
42	15

This site contains links to these domains. Also see Links.

Domain
www.shaw.ca
business.shaw.ca
community.shaw.ca
my.shaw.ca
signon.shaw.ca
register.shaw.ca

Subject Issuer	Validity	Valid
topthestory.com Let's Encrypt Authority X3	`2020-08-01` - `2020-10-30`	3 months	crt.sh
centrosulturismo.com.br Let's Encrypt Authority X3	`2020-08-31` - `2020-11-29`	3 months	crt.sh
*.google.com.eg GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/
Frame ID: 7C421CA1C647C86A9D38E258FFC9BEAC
Requests: 34 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012008242301000/amp4ads-v0.js
Frame ID: 829E34FF880CEDFB7021989E6366B32E
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: FFADA56FB07268DF4B9382D3F46A28AB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://osrodek.vanto.pl//templates/ Page URL
https://topthestory.com/wp-content/plugins/eyufoww/dcjds.php Page URL
https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update... Page URL

Detected technologies

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Page Statistics

42
Requests

86 %
HTTPS

64 %
IPv6

12
Domains

15
Subdomains

12
IPs

5
Countries

434 kB
Transfer

1333 kB
Size

6
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: http://www.shaw.ca/store/
Title: Personal

Search URL Search Domain Scan URL

URL: http://business.shaw.ca/
Title: Business

Search URL Search Domain Scan URL

URL: https://community.shaw.ca/
Title: Support

Search URL Search Domain Scan URL

URL: https://my.shaw.ca/
Title: My Shaw

Search URL Search Domain Scan URL

URL: https://www.shaw.ca/contact-us/retail/
Title: Find a store

Search URL Search Domain Scan URL

URL: https://signon.shaw.ca/?application=manage&goto=https://my.shaw.ca/Internet#email-settings-tile
Title: visit the Internet section in My Shaw

Search URL Search Domain Scan URL

URL: https://register.shaw.ca/
Title: Don't have an account? Create one now.

Search URL Search Domain Scan URL

URL: http://www.shaw.ca/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://www.shaw.ca/terms-of-use/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: http://www.shaw.ca/accessibility/
Title: Accessibility

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://osrodek.vanto.pl//templates/ Page URL
https://topthestory.com/wp-content/plugins/eyufoww/dcjds.php Page URL
https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

42 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
osrodek.vanto.pl//templates/ 477 B
571 B 151ms
126ms Document
text/html 188.128.140.174
HOMEPL-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://osrodek.vanto.pl//templates/
Protocol: HTTP/1.1
Server: 188.128.140.174 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS: cloudserver113966.home.pl
Software: IdeaWebServer/0.83.459 /
Resource Hash: 2651c7a2662163049d6f0dc8905f61a0176bad36d734278481e389b301e1079c

Request headers

Host: osrodek.vanto.pl
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 02 Sep 2020 00:36:59 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: IdeaWebServer/0.83.459
Content-Encoding: gzip

GET
H/1.1 200
OK dcjds.php Show response
topthestory.com/wp-content/plugins/eyufoww/ 531 B
728 B 111ms
22ms Document
text/html 149.210.165.197
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://topthestory.com/wp-content/plugins/eyufoww/dcjds.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 149.210.165.197 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: vpswin3.wexpose.be
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 9fe1ecbc52e21d5ab2a3a7640d24eb67006b258dd684b5449c140a4699e0c872

Request headers

Host: topthestory.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: http://osrodek.vanto.pl//templates/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://osrodek.vanto.pl//templates/

Response headers

Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Wed, 02 Sep 2020 00:37:00 GMT
Content-Length: 531

GET
H2 200 Primary Request / Show response
centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/ 19 KB
6 KB 923ms
216ms Document
text/html 191.6.205.41
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to

Full URL

https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

191.6.205.41 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),

Reverse DNS

wp7601.kinghost.net

Software

nginx/1.14.0 /

Resource Hash

559ee5e3428563ea15e4eb0d6dd27632c7f18be5f576e27eb0d7e614d0faa3ad

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: centrosulturismo.com.br
:scheme: https
:path: /wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://topthestory.com/wp-content/plugins/eyufoww/dcjds.php
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://topthestory.com/wp-content/plugins/eyufoww/dcjds.php

Response headers

status: 200
server: nginx/1.14.0
date: Wed, 02 Sep 2020 00:37:00 GMT
content-type: text/html
content-length: 5479
last-modified: Tue, 01 Sep 2020 19:17:26 GMT
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 3249
x-cache: HIT
x-cache-hits: 12
x-frame-options: SAMEORIGIN
accept-ranges: bytes

GET
H2 200 integrator.js Show response
adservice.google.com.eg/adsid/ 109 B
890 B 64ms
15ms Script
application/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.eg/adsid/integrator.js?domain=localhost

Requested by

Host: centrosulturismo.com.br
URL: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Sep 2020 00:37:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
890 B 37ms
15ms Script
application/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=localhost

Requested by

Host: centrosulturismo.com.br
URL: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Sep 2020 00:37:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 combine_signon_136.css
centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/css/ 160 KB
27 KB 222ms
221ms Stylesheet
text/css 191.6.205.41
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to

Full URL

https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/css/combine_signon_136.css

Requested by

Host: centrosulturismo.com.br
URL: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

191.6.205.41 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),

Reverse DNS

wp7601.kinghost.net

Software

nginx/1.14.0 /

Resource Hash

5ac0d1a87ad5eccf2f71c70cad9a38a11e498cc395f2205d45dd7a4524c6582d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Sep 2020 00:37:01 GMT
content-encoding: gzip
x-cacheable: YES
age: 19162
x-cache: HIT
status: 200
x-cache-hits: 76
content-length: 27574
pragma: public
last-modified: Tue, 01 Sep 2020 19:17:26 GMT
server: nginx/1.14.0
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, max-age=31536000, public
accept-ranges: bytes
expires: Wed, 01 Sep 2021 19:17:38 GMT

GET
H2 200 pubads_impl_rendering_2019013101.js Show response
securepubads.g.doubleclick.net/gpt/ 63 KB
24 KB 120ms
70ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019013101.js?21063143

Requested by

Host: centrosulturismo.com.br
URL: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

sffe /

Resource Hash

4893b6ab6f829846b2d16d9b09bbcf9422f3719610bd61d2d4682a9115fb9ce1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Sep 2020 00:37:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 04 Feb 2019 20:17:33 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23918
x-xss-protection: 0
expires: Wed, 02 Sep 2020 00:37:01 GMT

GET
H3-Q050 200 pubads_impl_2019013101.js Show response
securepubads.g.doubleclick.net/gpt/ 181 KB
62 KB 162ms
131ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019013101.js?21063143

Requested by

Host: centrosulturismo.com.br
URL: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

sffe /

Resource Hash

4d9867046e990bd68ab027d5e92df3e32e5d72a09ec3ad0a791ddb8130d0017f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Sep 2020 00:37:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 04 Feb 2019 20:17:33 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63420
x-xss-protection: 0
expires: Wed, 02 Sep 2020 00:37:01 GMT

GET
H2 200 webmail-desktop.png
centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/images/ 5 KB
5 KB 221ms
218ms Image
image/png 191.6.205.41
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/images/webmail-desktop.png

Requested by

Host: centrosulturismo.com.br
URL: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

191.6.205.41 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),

Reverse DNS

wp7601.kinghost.net

Software

nginx/1.14.0 /

Resource Hash

27c361265ec07215bcd0373d146e385e13bc62d35cda4f1310faad6dee9eb7b2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Wed, 02 Sep 2020 00:37:01 GMT
last-modified: Tue, 01 Sep 2020 19:17:26 GMT
server: nginx/1.14.0
age: 19162
x-cacheable: YES
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/png
status: 200
expires: Wed, 01 Sep 2021 19:17:39 GMT
cache-control: max-age=31536000, max-age=31536000, public
accept-ranges: bytes
content-length: 4657
x-cache-hits: 79

GET
H2 200 error_button.png
centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/images/ 185 B
460 B 221ms
219ms Image
image/png 191.6.205.41
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/images/error_button.png

Requested by

Host: centrosulturismo.com.br
URL: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

191.6.205.41 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),

Reverse DNS

wp7601.kinghost.net

Software

nginx/1.14.0 /

Resource Hash

3de0670375c8a9763362d95d2863c6e1e0360fa3f900c4e9b4b1a10194e3fe89

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Wed, 02 Sep 2020 00:37:01 GMT
last-modified: Tue, 01 Sep 2020 19:17:26 GMT
server: nginx/1.14.0
age: 19162
x-cacheable: YES
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/png
status: 200
expires: Wed, 01 Sep 2021 19:17:39 GMT
cache-control: max-age=31536000, max-age=31536000, public
accept-ranges: bytes
content-length: 185
x-cache-hits: 79

GET
H2 200 helpIcon.png
centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/images/icons/ 1 KB
2 KB 222ms
220ms Image
image/png 191.6.205.41
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/images/icons/helpIcon.png

Requested by

Host: centrosulturismo.com.br
URL: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

191.6.205.41 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),

Reverse DNS

wp7601.kinghost.net

Software

nginx/1.14.0 /

Resource Hash

4a57782e3a025dd4aef0918ddab21ffa7dc69777710836bd1f185ac77a468b37

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Wed, 02 Sep 2020 00:37:01 GMT
last-modified: Tue, 01 Sep 2020 19:17:26 GMT
server: nginx/1.14.0
age: 19162
x-cacheable: YES
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/png
status: 200
expires: Wed, 01 Sep 2021 19:17:39 GMT
cache-control: max-age=31536000, max-age=31536000, public
accept-ranges: bytes
content-length: 1427
x-cache-hits: 79

GET
H2 200 modal-close.png
centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/images/ 1 KB
2 KB 221ms
219ms Image
image/png 191.6.205.41
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/images/modal-close.png

Requested by

Host: centrosulturismo.com.br
URL: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

191.6.205.41 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),

Reverse DNS

wp7601.kinghost.net

Software

nginx/1.14.0 /

Resource Hash

30b07af0c79b6241e9cd0ac1b56006cefb70b6204d9a1eb98a61b7b73e3fb7a5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Wed, 02 Sep 2020 00:37:01 GMT
last-modified: Tue, 01 Sep 2020 19:17:26 GMT
server: nginx/1.14.0
age: 19162
x-cacheable: YES
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/png
status: 200
expires: Wed, 01 Sep 2021 19:17:39 GMT
cache-control: max-age=31536000, max-age=31536000, public
accept-ranges: bytes
content-length: 1340
x-cache-hits: 79

GET
H2 200 jquery.min.js Show response
centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/js/ 93 KB
33 KB 286ms
286ms Script
application/javascript 191.6.205.41
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to

Full URL

https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/js/jquery.min.js

Requested by

Host: centrosulturismo.com.br
URL: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

191.6.205.41 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),

Reverse DNS

wp7601.kinghost.net

Software

nginx/1.14.0 /

Resource Hash

0fb170f24675c84f8228ad6b61d69bf6705030949cc2fec316b3a006eab282f8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Sep 2020 00:37:01 GMT
content-encoding: gzip
x-cacheable: YES
age: 19162
x-cache: HIT
status: 200
x-cache-hits: 76
content-length: 33665
pragma: public
last-modified: Tue, 01 Sep 2020 19:17:26 GMT
server: nginx/1.14.0
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, max-age=31536000, public
accept-ranges: bytes
expires: Wed, 01 Sep 2021 19:17:38 GMT

GET
H2 200 combine_signon_136.js Show response
centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/js/ 97 KB
28 KB 218ms
218ms Script
application/javascript 191.6.205.41
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to

Full URL

https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/js/combine_signon_136.js

Requested by

Host: centrosulturismo.com.br
URL: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

191.6.205.41 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),

Reverse DNS

wp7601.kinghost.net

Software

nginx/1.14.0 /

Resource Hash

e0ad5458dbc7bf04431ba5aa06bbc9d2dcb984c22c419c4605a458c3e0c9db8b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Sep 2020 00:37:01 GMT
content-encoding: gzip
x-cacheable: YES
age: 19162
x-cache: HIT
status: 200
x-cache-hits: 76
content-length: 28758
pragma: public
last-modified: Tue, 01 Sep 2020 19:17:26 GMT
server: nginx/1.14.0
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, max-age=31536000, public
accept-ranges: bytes
expires: Wed, 01 Sep 2021 19:17:39 GMT

GET
H2 200 login-form.shaw.js Show response
centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/js/ 5 KB
5 KB 221ms
217ms Script
application/javascript 191.6.205.41
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to

Full URL

https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/js/login-form.shaw.js

Requested by

Host: centrosulturismo.com.br
URL: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

191.6.205.41 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),

Reverse DNS

wp7601.kinghost.net

Software

nginx/1.14.0 /

Resource Hash

90431299afc79f2f07c5bbbc64d9d9c6b3e0613db138e0e1675a5a400e3d3e2e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Wed, 02 Sep 2020 00:37:01 GMT
vary: Accept-Encoding
last-modified: Tue, 01 Sep 2020 19:17:26 GMT
server: nginx/1.14.0
age: 0
x-frame-options: SAMEORIGIN
x-cache: MISS
content-type: application/javascript
status: 200
cache-control: max-age=31536000, max-age=31536000, public
accept-ranges: bytes
content-length: 5102
expires: Thu, 02 Sep 2021 00:37:01 GMT

GET
H2 200 jquery.cookie.js Show response
centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/js/ 2 KB
1 KB 222ms
217ms Script
application/javascript 191.6.205.41
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to

Full URL

https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/js/jquery.cookie.js

Requested by

Host: centrosulturismo.com.br
URL: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

191.6.205.41 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),

Reverse DNS

wp7601.kinghost.net

Software

nginx/1.14.0 /

Resource Hash

b3ac405c96e1194eb6ab54b6676028c7380716aa5212a26f1572a845808abd5e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Sep 2020 00:37:01 GMT
content-encoding: gzip
x-cacheable: YES
age: 19162
x-cache: HIT
status: 200
x-cache-hits: 76
content-length: 849
pragma: public
last-modified: Tue, 01 Sep 2020 19:17:26 GMT
server: nginx/1.14.0
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, max-age=31536000, public
accept-ranges: bytes
expires: Wed, 01 Sep 2021 19:17:39 GMT

GET
H2 200 jquery.base64.min.js Show response
centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/js/ 2 KB
1023 B 222ms
218ms Script
application/javascript 191.6.205.41
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to

Full URL

https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/js/jquery.base64.min.js

Requested by

Host: centrosulturismo.com.br
URL: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

191.6.205.41 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),

Reverse DNS

wp7601.kinghost.net

Software

nginx/1.14.0 /

Resource Hash

49416531519583e597dccc3856da2fa093b5e739baf9fda442b7047309e7f51c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Sep 2020 00:37:01 GMT
content-encoding: gzip
x-cacheable: YES
age: 19162
x-cache: HIT
status: 200
x-cache-hits: 76
content-length: 704
pragma: public
last-modified: Tue, 01 Sep 2020 19:17:26 GMT
server: nginx/1.14.0
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, max-age=31536000, public
accept-ranges: bytes
expires: Wed, 01 Sep 2021 19:17:39 GMT

GET /
zn_djzxqpnjgabhfwh-shaw.siteintercept.qualtrics.com/SIE/ 0
0

GET gpt.js
www.googletagservices.com/tag/js/ 0
0

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 54 KB
19 KB 36ms
14ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: centrosulturismo.com.br
URL: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f8b791b4a32ede3fd1b0c3842a0124836f218b66b26e32f3b6e377db91fb119

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Sep 2020 00:37:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "620 / 136 of 1000 / last-modified: 1598998361"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 18708
x-xss-protection: 0
expires: Wed, 02 Sep 2020 00:37:01 GMT

GET container.html
tpc.googlesyndication.com/safeframe/1-0-32/html/ 0
0

GET
H3-Q050 200 pubads_impl_2020082701.js Show response
securepubads.g.doubleclick.net/gpt/ 262 KB
92 KB 56ms
56ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020082701.js?21067354

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

sffe /

Resource Hash

c0159d71bfd21f50878f12b283950402c6364354bcd559af9accc22191dddb5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Sep 2020 00:37:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 27 Aug 2020 08:39:44 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93876
x-xss-protection: 0
expires: Wed, 02 Sep 2020 00:37:01 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
890 B 36ms
15ms Script
application/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=centrosulturismo.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020082701.js?21067354

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Sep 2020 00:37:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
868 B 38ms
22ms Script
application/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=centrosulturismo.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020082701.js?21067354

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Sep 2020 00:37:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 18 KB
6 KB 64ms
64ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1513852076887598&correlator=1179226993255250&output=ldjh&impl=fifs&eid=21066465%2C21067354%2C21067126%2C21067223%2C21067282%2C21066532%2C21066705&vrg=2020082701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200902&iu_parts=6872%2Cwebmail.shaw.ca&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1598987846&dt=1599007021665&dlt=1599007021039&idt=607&frm=20&biw=1600&bih=1200&oid=3&adxs=879&adys=184&adks=3847475914&ucis=1&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcentrosulturismo.com.br%2Fwp-content%2Fplugins%2Fgoogle-analytics-for-wordpress%2Fassets%2Fcss%2Fimages%2F3%2FUpdate%2FShaw%2F&ref=https%3A%2F%2Ftopthestory.com%2Fwp-content%2Fplugins%2Feyufoww%2Fdcjds.php&dssz=13&icsg=2796207&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=383x400&msz=310x250&ga_vid=179083991.1599007022&ga_sid=1599007022&ga_hid=1073069615&fws=4&ohw=850

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020082701.js?21067354

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

b23ec7b6de850cbdac7fdbb4899e67313e32a24682ee79559120fb80d86db2e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Sep 2020 00:37:01 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5170
x-xss-protection: 0
google-lineitem-id: 4661220659
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138232163289
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://centrosulturismo.com.br
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
24c5792ec1b05507feff65d786348479.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 53ms
15ms Other
text/html 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://24c5792ec1b05507feff65d786348479.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020082701.js?21067354
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 28ms
6ms Other
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020082701.js?21067354
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:815::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: centrosulturismo.com.br
URL: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 19 Aug 2020 20:46:40 GMT
server: Golfe2
age: 789
date: Wed, 02 Sep 2020 00:23:52 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Wed, 02 Sep 2020 02:23:52 GMT

GET ga.js
www.google-analytics.com/ 0
0

GET
H3-Q050 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
386 B 35ms
20ms Image
image/gif 2a00:1450:4001:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=825219281&utmhn=centrosulturismo.com.br&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Sign%20in%20%C2%B7%20Shaw&utmhid=1073069615&utmr=https%3A%2F%2Ftopthestory.com%2Fwp-content%2Fplugins%2Feyufoww%2Fdcjds.php&utmp=%2Fwp-content%2Fplugins%2Fgoogle-analytics-for-wordpress%2Fassets%2Fcss%2Fimages%2F3%2FUpdate%2FShaw%2F&utmht=1599007021741&utmac=UA-6191386-23&utmcc=__utma%3D260021784.179083991.1599007022.1599007022.1599007022.1%3B%2B__utmz%3D260021784.1599007022.1.1.utmcsr%3Dtopthestory.com%7Cutmccn%3D(referral)%7Cutmcmd%3Dreferral%7Cutmcct%3D%2Fwp-content%2Fplugins%2Feyufoww%2Fdcjds.php%3B&utmjid=1738642283&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAQAAAAE~

Requested by

Host: centrosulturismo.com.br
URL: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Sep 2020 00:37:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012008242301000/ Frame 829E 206 KB
56 KB 31ms
12ms Script
text/javascript 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012008242301000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020082701.js?21067354

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b08c92f2985a2cf85e942b566af89d0738cb22e14d0db5ddbefd6c4034a169e8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 12463
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57291
x-xss-protection: 0
server: sffe
date: Tue, 01 Sep 2020 21:09:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fe153f75f3748e81"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Sep 2021 21:09:18 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012008242301000/v0/ Frame 829E 95 KB
29 KB 25ms
6ms Script
text/javascript 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012008242301000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020082701.js?21067354

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0b8d5f925cb1ad83c665488cf3d59c2b4acf9f0ec9f277db2441ca69d3900b0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 14102
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29201
x-xss-protection: 0
server: sffe
date: Tue, 01 Sep 2020 20:41:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "64b4eb13675b1bd5"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Sep 2021 20:41:59 GMT

GET
DATA 200
OK truncated
/ Frame 829E 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: efc77bed4d63febfff5079ca454ec9b1d82c270cf5d39d95fbd3b5121a9d3873

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 11885643988731137303
tpc.googlesyndication.com/simgad/ Frame 829E 119 B
516 B 28ms
14ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11885643988731137303

Requested by

Host: centrosulturismo.com.br
URL: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

603506996b902b8797cbc1dc4bf350440caad5c59feb97c39344fd7648403b5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 31 Aug 2020 10:24:06 GMT
x-content-type-options: nosniff
age: 137575
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119
x-xss-protection: 0
last-modified: Wed, 02 May 2018 13:19:50 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Aug 2021 10:24:06 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 829E 0
256 B 58ms
58ms Image
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssjzJddfRtqjvAM_UT30SVAL2OVYgvA5M2I8gdTc8uUwqKa1aIETJagRFd87-aq97ecpbH86zwilghWy9biOJQq3BjQGj-kFzqJ32-sP8M2dGNUF-zYK8-2mE1fyUfuAnPV32aXTnz4ucfVy3Iut-1hGq2LP-2wxOi8qE30vhsOL-AYIHZAdYeexVZLgNmUXYYrdwLl8qwsFQ1g7AkPtmb9ZCDqrl7RmH6w_bMvdt9nPVxHGl14VHFSgnWaCvoFSRw53TQY-D27pgu4rA&sai=AMfl-YRaFzotZYtcSaUw7zG0nIyK3blWvaqozmyTTcDtrT1fhnL2ADTPfr3OWNfRD6nm6BB7XLhgr_ntqC9MEiq2o8JOT7m0pCUUltaet9fZrB1hNxTNqOp25AtkE9d4Wz-y&sig=Cg0ArKJSzDgGIplEZvJ5EAE&adurl=

Requested by

Host: centrosulturismo.com.br
URL: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Sep 2020 00:37:01 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 02 Sep 2020 00:37:01 GMT

GET /
zn_djzxqpnjgabhfwh-shaw.siteintercept.qualtrics.com/SIE/ 0
0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 38ms
18ms XHR
application/json 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020082701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020082701.js?21067354

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d388f08cc57892cca50b75a99c6d5336c1570b445fa5807d335b7e15131f5ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Sep 2020 00:37:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6110
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
6 KB 71ms
70ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020082701.js?21067354

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Sep 2020 00:37:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Wed, 02 Sep 2020 00:37:01 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 829E 0
21 B 59ms
58ms Image
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstqS_fYncD-g87rA8PUmGpi3aeQ6Voe9-l5fb0bB7Ni4HtLCoouSD6BeUHYICWFphNMGB2lwWrKHrvSNYQAdKwch5xXSXPgp44beOLHZHm6jFsajjVpM-oUqmYL65HjsCTJ35p7Yk58wUfB1qtjh1nuylkhBuqFXj0D0F978aJnIx5UffE4p01IpgLiQChf0ghbrkYrY2ATtd2Bm6YiD17c8P5DpzdFLIwAmH-3vyLaHMHaf3c08Q90AqqKWq9A4_w_dDAeyycQy5L8R6OK&sai=AMfl-YTWmoDf3hfTrZcjFkVe7-nMbROj1tPP1WbAJoUlE_-80noikd7MeIhD4vViMjmeZdf1GmaWS3Ro8S47jRvYh5jicoPNJaYmPJHULSbUU7R3TQDsjDIjrVtzLfL6mb4R&sig=Cg0ArKJSzAF_4aymkJs7EAE&adurl=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Sep 2020 00:37:01 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 11885643988731137303
tpc.googlesyndication.com/simgad/ Frame 829E 119 B
144 B 6ms
6ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11885643988731137303

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012008242301000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

603506996b902b8797cbc1dc4bf350440caad5c59feb97c39344fd7648403b5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 31 Aug 2020 10:24:06 GMT
x-content-type-options: nosniff
age: 137575
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119
x-xss-protection: 0
last-modified: Wed, 02 May 2018 13:19:50 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Aug 2021 10:24:06 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame FFAD 0
0 6ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Tue, 01 Sep 2020 23:20:27 GMT
expires: Wed, 01 Sep 2021 23:20:27 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4594
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
223 B 41ms
40ms Image
image/gif 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gpt_2020082701&jk=1513852076887598&bg=!r6ylrLRYL80TJFm49bYCAAAASFIAAAAMCgGzGnPJZcQWNE9pq-MrYwLxpj15jOPHNtZalMTR3fxGUZ8Y9nXwES-5ShcNTxqTJlejV3oaNLJn5t9cX8fnWfJ5NJLuGoMYGMxLcPRyMbYKFg7NkiV7uAsPd6Iwamma0CBf819KTwpmpdz7Dh_73WmEYP2n9_Lb2-L3GNgdgn4Cqqi_FuJoRPREOwXGASyN4TvD9OI9dr2F2q3SyFN-0AK682bngNVGyssFY79CeS5tEbbKUkO9duTXTeWCiSHZ4LN29Y5kTBe1h7SEgnumqJ-cxK7NmUtcZTjFOHBzCSusmsiHj2WD8YKBel1wOH6HZbrFjrPUWJbPYkSwaoez4-63F1KGBr_z1fJZLjsjxFSJ70uPwTQagGyy50RJGnZHtGVGf19MrowaQXZgWQvRoSkjSZdN6ztVAfNMHjYuEpswYkhF2MLFjlqcioBBrINhVRDnHNfGmg_gtzKO-0JGiq2q_vIa-bFUEoYlf8tYrJnULskWXUMHqETYoPGceDUwhGQMMTANlLUWUg4yMUmzc6_z9o5GZgQ3VYrFJJPFr0DQcmT92sLofK1ldivbggLiLKGm49YXmQGukACi5GqMrcJ2sdZ3YcTXm-lyGBwESq4LA0wSttpDLvWV8xj82gknw4TmmP8fpzMCbcM7rufN0Yg41lXgUe0HlFvMQMO_RXyhV7C-72MDuPJHsNLzbcexQ2A7TmlvHT_fXaVi5zahVB9B4fd3XlrLXGDDTd5IkLOTyrsehi11t4ZjYUwyxr5vB_FsAz4eYdnCRPj8h-ROtIASen_o77hhfVl-MiUoBGA8Wuav-RexVP6hQEFUQaALSJ9QBJYI32Lt3-tGqiJiOKVBrQ4IDHWtw8hLl1vjTVu6qPtFL8kDmzHhvUO42c9eGnjORwOlTQlHi5FJ-ZP6lSUDSzeWxAA75POiaES_HHbIuYQzcotC3r3iAhpCxqLR3hg8toV1Zfg-UOraqAWROjgF40zUoU7ByfPC_PhpzydXYbBaUgz_3uv9Y_maAPdrp37rYycTjQ2ZTKorshpZobujlmLy0m99_Q7hTa9JBDIj-ZizZdlpZvtwWKyuKsP_nnd-dZjIsiguXG3bkMSFrNAXi-j8pVfjGc-044oPZFaT3xjbM-_O5sWPjBPn2WMO3G-1YygqCw

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Sep 2020 00:37:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 829E 42 B
70 B 39ms
39ms Image
image/gif 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss4A0sIOetfkT4_Wx8jWnQKGXatKlOv8-E61CpqtStGTgSy9xUrYOPChKxq1SFffA7Fk1nevjKnIPCAufwL3_ZcBHl_n6jt7441TEtDh90&sig=Cg0ArKJSzGe40-V2HE4GEAE&id=ampim&o=879,203&d=1,1&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=89&tls=1089&g=100&h=100&tt=1089&r=v&avms=ampa&adk=3847475914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Sep 2020 00:37:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: zn_djzxqpnjgabhfwh-shaw.siteintercept.qualtrics.com
URL: https://zn_djzxqpnjgabhfwh-shaw.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_djzxQPnJgAbhfwh&Q_LOC=http%3A%2F%2Flocalhost%2Ftest%2F&t=1549684120333

Domain: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Domain: tpc.googlesyndication.com
URL: http://tpc.googlesyndication.com/safeframe/1-0-32/html/container.html

Domain: www.google-analytics.com
URL: http://www.google-analytics.com/ga.js

Domain: zn_djzxqpnjgabhfwh-shaw.siteintercept.qualtrics.com
URL: https://zn_djzxqpnjgabhfwh-shaw.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_djzxQPnJgAbhfwh&Q_LOC=https%3A%2F%2Fcentrosulturismo.com.br%2Fwp-content%2Fplugins%2Fgoogle-analytics-for-wordpress%2Fassets%2Fcss%2Fimages%2F3%2FUpdate%2FShaw%2F&t=1599007021841

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Shaw (Telecommunication)

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.centrosulturismo.com.br/	1970-01-20 05:41:19	Name: __gads Value: ID=ca7c7842551de621-22181ee6c3b600e5:T=1599007021:S=ALNI_MYaXjxA7rMMhdgbBkGDldjv1BlVgg
.centrosulturismo.com.br/	1970-01-19 16:32:55	Name: __utmz Value: 260021784.1599007022.1.1.utmcsr=topthestory.com\|utmccn=(referral)\|utmcmd=referral\|utmcct=/wp-content/plugins/eyufoww/dcjds.php
.centrosulturismo.com.br/	1970-01-19 12:10:08	Name: __utmb Value: 260021784.1.10.1599007022
.centrosulturismo.com.br/	1970-01-19 12:10:07	Name: __utmt Value: 1
.centrosulturismo.com.br/	1970-01-20 05:41:19	Name: __utma Value: 260021784.179083991.1599007022.1599007022.1599007022.1
.centrosulturismo.com.br/	1969-12-31 23:59:59	Name: __utmc Value: 260021784

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://cdn.ampproject.org/rtv/012008242301000/amp4ads-v0.js(Line 420) Message: Powered by AMP ⚡ HTML – Version 2008242301000 https://centrosulturismo.com.br/wp-content/plugins/google-analytics-for-wordpress/assets/css/images/3/Update/Shaw/
console-api	warning	URL: https://cdn.ampproject.org/rtv/012008242301000/amp4ads-v0.js(Line 21) Message: [amp-analytics/transport] Response unparseable or failed to send image request https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstqS_fYncD-g87rA8PUmGpi3aeQ6Voe9-l5fb0bB7Ni4HtLCoouSD6BeUHYICWFphNMGB2lwWrKHrvSNYQAdKwch5xXSXPgp44beOLHZHm6jFsajjVpM-oUqmYL65HjsCTJ35p7Yk58wUfB1qtjh1nuylkhBuqFXj0D0F978aJnIx5UffE4p01IpgLiQChf0ghbrkYrY2ATtd2Bm6YiD17c8P5DpzdFLIwAmH-3vyLaHMHaf3c08Q90AqqKWq9A4_w_dDAeyycQy5L8R6OK&sai=AMfl-YTWmoDf3hfTrZcjFkVe7-nMbROj1tPP1WbAJoUlE_-80noikd7MeIhD4vViMjmeZdf1GmaWS3Ro8S47jRvYh5jicoPNJaYmPJHULSbUU7R3TQDsjDIjrVtzLfL6mb4R&sig=Cg0ArKJSzAF_4aymkJs7EAE&adurl=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

24c5792ec1b05507feff65d786348479.safeframe.googlesyndication.com
adservice.google.com
adservice.google.com.eg
adservice.google.de
cdn.ampproject.org
centrosulturismo.com.br
osrodek.vanto.pl
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
ssl.google-analytics.com
topthestory.com
tpc.googlesyndication.com
www.google-analytics.com
www.googletagservices.com
zn_djzxqpnjgabhfwh-shaw.siteintercept.qualtrics.com
tpc.googlesyndication.com
www.google-analytics.com
www.googletagservices.com
zn_djzxqpnjgabhfwh-shaw.siteintercept.qualtrics.com
149.210.165.197
172.217.23.98
188.128.140.174
191.6.205.41
2a00:1450:4001:809::2001
2a00:1450:4001:815::2008
2a00:1450:4001:81a::2001
2a00:1450:4001:81b::2001
2a00:1450:4001:81b::2002
2a00:1450:4001:81c::2002
2a00:1450:4001:820::2008
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
0fb170f24675c84f8228ad6b61d69bf6705030949cc2fec316b3a006eab282f8
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
2651c7a2662163049d6f0dc8905f61a0176bad36d734278481e389b301e1079c
27c361265ec07215bcd0373d146e385e13bc62d35cda4f1310faad6dee9eb7b2
30b07af0c79b6241e9cd0ac1b56006cefb70b6204d9a1eb98a61b7b73e3fb7a5
3de0670375c8a9763362d95d2863c6e1e0360fa3f900c4e9b4b1a10194e3fe89
4893b6ab6f829846b2d16d9b09bbcf9422f3719610bd61d2d4682a9115fb9ce1
49416531519583e597dccc3856da2fa093b5e739baf9fda442b7047309e7f51c
4a57782e3a025dd4aef0918ddab21ffa7dc69777710836bd1f185ac77a468b37
4d388f08cc57892cca50b75a99c6d5336c1570b445fa5807d335b7e15131f5ed
4d9867046e990bd68ab027d5e92df3e32e5d72a09ec3ad0a791ddb8130d0017f
559ee5e3428563ea15e4eb0d6dd27632c7f18be5f576e27eb0d7e614d0faa3ad
5ac0d1a87ad5eccf2f71c70cad9a38a11e498cc395f2205d45dd7a4524c6582d
603506996b902b8797cbc1dc4bf350440caad5c59feb97c39344fd7648403b5d
7f8b791b4a32ede3fd1b0c3842a0124836f218b66b26e32f3b6e377db91fb119
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
90431299afc79f2f07c5bbbc64d9d9c6b3e0613db138e0e1675a5a400e3d3e2e
9fe1ecbc52e21d5ab2a3a7640d24eb67006b258dd684b5449c140a4699e0c872
a0b8d5f925cb1ad83c665488cf3d59c2b4acf9f0ec9f277db2441ca69d3900b0
b08c92f2985a2cf85e942b566af89d0738cb22e14d0db5ddbefd6c4034a169e8
b23ec7b6de850cbdac7fdbb4899e67313e32a24682ee79559120fb80d86db2e5
b3ac405c96e1194eb6ab54b6676028c7380716aa5212a26f1572a845808abd5e
c0159d71bfd21f50878f12b283950402c6364354bcd559af9accc22191dddb5b
e0ad5458dbc7bf04431ba5aa06bbc9d2dcb984c22c419c4605a458c3e0c9db8b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc77bed4d63febfff5079ca454ec9b1d82c270cf5d39d95fbd3b5121a9d3873

centrosulturismo.com.br Open in urlscan Pro 191.6.205.41 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

42 Requests

86 %HTTPS

64 %IPv6

12 Domains

15 Subdomains

12 IPs

5 Countries

434 kBTransfer

1333 kBSize

6 Cookies

10 Outgoing links

Page URL History

Redirected requests

42 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

centrosulturismo.com.br Open in urlscan Pro
191.6.205.41 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

42
Requests

86 %
HTTPS

64 %
IPv6

12
Domains

15
Subdomains

12
IPs

5
Countries

434 kB
Transfer

1333 kB
Size

6
Cookies

42 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!